Resubmissions

05/05/2023, 12:47 UTC

230505-pz63waaf24 7

04/05/2023, 21:52 UTC

230504-1q4f6sfd43 8

04/05/2023, 20:56 UTC

230504-zrfwtsha3v 7

04/05/2023, 20:51 UTC

230504-znmvzagh9t 7

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/05/2023, 20:56 UTC

General

  • Target

    MEMZ.exe

  • Size

    16KB

  • MD5

    1d5ad9c8d3fee874d0feb8bfac220a11

  • SHA1

    ca6d3f7e6c784155f664a9179ca64e4034df9595

  • SHA256

    3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff

  • SHA512

    c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

  • SSDEEP

    192:M2WgyvSW8gRc6olcIEiwqZKBkDFR43xWTM3LHf26gFrcx3sNq:JWgnSmFlcIqq3agmLH+6gF23sN

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Drops file in Program Files directory 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 5 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
    "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1320
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1808
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:4664
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:3288
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:4836
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /main
      2⤵
      • Checks computer location settings
      • Writes to the Master Boot Record (MBR)
      • Suspicious use of WriteProcessMemory
      PID:3436
      • C:\Windows\SysWOW64\notepad.exe
        "C:\Windows\System32\notepad.exe" \note.txt
        3⤵
        • Suspicious use of FindShellTrayWindow
        PID:4120
      • C:\Windows\SysWOW64\mspaint.exe
        "C:\Windows\System32\mspaint.exe"
        3⤵
        • Drops file in Windows directory
        • Suspicious use of SetWindowsHookEx
        PID:5472
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
        3⤵
        • Enumerates system info in registry
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of FindShellTrayWindow
        PID:4924
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec1c446f8,0x7ffec1c44708,0x7ffec1c44718
          4⤵
            PID:5260
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            4⤵
              PID:2812
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
              4⤵
                PID:5816
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
                4⤵
                  PID:4144
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
                  4⤵
                    PID:5596
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
                    4⤵
                      PID:4244
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
                      4⤵
                        PID:5964
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
                        4⤵
                          PID:1768
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 /prefetch:8
                          4⤵
                            PID:4400
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 /prefetch:8
                            4⤵
                              PID:4052
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
                              4⤵
                                PID:4452
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
                                4⤵
                                  PID:4296
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
                                  4⤵
                                    PID:5248
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
                                    4⤵
                                      PID:5372
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
                                      4⤵
                                        PID:5788
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                                        4⤵
                                          PID:5912
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2064 /prefetch:1
                                          4⤵
                                            PID:4964
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1136 /prefetch:1
                                            4⤵
                                              PID:3344
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2232 /prefetch:1
                                              4⤵
                                                PID:3272
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14618141520999212077,1227730797929032786,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
                                                4⤵
                                                  PID:4704
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download
                                                3⤵
                                                  PID:4004
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec1c446f8,0x7ffec1c44708,0x7ffec1c44718
                                                    4⤵
                                                      PID:1140
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
                                                    3⤵
                                                      PID:3460
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec1c446f8,0x7ffec1c44708,0x7ffec1c44718
                                                        4⤵
                                                          PID:6132
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
                                                        3⤵
                                                          PID:228
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ConfirmSave.svg
                                                      1⤵
                                                      • Enumerates system info in registry
                                                      • Modifies registry class
                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                      • Suspicious use of FindShellTrayWindow
                                                      • Suspicious use of WriteProcessMemory
                                                      PID:3184
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffec1c446f8,0x7ffec1c44708,0x7ffec1c44718
                                                        2⤵
                                                          PID:1404
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
                                                          2⤵
                                                            PID:1544
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
                                                            2⤵
                                                              PID:2100
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
                                                              2⤵
                                                                PID:676
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
                                                                2⤵
                                                                  PID:1940
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                                                                  2⤵
                                                                    PID:376
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
                                                                    2⤵
                                                                      PID:3324
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
                                                                      2⤵
                                                                      • Drops file in Program Files directory
                                                                      PID:1712
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ff6c3285460,0x7ff6c3285470,0x7ff6c3285480
                                                                        3⤵
                                                                          PID:1392
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
                                                                        2⤵
                                                                          PID:3084
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
                                                                          2⤵
                                                                            PID:4356
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
                                                                            2⤵
                                                                              PID:1976
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                                                                              2⤵
                                                                                PID:5160
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,8843054713494671828,1326033993166683416,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
                                                                                2⤵
                                                                                  PID:5152
                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                1⤵
                                                                                  PID:3392
                                                                                • C:\Windows\system32\svchost.exe
                                                                                  C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
                                                                                  1⤵
                                                                                    PID:5968
                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                    1⤵
                                                                                      PID:5788
                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                      1⤵
                                                                                        PID:1088
                                                                                      • C:\Windows\system32\AUDIODG.EXE
                                                                                        C:\Windows\system32\AUDIODG.EXE 0x524 0x520
                                                                                        1⤵
                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                        PID:3360
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffec1c446f8,0x7ffec1c44708,0x7ffec1c44718
                                                                                        1⤵
                                                                                          PID:3920

                                                                                        Network

                                                                                        • flag-us
                                                                                          DNS
                                                                                          232.168.11.51.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          232.168.11.51.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-us
                                                                                          DNS
                                                                                          assets.msn.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          assets.msn.com
                                                                                          IN A
                                                                                          Response
                                                                                          assets.msn.com
                                                                                          IN CNAME
                                                                                          assets.msn.com.edgekey.net
                                                                                          assets.msn.com.edgekey.net
                                                                                          IN CNAME
                                                                                          e28578.d.akamaiedge.net
                                                                                          e28578.d.akamaiedge.net
                                                                                          IN A
                                                                                          104.126.37.154
                                                                                          e28578.d.akamaiedge.net
                                                                                          IN A
                                                                                          104.126.37.147
                                                                                          e28578.d.akamaiedge.net
                                                                                          IN A
                                                                                          104.126.37.184
                                                                                          e28578.d.akamaiedge.net
                                                                                          IN A
                                                                                          104.126.37.168
                                                                                        • flag-de
                                                                                          GET
                                                                                          https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=1e5a9c64-f3da-4b89-b3aa-291aa4acab4a&ocid=windows-windowsShell-feeds&user=m-d4eafa4aa86940188882725c6e2ef215&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask
                                                                                          Remote address:
                                                                                          104.126.37.154:443
                                                                                          Request
                                                                                          GET /serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=1e5a9c64-f3da-4b89-b3aa-291aa4acab4a&ocid=windows-windowsShell-feeds&user=m-d4eafa4aa86940188882725c6e2ef215&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask HTTP/2.0
                                                                                          host: assets.msn.com
                                                                                          x-search-account: None
                                                                                          accept-encoding: gzip, deflate
                                                                                          x-device-machineid: {46CAA714-52CC-4AB9-A019-1AE3E3C36027}
                                                                                          x-userageclass: Unknown
                                                                                          x-bm-market: US
                                                                                          x-bm-dateformat: M/d/yyyy
                                                                                          x-device-ossku: 48
                                                                                          x-bm-dtz: 0
                                                                                          x-deviceid: 0100B2E609000CC3
                                                                                          x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11D898D7,FX:11DB147C,FX:11DE505A,FX:11E11E97,FX:11E3E2BA,FX:11E50151,FX:11E9EE98,FX:11F1992A,FX:11F4161E,FX:11F41B68,FX:11FB0F2F,FX:1201B330,FX:1202B7FC,FX:120BB68E,FX:121A20E1,FX:121BF15F,FX:121E5EC8,FX:122D8E86,FX:123031A3,FX:1231B88B,FX:123371B1,FX:1233C945,FX:123D7C31,FX:1240013C,FX:1246E4A3,FX:1248306D,FX:124B38D0,FX:1250080B,FX:125A7FDA,FX:1264FA75,FX:126DBC22,FX:127159BE,FX:12769734,FX:127C935B,FX:127DC03A,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:129135BB
                                                                                          sitename: www.msn.com
                                                                                          x-bm-theme: 000000;0078d7
                                                                                          muid: D4EAFA4AA86940188882725C6E2EF215
                                                                                          x-agent-deviceid: 0100B2E609000CC3
                                                                                          x-bm-onlinesearchdisabled: true
                                                                                          x-bm-cbt: 1683233823
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                                                          x-device-isoptin: false
                                                                                          accept-language: en-US, en
                                                                                          x-device-touch: false
                                                                                          x-device-clientsession: F8AFAF57DF2743B8BED774E999837433
                                                                                          cookie: MUID=D4EAFA4AA86940188882725C6E2EF215
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          content-type: application/json; charset=utf-8
                                                                                          server: Kestrel
                                                                                          access-control-allow-credentials: true
                                                                                          access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
                                                                                          access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
                                                                                          access-control-allow-origin: *.msn.com
                                                                                          access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
                                                                                          content-encoding: gzip
                                                                                          ddd-authenticatedwithjwtflow: False
                                                                                          ddd-usertype: AnonymousMuid
                                                                                          ddd-tmpl: WildFire_cold:1;coldStart:1;TeaserVisibility_cold:1;winbadge:1;partialResponse:1;lowT:0;TeaserTemp_cold:1;tbn:0;SportsMatch_all:1;SevereWeather_cold:1;Nowcast_cold:1;coldStartUpsell:1;lowC:0
                                                                                          x-wpo-activityid: A1E03F77-AAF8-4F86-A45C-3EFEECDD893B|2023-05-04T20:57:05.6147889Z|fabric:/wpo|WEU|WPO_96
                                                                                          ddd-feednewsitemcount: 0
                                                                                          ddd-activityid: a1e03f77-aaf8-4f86-a45c-3efeecdd893b
                                                                                          ddd-strategyexecutionlatency: 00:00:00.2116174
                                                                                          ddd-debugid: a1e03f77-aaf8-4f86-a45c-3efeecdd893b|2023-05-04T20:57:05.6234081Z|fabric:/winfeed|WEU|WinFeed_251
                                                                                          onewebservicelatency: 212
                                                                                          x-msedge-responseinfo: 212
                                                                                          x-ceto-ref: 64541c21458b4f30b1a54d14131eeee0|2023-05-04T20:57:05.408Z
                                                                                          expires: Thu, 04 May 2023 20:57:05 GMT
                                                                                          date: Thu, 04 May 2023 20:57:05 GMT
                                                                                          content-length: 9291
                                                                                          akamai-request-bc: [a=104.126.37.150,b=201619748,c=g,n=DE_HE_FRANKFURT,o=20940],[a=20.23.114.34,c=o]
                                                                                          server-timing: clientrtt; dur=11, clienttt; dur=228, origin; dur=226 , cdntime; dur=2
                                                                                          akamai-cache-status: Miss from child
                                                                                          akamai-server-ip: 104.126.37.150
                                                                                          akamai-request-id: c047924
                                                                                          x-as-suppresssetcookie: 1
                                                                                          cache-control: private, max-age=0
                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
                                                                                          timing-allow-origin: *
                                                                                          vary: Origin
                                                                                        • flag-us
                                                                                          DNS
                                                                                          154.37.126.104.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          154.37.126.104.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          154.37.126.104.in-addr.arpa
                                                                                          IN PTR
                                                                                          a104-126-37-154deploystaticakamaitechnologiescom
                                                                                        • flag-us
                                                                                          DNS
                                                                                          58.55.71.13.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          58.55.71.13.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-us
                                                                                          DNS
                                                                                          37.146.190.20.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          37.146.190.20.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-us
                                                                                          DNS
                                                                                          45.147.19.2.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          45.147.19.2.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          45.147.19.2.in-addr.arpa
                                                                                          IN PTR
                                                                                          a2-19-147-45deploystaticakamaitechnologiescom
                                                                                        • flag-us
                                                                                          DNS
                                                                                          81.171.91.138.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          81.171.91.138.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-us
                                                                                          DNS
                                                                                          45.8.109.52.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          45.8.109.52.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-us
                                                                                          DNS
                                                                                          google.co.ck
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          google.co.ck
                                                                                          IN A
                                                                                          Response
                                                                                          google.co.ck
                                                                                          IN A
                                                                                          142.250.179.164
                                                                                        • flag-nl
                                                                                          GET
                                                                                          http://google.co.ck/search?q=minecraft+hax+download+no+virus
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.164:80
                                                                                          Request
                                                                                          GET /search?q=minecraft+hax+download+no+virus HTTP/1.1
                                                                                          Host: google.co.ck
                                                                                          Connection: keep-alive
                                                                                          DNT: 1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Response
                                                                                          HTTP/1.1 301 Moved Permanently
                                                                                          Location: http://www.google.co.ck/search?q=minecraft+hax+download+no+virus
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-njmpIYttAcG8Ea5qNwzr9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/web
                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/web"}]}
                                                                                          Permissions-Policy: unload=()
                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                          Date: Thu, 04 May 2023 20:58:21 GMT
                                                                                          Expires: Sat, 03 Jun 2023 20:58:21 GMT
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          Server: gws
                                                                                          Content-Length: 261
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                        • flag-nl
                                                                                          GET
                                                                                          http://google.co.ck/search?q=virus+builder+legit+free+download
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.164:80
                                                                                          Request
                                                                                          GET /search?q=virus+builder+legit+free+download HTTP/1.1
                                                                                          Host: google.co.ck
                                                                                          Connection: keep-alive
                                                                                          DNT: 1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Response
                                                                                          HTTP/1.1 301 Moved Permanently
                                                                                          Location: http://www.google.co.ck/search?q=virus+builder+legit+free+download
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-p3fq2y8ZvvHtmmHDNmvyMQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/web
                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/web"}]}
                                                                                          Permissions-Policy: unload=()
                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                          Date: Thu, 04 May 2023 20:58:44 GMT
                                                                                          Expires: Sat, 03 Jun 2023 20:58:44 GMT
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          Server: gws
                                                                                          Content-Length: 263
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                        • flag-nl
                                                                                          GET
                                                                                          http://google.co.ck/search?q=the+memz+are+real
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.164:80
                                                                                          Request
                                                                                          GET /search?q=the+memz+are+real HTTP/1.1
                                                                                          Host: google.co.ck
                                                                                          Connection: keep-alive
                                                                                          DNT: 1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Response
                                                                                          HTTP/1.1 301 Moved Permanently
                                                                                          Location: http://www.google.co.ck/search?q=the+memz+are+real
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-_eLd5eDuN2XoiqQizCqwaA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/web
                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/web"}]}
                                                                                          Permissions-Policy: unload=()
                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                          Date: Thu, 04 May 2023 20:59:10 GMT
                                                                                          Expires: Sat, 03 Jun 2023 20:59:10 GMT
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          Server: gws
                                                                                          Content-Length: 247
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                        • flag-nl
                                                                                          GET
                                                                                          http://google.co.ck/search?q=vinesauce+meme+collection
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.164:80
                                                                                          Request
                                                                                          GET /search?q=vinesauce+meme+collection HTTP/1.1
                                                                                          Host: google.co.ck
                                                                                          Connection: keep-alive
                                                                                          DNT: 1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Response
                                                                                          HTTP/1.1 301 Moved Permanently
                                                                                          Location: http://www.google.co.ck/search?q=vinesauce+meme+collection
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-5d0q4CDN-C5JC8XZ6NJaqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/web
                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/web"}]}
                                                                                          Permissions-Policy: unload=()
                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                          Date: Thu, 04 May 2023 20:59:32 GMT
                                                                                          Expires: Sat, 03 Jun 2023 20:59:32 GMT
                                                                                          Cache-Control: public, max-age=2592000
                                                                                          Server: gws
                                                                                          Content-Length: 255
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                        • flag-us
                                                                                          DNS
                                                                                          www.google.co.ck
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.google.co.ck
                                                                                          IN A
                                                                                          Response
                                                                                          www.google.co.ck
                                                                                          IN A
                                                                                          142.250.179.195
                                                                                        • flag-nl
                                                                                          GET
                                                                                          http://www.google.co.ck/search?q=minecraft+hax+download+no+virus
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.195:80
                                                                                          Request
                                                                                          GET /search?q=minecraft+hax+download+no+virus HTTP/1.1
                                                                                          Host: www.google.co.ck
                                                                                          Connection: keep-alive
                                                                                          DNT: 1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Location: https://www.google.co.ck/search?q=minecraft+hax+download+no+virus&gws_rd=ssl
                                                                                          Cache-Control: private
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-f7N2iKCkXyzGXq9Z4J0V8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/web
                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/web"}]}
                                                                                          Permissions-Policy: unload=()
                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                          Date: Thu, 04 May 2023 20:58:22 GMT
                                                                                          Server: gws
                                                                                          Content-Length: 277
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: 1P_JAR=2023-05-04-20; expires=Sat, 03-Jun-2023 20:58:22 GMT; path=/; domain=.google.co.ck; Secure; SameSite=none
                                                                                          Set-Cookie: AEC=AUEFqZdFkdNu00qs07mKNc6eceTxCzdumJENwFe2-oX8Tr1bLD847POCWRU; expires=Tue, 31-Oct-2023 20:58:22 GMT; path=/; domain=.google.co.ck; Secure; HttpOnly; SameSite=lax
                                                                                        • flag-us
                                                                                          DNS
                                                                                          164.179.250.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          164.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          164.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s41-in-f41e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          195.179.250.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          195.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          195.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s42-in-f31e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          131.179.250.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          131.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          131.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams17s10-in-f31e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          i.ytimg.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.251.39.118
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          172.217.168.214
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          172.217.23.214
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          216.58.208.118
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.250.179.150
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.251.36.54
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.250.179.182
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.250.179.214
                                                                                          i.ytimg.com
                                                                                          IN A
                                                                                          142.251.36.22
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://i.ytimg.com/vi/GpKlb9yiGvI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lq73OOdkfdNdziApJsd4inCPZ5aQ
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.39.118:443
                                                                                          Request
                                                                                          GET /vi/GpKlb9yiGvI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lq73OOdkfdNdziApJsd4inCPZ5aQ HTTP/2.0
                                                                                          host: i.ytimg.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          apis.google.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          apis.google.com
                                                                                          IN A
                                                                                          Response
                                                                                          apis.google.com
                                                                                          IN CNAME
                                                                                          plus.l.google.com
                                                                                          plus.l.google.com
                                                                                          IN A
                                                                                          172.217.23.206
                                                                                        • flag-us
                                                                                          DNS
                                                                                          play.google.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          play.google.com
                                                                                          IN A
                                                                                          Response
                                                                                          play.google.com
                                                                                          IN A
                                                                                          142.250.179.206
                                                                                        • flag-nl
                                                                                          OPTIONS
                                                                                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.206:443
                                                                                          Request
                                                                                          OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                                                                          host: play.google.com
                                                                                          accept: */*
                                                                                          access-control-request-method: POST
                                                                                          access-control-request-headers: x-goog-authuser
                                                                                          origin: https://www.google.co.ck
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          sec-fetch-mode: cors
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-dest: empty
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          adservice.google.co.ck
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          adservice.google.co.ck
                                                                                          IN A
                                                                                          Response
                                                                                          adservice.google.co.ck
                                                                                          IN CNAME
                                                                                          pagead46.l.doubleclick.net
                                                                                          pagead46.l.doubleclick.net
                                                                                          IN A
                                                                                          216.58.208.98
                                                                                        • flag-gb
                                                                                          GET
                                                                                          https://adservice.google.co.ck/adsid/google/ui
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          216.58.208.98:443
                                                                                          Request
                                                                                          GET /adsid/google/ui HTTP/2.0
                                                                                          host: adservice.google.co.ck
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: same-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                          cookie: AEC=AUEFqZcfV1ke0aDUdb47_yhgT7wHnEosEoSRLFN9I7GMgoIaVuXNZREC4w
                                                                                          cookie: NID=511=sUtAKUZKJVqjO1Lrl7GBSv5XirD9FfydPWsciPe8aevp7VP1jVNbZcUrYmiga0qWx98bdTWA2KtHFEcrXEim5IDdTfGG44RUuOC8re-AJyjCYzzVKLhJE5yqZnmYq1-OLC7PjY7_HGH_1FvgEtawPwbiR6BaTiIC_ynV7faE914
                                                                                          cookie: 1P_JAR=2023-05-04-20
                                                                                        • flag-us
                                                                                          DNS
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          IN A
                                                                                          Response
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          IN A
                                                                                          142.251.36.14
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSbY4pIDQfWB-A0LGNHdOpeAPxmXvb_Stj3FnlE990bIw&s
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.14:443
                                                                                          Request
                                                                                          GET /images?q=tbn:ANd9GcSbY4pIDQfWB-A0LGNHdOpeAPxmXvb_Stj3FnlE990bIw&s HTTP/2.0
                                                                                          host: encrypted-tbn0.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT8dw85fMZJ9FZr_hnyG77pp1iwcmD4-L3iGa31Eij58A&s
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.14:443
                                                                                          Request
                                                                                          GET /images?q=tbn:ANd9GcT8dw85fMZJ9FZr_hnyG77pp1iwcmD4-L3iGa31Eij58A&s HTTP/2.0
                                                                                          host: encrypted-tbn0.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSeuooVk50Ms7_q_iU0_rzlnIDuA-BIiyYL2ICBrcMesg&s
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.14:443
                                                                                          Request
                                                                                          GET /images?q=tbn:ANd9GcSeuooVk50Ms7_q_iU0_rzlnIDuA-BIiyYL2ICBrcMesg&s HTTP/2.0
                                                                                          host: encrypted-tbn0.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRjKHGEK22YCoBEPkORh7sBd7vdrojd73GxydXTCfFSGQ&s
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.14:443
                                                                                          Request
                                                                                          GET /images?q=tbn:ANd9GcRjKHGEK22YCoBEPkORh7sBd7vdrojd73GxydXTCfFSGQ&s HTTP/2.0
                                                                                          host: encrypted-tbn0.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTPiI-7wWxGg_HoVeEFGQY7RGZFeQ19VTsMmF_FH0b4_Q&s
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.14:443
                                                                                          Request
                                                                                          GET /images?q=tbn:ANd9GcTPiI-7wWxGg_HoVeEFGQY7RGZFeQ19VTsMmF_FH0b4_Q&s HTTP/2.0
                                                                                          host: encrypted-tbn0.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          118.39.251.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          118.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          118.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s48-in-f221e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f2061e100net
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams16s37-in-f14�J
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f14�J
                                                                                        • flag-us
                                                                                          DNS
                                                                                          206.179.250.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          206.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          206.179.250.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s42-in-f141e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          98.208.58.216.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          98.208.58.216.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          98.208.58.216.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams17s08-in-f21e100net
                                                                                          98.208.58.216.in-addr.arpa
                                                                                          IN PTR
                                                                                          sof01s11-in-f98�G
                                                                                        • flag-us
                                                                                          DNS
                                                                                          100.39.251.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          100.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          100.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s48-in-f41e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          14.36.251.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          14.36.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          14.36.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s44-in-f141e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          googleads.g.doubleclick.net
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          googleads.g.doubleclick.net
                                                                                          IN A
                                                                                          Response
                                                                                          googleads.g.doubleclick.net
                                                                                          IN A
                                                                                          172.217.23.194
                                                                                        • flag-de
                                                                                          GET
                                                                                          https://googleads.g.doubleclick.net/pagead/id
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          172.217.23.194:443
                                                                                          Request
                                                                                          GET /pagead/id HTTP/2.0
                                                                                          host: googleads.g.doubleclick.net
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: */*
                                                                                          origin: https://www.youtube.com
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: cors
                                                                                          sec-fetch-dest: empty
                                                                                          referer: https://www.youtube.com/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          ogs.google.co.ck
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ogs.google.co.ck
                                                                                          IN A
                                                                                          Response
                                                                                          ogs.google.co.ck
                                                                                          IN CNAME
                                                                                          www3.l.google.com
                                                                                          www3.l.google.com
                                                                                          IN A
                                                                                          142.250.179.206
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://ogs.google.co.ck/widget/app/so?awv2=1&origin=https%3A%2F%2Fwww.google.co.ck&cn=app&pid=1&spid=1&hl=en
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.250.179.206:443
                                                                                          Request
                                                                                          GET /widget/app/so?awv2=1&origin=https%3A%2F%2Fwww.google.co.ck&cn=app&pid=1&spid=1&hl=en HTTP/2.0
                                                                                          host: ogs.google.co.ck
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          upgrade-insecure-requests: 1
                                                                                          dnt: 1
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          sec-fetch-site: same-site
                                                                                          sec-fetch-mode: navigate
                                                                                          sec-fetch-dest: iframe
                                                                                          referer: https://www.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                          cookie: AEC=AUEFqZcfV1ke0aDUdb47_yhgT7wHnEosEoSRLFN9I7GMgoIaVuXNZREC4w
                                                                                          cookie: 1P_JAR=2023-05-04-20
                                                                                          cookie: NID=511=HYvcB7FLt4QSqDNUbWtkJxUVmZBgkSZ-enV3-Mt6MKDuR4WoQZ_HjBZsKZi2ppsqdk39FPYTTNoOHNwFX4GqzCzaXcfvJvmsgIbULIT0Lf096CZapGCK6FTizpqMDUuMVbxQgkNtlK0w8CPKLQYNpKh0o7tgLYhbjsNYKRV6CBg
                                                                                        • flag-us
                                                                                          DNS
                                                                                          ssl.gstatic.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ssl.gstatic.com
                                                                                          IN A
                                                                                          Response
                                                                                          ssl.gstatic.com
                                                                                          IN A
                                                                                          172.217.23.195
                                                                                        • flag-de
                                                                                          GET
                                                                                          https://ssl.gstatic.com/gb/images/sprites/p_1x_009420f9dce2.png
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          172.217.23.195:443
                                                                                          Request
                                                                                          GET /gb/images/sprites/p_1x_009420f9dce2.png HTTP/2.0
                                                                                          host: ssl.gstatic.com
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: image
                                                                                          referer: https://ogs.google.co.ck/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f1941e100net
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f2�J
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams16s37-in-f2�J
                                                                                        • flag-us
                                                                                          DNS
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f1951e100net
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams16s37-in-f3�J
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          IN PTR
                                                                                          prg03s05-in-f3�J
                                                                                        • flag-us
                                                                                          DNS
                                                                                          static.doubleclick.net
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          static.doubleclick.net
                                                                                          IN A
                                                                                          Response
                                                                                          static.doubleclick.net
                                                                                          IN A
                                                                                          142.251.36.6
                                                                                        • flag-nl
                                                                                          GET
                                                                                          https://static.doubleclick.net/instream/ad_status.js
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.36.6:443
                                                                                          Request
                                                                                          GET /instream/ad_status.js HTTP/2.0
                                                                                          host: static.doubleclick.net
                                                                                          sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                                                                          dnt: 1
                                                                                          sec-ch-ua-mobile: ?0
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          accept: */*
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-mode: no-cors
                                                                                          sec-fetch-dest: script
                                                                                          referer: https://www.youtube.com/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          jnn-pa.googleapis.com
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          Response
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.251.39.106
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          172.217.23.202
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          216.58.214.10
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.250.179.138
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.251.36.42
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.250.179.170
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.250.179.202
                                                                                          jnn-pa.googleapis.com
                                                                                          IN A
                                                                                          142.251.36.10
                                                                                        • flag-nl
                                                                                          OPTIONS
                                                                                          https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          142.251.39.106:443
                                                                                          Request
                                                                                          OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                                                                          host: jnn-pa.googleapis.com
                                                                                          accept: */*
                                                                                          access-control-request-method: POST
                                                                                          access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                                                                          origin: https://www.youtube.com
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                                                                          sec-fetch-mode: cors
                                                                                          sec-fetch-site: cross-site
                                                                                          sec-fetch-dest: empty
                                                                                          referer: https://www.youtube.com/
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          accept-language: en-US,en;q=0.9
                                                                                        • flag-us
                                                                                          DNS
                                                                                          106.39.251.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          106.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          106.39.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s48-in-f101e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          6.36.251.142.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          6.36.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                          6.36.251.142.in-addr.arpa
                                                                                          IN PTR
                                                                                          ams15s44-in-f61e100net
                                                                                        • flag-us
                                                                                          DNS
                                                                                          id.google.co.ck
                                                                                          msedge.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          id.google.co.ck
                                                                                          IN A
                                                                                          Response
                                                                                          id.google.co.ck
                                                                                          IN A
                                                                                          142.250.179.131
                                                                                        • 52.242.101.226:443
                                                                                          tls
                                                                                          1.6kB
                                                                                          9
                                                                                        • 104.126.37.154:443
                                                                                          https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=1e5a9c64-f3da-4b89-b3aa-291aa4acab4a&ocid=windows-windowsShell-feeds&user=m-d4eafa4aa86940188882725c6e2ef215&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask
                                                                                          tls, http2
                                                                                          2.9kB
                                                                                          18.8kB
                                                                                          27
                                                                                          26

                                                                                          HTTP Request

                                                                                          GET https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=1e5a9c64-f3da-4b89-b3aa-291aa4acab4a&ocid=windows-windowsShell-feeds&user=m-d4eafa4aa86940188882725c6e2ef215&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 142.250.179.164:80
                                                                                          http://google.co.ck/search?q=vinesauce+meme+collection
                                                                                          http
                                                                                          msedge.exe
                                                                                          2.4kB
                                                                                          6.8kB
                                                                                          10
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET http://google.co.ck/search?q=minecraft+hax+download+no+virus

                                                                                          HTTP Response

                                                                                          301

                                                                                          HTTP Request

                                                                                          GET http://google.co.ck/search?q=virus+builder+legit+free+download

                                                                                          HTTP Response

                                                                                          301

                                                                                          HTTP Request

                                                                                          GET http://google.co.ck/search?q=the+memz+are+real

                                                                                          HTTP Response

                                                                                          301

                                                                                          HTTP Request

                                                                                          GET http://google.co.ck/search?q=vinesauce+meme+collection

                                                                                          HTTP Response

                                                                                          301
                                                                                        • 142.250.179.164:80
                                                                                          google.co.ck
                                                                                          msedge.exe
                                                                                          236 B
                                                                                          144 B
                                                                                          5
                                                                                          3
                                                                                        • 142.250.179.195:80
                                                                                          http://www.google.co.ck/search?q=minecraft+hax+download+no+virus
                                                                                          http
                                                                                          msedge.exe
                                                                                          718 B
                                                                                          2.1kB
                                                                                          5
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.co.ck/search?q=minecraft+hax+download+no+virus

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 142.251.39.118:443
                                                                                          https://i.ytimg.com/vi/GpKlb9yiGvI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lq73OOdkfdNdziApJsd4inCPZ5aQ
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.8kB
                                                                                          10.4kB
                                                                                          14
                                                                                          16

                                                                                          HTTP Request

                                                                                          GET https://i.ytimg.com/vi/GpKlb9yiGvI/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3lq73OOdkfdNdziApJsd4inCPZ5aQ
                                                                                        • 142.250.179.206:443
                                                                                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.7kB
                                                                                          8.5kB
                                                                                          13
                                                                                          15

                                                                                          HTTP Request

                                                                                          OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                                                        • 216.58.208.98:443
                                                                                          https://adservice.google.co.ck/adsid/google/ui
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.9kB
                                                                                          6.5kB
                                                                                          13
                                                                                          14

                                                                                          HTTP Request

                                                                                          GET https://adservice.google.co.ck/adsid/google/ui
                                                                                        • 142.251.36.14:443
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          953 B
                                                                                          5.8kB
                                                                                          8
                                                                                          8
                                                                                        • 142.251.36.14:443
                                                                                          https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTPiI-7wWxGg_HoVeEFGQY7RGZFeQ19VTsMmF_FH0b4_Q&s
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          2.8kB
                                                                                          18.1kB
                                                                                          26
                                                                                          29

                                                                                          HTTP Request

                                                                                          GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSbY4pIDQfWB-A0LGNHdOpeAPxmXvb_Stj3FnlE990bIw&s

                                                                                          HTTP Request

                                                                                          GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT8dw85fMZJ9FZr_hnyG77pp1iwcmD4-L3iGa31Eij58A&s

                                                                                          HTTP Request

                                                                                          GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSeuooVk50Ms7_q_iU0_rzlnIDuA-BIiyYL2ICBrcMesg&s

                                                                                          HTTP Request

                                                                                          GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRjKHGEK22YCoBEPkORh7sBd7vdrojd73GxydXTCfFSGQ&s

                                                                                          HTTP Request

                                                                                          GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTPiI-7wWxGg_HoVeEFGQY7RGZFeQ19VTsMmF_FH0b4_Q&s
                                                                                        • 142.251.36.14:443
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          953 B
                                                                                          5.8kB
                                                                                          8
                                                                                          8
                                                                                        • 142.251.36.14:443
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          999 B
                                                                                          5.8kB
                                                                                          9
                                                                                          8
                                                                                        • 142.251.36.14:443
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          999 B
                                                                                          5.8kB
                                                                                          9
                                                                                          8
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 172.217.23.194:443
                                                                                          https://googleads.g.doubleclick.net/pagead/id
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.7kB
                                                                                          6.9kB
                                                                                          13
                                                                                          14

                                                                                          HTTP Request

                                                                                          GET https://googleads.g.doubleclick.net/pagead/id
                                                                                        • 142.250.179.206:443
                                                                                          https://ogs.google.co.ck/widget/app/so?awv2=1&origin=https%3A%2F%2Fwww.google.co.ck&cn=app&pid=1&spid=1&hl=en
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          2.3kB
                                                                                          21.9kB
                                                                                          19
                                                                                          26

                                                                                          HTTP Request

                                                                                          GET https://ogs.google.co.ck/widget/app/so?awv2=1&origin=https%3A%2F%2Fwww.google.co.ck&cn=app&pid=1&spid=1&hl=en
                                                                                        • 172.217.23.195:443
                                                                                          https://ssl.gstatic.com/gb/images/sprites/p_1x_009420f9dce2.png
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          2.6kB
                                                                                          60.3kB
                                                                                          31
                                                                                          51

                                                                                          HTTP Request

                                                                                          GET https://ssl.gstatic.com/gb/images/sprites/p_1x_009420f9dce2.png
                                                                                        • 142.251.36.6:443
                                                                                          https://static.doubleclick.net/instream/ad_status.js
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.7kB
                                                                                          6.8kB
                                                                                          13
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://static.doubleclick.net/instream/ad_status.js
                                                                                        • 142.251.39.106:443
                                                                                          https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                                                                          tls, http2
                                                                                          msedge.exe
                                                                                          1.7kB
                                                                                          6.9kB
                                                                                          13
                                                                                          14

                                                                                          HTTP Request

                                                                                          OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                                                                        • 8.238.179.126:80
                                                                                          322 B
                                                                                          7
                                                                                        • 173.223.113.164:443
                                                                                          322 B
                                                                                          7
                                                                                        • 173.223.113.131:80
                                                                                          322 B
                                                                                          7
                                                                                        • 131.253.33.203:80
                                                                                          322 B
                                                                                          7
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 52.242.101.226:443
                                                                                          260 B
                                                                                          5
                                                                                        • 52.242.101.226:443
                                                                                          156 B
                                                                                          3
                                                                                        • 142.250.179.164:80
                                                                                          google.co.ck
                                                                                          98 B
                                                                                          52 B
                                                                                          2
                                                                                          1
                                                                                        • 8.8.8.8:53
                                                                                          232.168.11.51.in-addr.arpa
                                                                                          dns
                                                                                          72 B
                                                                                          158 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          232.168.11.51.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          assets.msn.com
                                                                                          dns
                                                                                          60 B
                                                                                          198 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          assets.msn.com

                                                                                          DNS Response

                                                                                          104.126.37.154
                                                                                          104.126.37.147
                                                                                          104.126.37.184
                                                                                          104.126.37.168

                                                                                        • 8.8.8.8:53
                                                                                          154.37.126.104.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          139 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          154.37.126.104.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          58.55.71.13.in-addr.arpa
                                                                                          dns
                                                                                          70 B
                                                                                          144 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          58.55.71.13.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          37.146.190.20.in-addr.arpa
                                                                                          dns
                                                                                          72 B
                                                                                          158 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          37.146.190.20.in-addr.arpa

                                                                                        • 224.0.0.251:5353
                                                                                          msedge.exe
                                                                                          1.0kB
                                                                                          16
                                                                                        • 8.8.8.8:53
                                                                                          45.147.19.2.in-addr.arpa
                                                                                          dns
                                                                                          70 B
                                                                                          133 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          45.147.19.2.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          81.171.91.138.in-addr.arpa
                                                                                          dns
                                                                                          72 B
                                                                                          146 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          81.171.91.138.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          45.8.109.52.in-addr.arpa
                                                                                          dns
                                                                                          70 B
                                                                                          144 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          45.8.109.52.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          google.co.ck
                                                                                          dns
                                                                                          msedge.exe
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          google.co.ck

                                                                                          DNS Response

                                                                                          142.250.179.164

                                                                                        • 8.8.8.8:53
                                                                                          www.google.co.ck
                                                                                          dns
                                                                                          msedge.exe
                                                                                          62 B
                                                                                          78 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.google.co.ck

                                                                                          DNS Response

                                                                                          142.250.179.195

                                                                                        • 8.8.8.8:53
                                                                                          164.179.250.142.in-addr.arpa
                                                                                          dns
                                                                                          74 B
                                                                                          112 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          164.179.250.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          195.179.250.142.in-addr.arpa
                                                                                          dns
                                                                                          74 B
                                                                                          112 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          195.179.250.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          131.179.250.142.in-addr.arpa
                                                                                          dns
                                                                                          74 B
                                                                                          112 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          131.179.250.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          i.ytimg.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          57 B
                                                                                          201 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          i.ytimg.com

                                                                                          DNS Response

                                                                                          142.251.39.118
                                                                                          172.217.168.214
                                                                                          172.217.23.214
                                                                                          216.58.208.118
                                                                                          142.250.179.150
                                                                                          142.251.36.54
                                                                                          142.250.179.182
                                                                                          142.250.179.214
                                                                                          142.251.36.22

                                                                                        • 142.251.39.118:443
                                                                                          i.ytimg.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          4.1kB
                                                                                          18.6kB
                                                                                          14
                                                                                          20
                                                                                        • 8.8.8.8:53
                                                                                          apis.google.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          61 B
                                                                                          98 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          apis.google.com

                                                                                          DNS Response

                                                                                          172.217.23.206

                                                                                        • 8.8.8.8:53
                                                                                          play.google.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          play.google.com

                                                                                          DNS Response

                                                                                          142.250.179.206

                                                                                        • 142.250.179.206:443
                                                                                          play.google.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          47.1kB
                                                                                          1.1MB
                                                                                          211
                                                                                          849
                                                                                        • 8.8.8.8:53
                                                                                          adservice.google.co.ck
                                                                                          dns
                                                                                          msedge.exe
                                                                                          68 B
                                                                                          124 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          adservice.google.co.ck

                                                                                          DNS Response

                                                                                          216.58.208.98

                                                                                        • 8.8.8.8:53
                                                                                          encrypted-tbn0.gstatic.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          72 B
                                                                                          88 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          encrypted-tbn0.gstatic.com

                                                                                          DNS Response

                                                                                          142.251.36.14

                                                                                        • 8.8.8.8:53
                                                                                          118.39.251.142.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          112 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          118.39.251.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          206.23.217.172.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          173 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          206.23.217.172.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          206.179.250.142.in-addr.arpa
                                                                                          dns
                                                                                          74 B
                                                                                          113 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          206.179.250.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          98.208.58.216.in-addr.arpa
                                                                                          dns
                                                                                          72 B
                                                                                          140 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          98.208.58.216.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          100.39.251.142.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          111 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          100.39.251.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          14.36.251.142.in-addr.arpa
                                                                                          dns
                                                                                          72 B
                                                                                          111 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          14.36.251.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          googleads.g.doubleclick.net
                                                                                          dns
                                                                                          msedge.exe
                                                                                          73 B
                                                                                          89 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          googleads.g.doubleclick.net

                                                                                          DNS Response

                                                                                          172.217.23.194

                                                                                        • 8.8.8.8:53
                                                                                          ogs.google.co.ck
                                                                                          dns
                                                                                          msedge.exe
                                                                                          62 B
                                                                                          109 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ogs.google.co.ck

                                                                                          DNS Response

                                                                                          142.250.179.206

                                                                                        • 8.8.8.8:53
                                                                                          ssl.gstatic.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ssl.gstatic.com

                                                                                          DNS Response

                                                                                          172.217.23.195

                                                                                        • 8.8.8.8:53
                                                                                          194.23.217.172.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          194.23.217.172.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          195.23.217.172.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          195.23.217.172.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          static.doubleclick.net
                                                                                          dns
                                                                                          msedge.exe
                                                                                          68 B
                                                                                          84 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          static.doubleclick.net

                                                                                          DNS Response

                                                                                          142.251.36.6

                                                                                        • 172.217.23.194:443
                                                                                          googleads.g.doubleclick.net
                                                                                          https
                                                                                          msedge.exe
                                                                                          3.6kB
                                                                                          7.3kB
                                                                                          8
                                                                                          10
                                                                                        • 8.8.8.8:53
                                                                                          jnn-pa.googleapis.com
                                                                                          dns
                                                                                          msedge.exe
                                                                                          67 B
                                                                                          195 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          jnn-pa.googleapis.com

                                                                                          DNS Response

                                                                                          142.251.39.106
                                                                                          172.217.23.202
                                                                                          216.58.214.10
                                                                                          142.250.179.138
                                                                                          142.251.36.42
                                                                                          142.250.179.170
                                                                                          142.250.179.202
                                                                                          142.251.36.10

                                                                                        • 142.251.39.106:443
                                                                                          jnn-pa.googleapis.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          6.1kB
                                                                                          40.1kB
                                                                                          24
                                                                                          40
                                                                                        • 8.8.8.8:53
                                                                                          106.39.251.142.in-addr.arpa
                                                                                          dns
                                                                                          73 B
                                                                                          112 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          106.39.251.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          6.36.251.142.in-addr.arpa
                                                                                          dns
                                                                                          71 B
                                                                                          109 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          6.36.251.142.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          id.google.co.ck
                                                                                          dns
                                                                                          msedge.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          id.google.co.ck

                                                                                          DNS Response

                                                                                          142.250.179.131

                                                                                        • 172.217.23.194:443
                                                                                          googleads.g.doubleclick.net
                                                                                          https
                                                                                          msedge.exe
                                                                                          4.2kB
                                                                                          7.1kB
                                                                                          10
                                                                                          13
                                                                                        • 142.250.179.206:443
                                                                                          ogs.google.co.ck
                                                                                          https
                                                                                          msedge.exe
                                                                                          3.6kB
                                                                                          7.2kB
                                                                                          8
                                                                                          11
                                                                                        • 142.251.39.118:443
                                                                                          i.ytimg.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          3.6kB
                                                                                          21.5kB
                                                                                          22
                                                                                          27
                                                                                        • 172.217.23.194:443
                                                                                          googleads.g.doubleclick.net
                                                                                          https
                                                                                          msedge.exe
                                                                                          3.8kB
                                                                                          3.7kB
                                                                                          11
                                                                                          13
                                                                                        • 142.251.39.106:443
                                                                                          jnn-pa.googleapis.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          4.6kB
                                                                                          36.8kB
                                                                                          23
                                                                                          36
                                                                                        • 172.217.23.195:443
                                                                                          ssl.gstatic.com
                                                                                          https
                                                                                          msedge.exe
                                                                                          3.1kB
                                                                                          6.4kB
                                                                                          5
                                                                                          7

                                                                                        MITRE ATT&CK Enterprise v6

                                                                                        Replay Monitor

                                                                                        Loading Replay Monitor...

                                                                                        Downloads

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                          Filesize

                                                                                          152B

                                                                                          MD5

                                                                                          462f3c1360a4b5e319363930bc4806f6

                                                                                          SHA1

                                                                                          9ba5e43d833c284b89519423f6b6dab5a859a8d0

                                                                                          SHA256

                                                                                          fec64069c72a8d223ed89a816501b3950f5e4f5dd88f289a923c5f961d259f85

                                                                                          SHA512

                                                                                          5584ef75dfb8a1907c071a194fa78f56d10d1555948dffb8afcacaaa2645fd9d842a923437d0e94fad1d1919dcef5b25bf065863405c8d2a28216df27c87a417

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                          Filesize

                                                                                          152B

                                                                                          MD5

                                                                                          d2642245b1e4572ba7d7cd13a0675bb8

                                                                                          SHA1

                                                                                          96456510884685146d3fa2e19202fd2035d64833

                                                                                          SHA256

                                                                                          3763676934b31fe2e3078256adb25b01fdf899db6616b6b41dff3062b68e20a1

                                                                                          SHA512

                                                                                          99e35f5eefc1e654ecfcf0493ccc02475ca679d3527293f35c3adea66879e21575ab037bec77775915ec42ac53e30416c3928bc3c57910ce02f3addd880392e9

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                          Filesize

                                                                                          152B

                                                                                          MD5

                                                                                          8e068076538743d62dbebbbf7d7e2499

                                                                                          SHA1

                                                                                          12c776b76f9aafee6e1e3acb8f17c397d92dea92

                                                                                          SHA256

                                                                                          f14a4d84df6dc971f79343a4beab6944f2e84c1b86f02ed3ef3b92fd201c0e71

                                                                                          SHA512

                                                                                          f59481e8381089246c347229e95046a80d546bcfcd7f47e8dda630aad363265516b5ed006f4fc7d2d1a7bae3ff4f8cae5f081396f791c8a3b5c073ac3d3b6526

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                          Filesize

                                                                                          152B

                                                                                          MD5

                                                                                          8e068076538743d62dbebbbf7d7e2499

                                                                                          SHA1

                                                                                          12c776b76f9aafee6e1e3acb8f17c397d92dea92

                                                                                          SHA256

                                                                                          f14a4d84df6dc971f79343a4beab6944f2e84c1b86f02ed3ef3b92fd201c0e71

                                                                                          SHA512

                                                                                          f59481e8381089246c347229e95046a80d546bcfcd7f47e8dda630aad363265516b5ed006f4fc7d2d1a7bae3ff4f8cae5f081396f791c8a3b5c073ac3d3b6526

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                          Filesize

                                                                                          152B

                                                                                          MD5

                                                                                          cb17d6d114d03ac2c811654defaa97a0

                                                                                          SHA1

                                                                                          656de5d80f1d889ba1c4f7bb968c94b426f08576

                                                                                          SHA256

                                                                                          7f0262e3032aac35747818fa5a4fd12e1516199c5bbc71573b12cdbb0e153385

                                                                                          SHA512

                                                                                          188b6f8ac827b934ad1d07a294708a100273dc6ff5fbef263375e4bc1cb2fb33dca8089a6da2885eac46154078669716c3181f6d215de4742b3555d8dcd50d35

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

                                                                                          Filesize

                                                                                          44KB

                                                                                          MD5

                                                                                          fa33f1c02b94bdb0a78c62ac2c5cb612

                                                                                          SHA1

                                                                                          0f2c67c2f16c75d4424d943a276527abaafd7115

                                                                                          SHA256

                                                                                          56f5e2d921848e33a0fb0972bdc894f9044b9d2f35c1cf3e9149a54360c65729

                                                                                          SHA512

                                                                                          4a20935a5bf758302bbd43014afd3b7b9579ed7574a944517b23549cc26ed76557d5aacb330741c00e0ca1f2872a1f42ed40654e78ff41d763baab940b10a100

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

                                                                                          Filesize

                                                                                          264KB

                                                                                          MD5

                                                                                          f4e028cd95083851798792408bf77c7b

                                                                                          SHA1

                                                                                          30388a712b6c36094b4477ddb810502c69d72130

                                                                                          SHA256

                                                                                          63c1a7e5a7815c3bcdfe5b26e78f31ac691ffb780ff51eea4faaef52d4b2e738

                                                                                          SHA512

                                                                                          4110faa82b3c3fa61c145a5b3a59b04b4e12901d5211782649ece1f5a30fe7b5497f39118882fc593814edd0baacb8922118db2e365ccf7a5d9229f0b2d5f338

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

                                                                                          Filesize

                                                                                          264KB

                                                                                          MD5

                                                                                          b9dd9390fbaec071720b0b6e1adfea01

                                                                                          SHA1

                                                                                          07305022545de2c7108d8502d80ebc726df60e7a

                                                                                          SHA256

                                                                                          3ee277916c55a570caa0d93d559d4302712b5c1f53e18c9fb9967717f2a0bd95

                                                                                          SHA512

                                                                                          329658919a0c935f126541965ab04c8c754884639724734fdf3ce9b1186bb2d16f35cc1227b3822b02985a11b02fca71869aa77cd28b4e7526330afb3be814ed

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          0962291d6d367570bee5454721c17e11

                                                                                          SHA1

                                                                                          59d10a893ef321a706a9255176761366115bedcb

                                                                                          SHA256

                                                                                          ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                          SHA512

                                                                                          f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          0962291d6d367570bee5454721c17e11

                                                                                          SHA1

                                                                                          59d10a893ef321a706a9255176761366115bedcb

                                                                                          SHA256

                                                                                          ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                          SHA512

                                                                                          f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          41876349cb12d6db992f1309f22df3f0

                                                                                          SHA1

                                                                                          5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                          SHA256

                                                                                          e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                          SHA512

                                                                                          e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          41876349cb12d6db992f1309f22df3f0

                                                                                          SHA1

                                                                                          5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                          SHA256

                                                                                          e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                          SHA512

                                                                                          e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                                                                          Filesize

                                                                                          20KB

                                                                                          MD5

                                                                                          923a543cc619ea568f91b723d9fb1ef0

                                                                                          SHA1

                                                                                          6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                          SHA256

                                                                                          bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                          SHA512

                                                                                          a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                                                                          Filesize

                                                                                          337KB

                                                                                          MD5

                                                                                          50b0b2fc63379ffa41defa04b3a6991f

                                                                                          SHA1

                                                                                          edfbbca9304a263e4c019cad7c4958331bca7a3b

                                                                                          SHA256

                                                                                          8f3148ceebf73ca44f483a5b7deefbd413c41d0c7940cb9519801605374fad5c

                                                                                          SHA512

                                                                                          051d10bce652d2753ccbfc020a67db1c5667f907e8638f8a6b4cabbbf69f12a6f5da4f7a25dfd275c4cb657e55b2729625f9a39afce9231ee3b528f4941af7f9

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                                                                          Filesize

                                                                                          74KB

                                                                                          MD5

                                                                                          56f09d086a3679e67227f2895810f2d9

                                                                                          SHA1

                                                                                          600c79efe391b163250e491a5cf715cb81cbb40a

                                                                                          SHA256

                                                                                          defab7824cfcaef0adbd39eb1f3d0f9c3924e521113fd7ecceef264c6f0b4daf

                                                                                          SHA512

                                                                                          8b6fcf3b33ea387ae9b171d5d8cf17eecb190e06e8eab6951d036b1103fbfcdbcdf3bdbc6af9259904f6a4e0b5d806c233cbe0a2b3387afc889fecb0f17583e8

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                          Filesize

                                                                                          65KB

                                                                                          MD5

                                                                                          076e8bef1b06c261610aa35aae1d01fa

                                                                                          SHA1

                                                                                          51f02f27b6a9d827bc04497a317e5942930f5ba4

                                                                                          SHA256

                                                                                          40346a6a96b5370e0142b2261746d328a04ca16fa73a223ea521215ec792ff68

                                                                                          SHA512

                                                                                          e42477f5f80b39759615d66b3b59420560c1f08399263884c61844021b2d1a407c571a67742c399d73958f79f7b4776ad1592b0c58fe139427f1f197c8769bee

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                                                                          Filesize

                                                                                          37KB

                                                                                          MD5

                                                                                          519005befdbc6eedc73862996b59a9f7

                                                                                          SHA1

                                                                                          e9bad4dc75c55f583747dbc4abd80a95d5796528

                                                                                          SHA256

                                                                                          603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

                                                                                          SHA512

                                                                                          b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\index

                                                                                          Filesize

                                                                                          256KB

                                                                                          MD5

                                                                                          d5292f937c5ccbc0941a7d64e74f1e3c

                                                                                          SHA1

                                                                                          4433a2102bcafbde1a1e97620386c741ffab36ba

                                                                                          SHA256

                                                                                          54782adfd00e6bfc17ae3c2e90ae0ac8f07db5373898dc2e456df7e6042aebce

                                                                                          SHA512

                                                                                          478d8a04f9148b482f25a29354c7632eaeb06f945b6791d338850e5253c8cc0b16371b3d4dc2453eeccf4df7bc6e729dfd86db4557522c1ae7c36325f29d00f7

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                          Filesize

                                                                                          48B

                                                                                          MD5

                                                                                          d7ef66f509aefc8027ca8e066ad59058

                                                                                          SHA1

                                                                                          54e6d4c88314129ac2a6fee421a5c12925c70293

                                                                                          SHA256

                                                                                          bcba38a55ac344d54717e9cb3d47fa3e2376a503104d45faea68ca5f37f9d22f

                                                                                          SHA512

                                                                                          f805a79b692228e55c0f35e24825a6e1e0bddafa7b6c6a6df37100951127e029e7ddc882fa004647f6fea28824fa7342ad30857710a3152e9909ba6755468fac

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                          Filesize

                                                                                          1008B

                                                                                          MD5

                                                                                          a5b2821e338aea47ba97b8f522eee9a8

                                                                                          SHA1

                                                                                          29af3683e8e342c5fc15b663b78be0ba49a550a5

                                                                                          SHA256

                                                                                          ea9543b34698996eac563a6d0fdc2248a2b877ee1a00ac8ab8e25b89a6bfe24e

                                                                                          SHA512

                                                                                          48ec8d6b4dd9dac30c0c65212339dd5ff097711f4fae7fab97b1eb91a54c80714f4770e962c3ffddc9dee01ba1e50b23508ec5abd132da4eb61be9aecbd0f4ce

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index

                                                                                          Filesize

                                                                                          48B

                                                                                          MD5

                                                                                          d7ef66f509aefc8027ca8e066ad59058

                                                                                          SHA1

                                                                                          54e6d4c88314129ac2a6fee421a5c12925c70293

                                                                                          SHA256

                                                                                          bcba38a55ac344d54717e9cb3d47fa3e2376a503104d45faea68ca5f37f9d22f

                                                                                          SHA512

                                                                                          f805a79b692228e55c0f35e24825a6e1e0bddafa7b6c6a6df37100951127e029e7ddc882fa004647f6fea28824fa7342ad30857710a3152e9909ba6755468fac

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

                                                                                          Filesize

                                                                                          20KB

                                                                                          MD5

                                                                                          49693267e0adbcd119f9f5e02adf3a80

                                                                                          SHA1

                                                                                          3ba3d7f89b8ad195ca82c92737e960e1f2b349df

                                                                                          SHA256

                                                                                          d76e7512e496b7c8d9fcd3010a55e2e566881dc6dacaf0343652a4915d47829f

                                                                                          SHA512

                                                                                          b4b9fcecf8d277bb0ccbb25e08f3559e3fc519d85d8761d8ad5bca983d04eb55a20d3b742b15b9b31a7c9187da40ad5c48baa7a54664cae4c40aa253165cbaa2

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

                                                                                          Filesize

                                                                                          70KB

                                                                                          MD5

                                                                                          e5e3377341056643b0494b6842c0b544

                                                                                          SHA1

                                                                                          d53fd8e256ec9d5cef8ef5387872e544a2df9108

                                                                                          SHA256

                                                                                          e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

                                                                                          SHA512

                                                                                          83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          46295cac801e5d4857d09837238a6394

                                                                                          SHA1

                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                          SHA256

                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                          SHA512

                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                          Filesize

                                                                                          279B

                                                                                          MD5

                                                                                          88f7d4ca3159754aee063902dc8caefe

                                                                                          SHA1

                                                                                          fc3807eecb601c21b998f352b068cdacdd3a137d

                                                                                          SHA256

                                                                                          08fccb7dc032ed15585540d34e10d6dcfd23f08b68ce2c94eecf36b1441588a9

                                                                                          SHA512

                                                                                          9eebc6c79ba1a4dbca10df70ffdcb14a5e7fd9fe57c6ed8363dc6839461ecb8bd5ccf6cb1adb34a043acaf40cf1010d0d80ccfe041d06e46c8987a30070d92ae

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001

                                                                                          Filesize

                                                                                          41B

                                                                                          MD5

                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                          SHA1

                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                          SHA256

                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                          SHA512

                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_0

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          cf89d16bb9107c631daabf0c0ee58efb

                                                                                          SHA1

                                                                                          3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                                          SHA256

                                                                                          d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                                          SHA512

                                                                                          8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

                                                                                          Filesize

                                                                                          264KB

                                                                                          MD5

                                                                                          f50f89a0a91564d0b8a211f8921aa7de

                                                                                          SHA1

                                                                                          112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                          SHA256

                                                                                          b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                          SHA512

                                                                                          bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_2

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          0962291d6d367570bee5454721c17e11

                                                                                          SHA1

                                                                                          59d10a893ef321a706a9255176761366115bedcb

                                                                                          SHA256

                                                                                          ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                          SHA512

                                                                                          f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3

                                                                                          Filesize

                                                                                          8KB

                                                                                          MD5

                                                                                          41876349cb12d6db992f1309f22df3f0

                                                                                          SHA1

                                                                                          5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                          SHA256

                                                                                          e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                          SHA512

                                                                                          e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index

                                                                                          Filesize

                                                                                          256KB

                                                                                          MD5

                                                                                          2a23c0c0c2b9c39fedec787cbb0cf77a

                                                                                          SHA1

                                                                                          c0f8bb001c1ac924f1d61417a2c8532bc6b01be8

                                                                                          SHA256

                                                                                          38f947cb5048794ea66d306be3e3855e4a8cb552aa19f1a35e294a9b64be97f8

                                                                                          SHA512

                                                                                          d9e66fadf158a291ea9964de889111445154eec589ed696c012995f3c891335ecf48428663204abf9b7098c85ea22bff5ca90fd37f84b8af632ee78709263dbf

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                          Filesize

                                                                                          124KB

                                                                                          MD5

                                                                                          65ba62c887f05eeb1bdda168794d9a92

                                                                                          SHA1

                                                                                          c230572651af7c90a6ab4dd432b4ed953ff91ea6

                                                                                          SHA256

                                                                                          7944a7d173f7cdc20c2980c6bd792de7f93cf8b27efb04928e8a916deffee242

                                                                                          SHA512

                                                                                          14f87d8be6f1952533b8f8eb797c3bb42e539d393085c3150da3aea79f3ad457565f8cebf456ecd72e44256ab5716e54c5fab5c5b48402a5baf79b6217d52587

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

                                                                                          Filesize

                                                                                          498B

                                                                                          MD5

                                                                                          fed0dc0e762a49d7442cb64a996a4b73

                                                                                          SHA1

                                                                                          75a788e7f9ae6dfca20dd424509e6c6e658728c8

                                                                                          SHA256

                                                                                          eed9f2a48103dad100f3ceb0bc389b9aa4090ecfc265c8fce728575e3c06f7b0

                                                                                          SHA512

                                                                                          7ca059b9cd12e763dfc37c6aff64662d89ebd93c204464df727881903d276dc69801b5aaa93e7eb9e2b345f1691bff15310dec47245c8278772ac3fb2ba0c430

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                          Filesize

                                                                                          28KB

                                                                                          MD5

                                                                                          ea5a9f8175bef110a6651f37dc8d10bb

                                                                                          SHA1

                                                                                          92cfc5e46cbdb572df9449d14e68e2f92074a1af

                                                                                          SHA256

                                                                                          fb77606e24ce12344b6c3d68767bb64cd3b6866c2b1636c7fb7cc3b5121531b9

                                                                                          SHA512

                                                                                          00c50ef45f06e6b2d08f6f90b35c26e52daffc6f7ec62acbda0abef9000ad1e8147140a9514c44e0de4826cc6f7173df199068e1feb92cfe39edebb73eafc767

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                          Filesize

                                                                                          331B

                                                                                          MD5

                                                                                          69c8fed26236899c99251feb2d1d9eb5

                                                                                          SHA1

                                                                                          016f6af7e72baa53951da0cd64771fa777876bbe

                                                                                          SHA256

                                                                                          91f9bfabb2bfa73046d8def0750531821b2726643884cc31f717e36f405b96ba

                                                                                          SHA512

                                                                                          a40443b7e2389d522c74d812979b2c01990452ac2208a6de8531dd980810ce939c450fb7182b8df1ca4d59d0202aca0a72e700aac9ab5ea8e6b91d350df2ddf4

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk

                                                                                          Filesize

                                                                                          2KB

                                                                                          MD5

                                                                                          d845aaceebe78e9788209b75a457be13

                                                                                          SHA1

                                                                                          f0d94f456acb905a63878687fd34590e5b104c6c

                                                                                          SHA256

                                                                                          b3055d63c460b605f4d3eef6c632d590852d7714508d36b174b4a54aaca30580

                                                                                          SHA512

                                                                                          45f2c0918f90e289105ffcda5198e0595564753a57f575eaa14f7582d0e515c91be256f13deccdd86003fa0f9b320302a1a981aa5698ac9b21373f9307fea4a0

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                          Filesize

                                                                                          111B

                                                                                          MD5

                                                                                          285252a2f6327d41eab203dc2f402c67

                                                                                          SHA1

                                                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                          SHA256

                                                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                          SHA512

                                                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                          Filesize

                                                                                          111B

                                                                                          MD5

                                                                                          285252a2f6327d41eab203dc2f402c67

                                                                                          SHA1

                                                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                          SHA256

                                                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                          SHA512

                                                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          5KB

                                                                                          MD5

                                                                                          7b065bef4f842024faad218f4fabb2a1

                                                                                          SHA1

                                                                                          5091e142bcded0ccf2c96940d43fed3ac46baf1e

                                                                                          SHA256

                                                                                          a06f470667ac104c28920c24181d603aa5e01c247053c06eb996a3d65e775adb

                                                                                          SHA512

                                                                                          4f593bcf165aaf100cbae1b4ffa75e5d6086af67b699da9cf65bfdbb815d65467877007dfa8495b9da7b3825ddd0385b49677d6c0ed4f364f8f3791a3d3451a0

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          5KB

                                                                                          MD5

                                                                                          7b065bef4f842024faad218f4fabb2a1

                                                                                          SHA1

                                                                                          5091e142bcded0ccf2c96940d43fed3ac46baf1e

                                                                                          SHA256

                                                                                          a06f470667ac104c28920c24181d603aa5e01c247053c06eb996a3d65e775adb

                                                                                          SHA512

                                                                                          4f593bcf165aaf100cbae1b4ffa75e5d6086af67b699da9cf65bfdbb815d65467877007dfa8495b9da7b3825ddd0385b49677d6c0ed4f364f8f3791a3d3451a0

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          4KB

                                                                                          MD5

                                                                                          70e6b2cda88727c628bc8be7d68f5e19

                                                                                          SHA1

                                                                                          46754159d2b33e74d5091da29eaafaae06f3f998

                                                                                          SHA256

                                                                                          ae408f48fabbd048e69a89bee103b115dad96622e7ccf4cdfbff894d009548b9

                                                                                          SHA512

                                                                                          a8e6a339f0e35a69f9e0ff4439ab9d6179e0678d625be2fb7b786c8bb38bd475de235fd1f8f7c186a5c66cce41e33b2379c98c03586a3ef32e40c78bf13e4900

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          6KB

                                                                                          MD5

                                                                                          c4ab0c4ea941f4f06ce37768132c1f43

                                                                                          SHA1

                                                                                          d1f53fe88664ce33dc65ffdcc9620926e3f34b38

                                                                                          SHA256

                                                                                          aaa6e52b790aef94c2df23ebe1bcb1ba49a98c1fa25b065e268884da29d01924

                                                                                          SHA512

                                                                                          f1104a9157f47fdcb3ab856069bcec973acbe087670212b2526366870f7ebbc0b6815ef5ba2259bc357ff673738b25bc8d59674afde417abac1811325db1046f

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          6KB

                                                                                          MD5

                                                                                          225a3153ee176c3bab98c1b44738a84a

                                                                                          SHA1

                                                                                          d0234e653933cb63cccee614c21678457ee2cb4e

                                                                                          SHA256

                                                                                          e5ec16f2da5f6c7c0103f11ba07714b81937aa0bb2160f629237fcbc210b7de9

                                                                                          SHA512

                                                                                          05ba286ab8b1a24a65a9f528ea92d8d53cf7a0b653f531f43568efe8d666f6ac513d07f4161c4d83e46d80f230a2cbbf3b3e5e31cbb5c05cc60f37bf847edaae

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          6KB

                                                                                          MD5

                                                                                          ed0e8fe0f9702cf494097142ee452bc3

                                                                                          SHA1

                                                                                          a20b03d9a1fbdaa29c4796bb565d704eaf612dd6

                                                                                          SHA256

                                                                                          1098912c92d68cecf841c8dabc45c05d0ef390db99fa8b0affcb778db7513992

                                                                                          SHA512

                                                                                          caf65406278e3599809244cd2467df4f8c523ec6dbfe4bcda59ccf01fb3aa4ec3d394c0294fa3bf396c21c102a45ce42c0cdba078efd7bc8d4af22cfc0197430

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                          Filesize

                                                                                          6KB

                                                                                          MD5

                                                                                          bda2dfe767725b2e776a92823f039a40

                                                                                          SHA1

                                                                                          fc5e2e6f1603579aab6a212a42a957386ee238cc

                                                                                          SHA256

                                                                                          c61174135ab2073d38a0f21006e20ffb683b701aaf0fd1d57354dfb56cac1ced

                                                                                          SHA512

                                                                                          5469bdb4c9540085852f206149af1011e0dae84ead7805ac217798b202afe7e136fa8606536d0a529f96b65c009db44e970b136719c551b3a62aeb0b1ac2a3a2

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL

                                                                                          Filesize

                                                                                          36KB

                                                                                          MD5

                                                                                          0247e46de79b6cd1bf08caf7782f7793

                                                                                          SHA1

                                                                                          b3a63ed5be3d8ec6e3949fc5e2d21d97acc873a6

                                                                                          SHA256

                                                                                          aad0053186875205e014ab98ae8c18a6233cb715dd3af44e7e8eb259aeab5eea

                                                                                          SHA512

                                                                                          148804598d2a9ea182bd2adc71663d481f88683ce3d672ce12a43e53b0d34fd70458be5aaa781b20833e963804e7f4562855f2d18f7731b7c2eaea5d6d52fbb6

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                          Filesize

                                                                                          24KB

                                                                                          MD5

                                                                                          945dc19d27eae064a025fba5c627b4b2

                                                                                          SHA1

                                                                                          2a49253adbcb1696bd12e973f8830eb8a41d9bcc

                                                                                          SHA256

                                                                                          99b6168866ab08089da33a7aa6fef7ac31324c387e9ede764ac81be9b29d3cfd

                                                                                          SHA512

                                                                                          db69c33c2180d6aa45dd93e79a9062dbf4720064efc2f9feb0128feef264faaec28d632e988b1b8b168283704e5650de942abb12f391a17ff30eb9eb106d730e

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                          Filesize

                                                                                          24KB

                                                                                          MD5

                                                                                          945dc19d27eae064a025fba5c627b4b2

                                                                                          SHA1

                                                                                          2a49253adbcb1696bd12e973f8830eb8a41d9bcc

                                                                                          SHA256

                                                                                          99b6168866ab08089da33a7aa6fef7ac31324c387e9ede764ac81be9b29d3cfd

                                                                                          SHA512

                                                                                          db69c33c2180d6aa45dd93e79a9062dbf4720064efc2f9feb0128feef264faaec28d632e988b1b8b168283704e5650de942abb12f391a17ff30eb9eb106d730e

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                          Filesize

                                                                                          24KB

                                                                                          MD5

                                                                                          130644a5f79b27202a13879460f2c31a

                                                                                          SHA1

                                                                                          29e213847a017531e849139c7449bce6b39cb2fa

                                                                                          SHA256

                                                                                          1306a93179e1eaf354d9daa6043ae8ffb37b76a1d1396e7b8df671485582bcd1

                                                                                          SHA512

                                                                                          fbc8606bf988cf0a6dea28c16d4394c9b1e47f6b68256132b5c85caf1ec7b516c0e3d33034db275adf267d5a84af2854f50bd38a9ed5e86eb392144c63252e01

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                          Filesize

                                                                                          90B

                                                                                          MD5

                                                                                          20d8366e4a7cec4bdc652be18ad8dd19

                                                                                          SHA1

                                                                                          7333ac2784e254df055ca91b239991a580c0eade

                                                                                          SHA256

                                                                                          abdee270d66557ef8e36ed21e02342f0b3e74a8cc6d605b4a81e864334a90534

                                                                                          SHA512

                                                                                          bf82551932ecd6c374d6a6c56decf65882fcbca53e281ecb494ca3f8006ad1c2494f20fb65df0408f0a3bf43c1fbe7160b5a5390898698733ef5b23d0a885239

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                          Filesize

                                                                                          26B

                                                                                          MD5

                                                                                          2892eee3e20e19a9ba77be6913508a54

                                                                                          SHA1

                                                                                          7c4ef82faa28393c739c517d706ac6919a8ffc49

                                                                                          SHA256

                                                                                          4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

                                                                                          SHA512

                                                                                          b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58b9a6.TMP

                                                                                          Filesize

                                                                                          90B

                                                                                          MD5

                                                                                          81dc0ecd22f57c9c2bc214aa60dbc492

                                                                                          SHA1

                                                                                          2fe1ccf390bbfa4e83b017a81822d6cc116ac59e

                                                                                          SHA256

                                                                                          fb9714ac2ef17f0cbbaec00d1c7e7f2dade251254919d0cdfb035538160b2406

                                                                                          SHA512

                                                                                          2bc5b62e6b71c0f863ba59f49524071665c7bb4cd10a3ed2ad010bc0dce91845c7e9f00d841e2b0f429007d4ed75a41aee2df7fad1edf8ded9f772da9b4bf9d1

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                          Filesize

                                                                                          118B

                                                                                          MD5

                                                                                          7733303dbe19b64c38f3de4fe224be9a

                                                                                          SHA1

                                                                                          8ca37b38028a2db895a4570e0536859b3cc5c279

                                                                                          SHA256

                                                                                          b10c1ba416a632cd57232c81a5c2e8ee76a716e0737d10eabe1d430bec50739d

                                                                                          SHA512

                                                                                          e8cd965bca0480db9808cb1b461ac5bf5935c3cbf31c10fdf090d406f4bc4f3187d717199dcf94197b8df24c1d6e4ff07241d8cfffd9aee06cce9674f0220e29

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          46295cac801e5d4857d09837238a6394

                                                                                          SHA1

                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                          SHA256

                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                          SHA512

                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                          Filesize

                                                                                          281B

                                                                                          MD5

                                                                                          27028dc748cced83efb24d801ce31a1c

                                                                                          SHA1

                                                                                          26556fc2d1ca305bdc4b0ef05c75e37d80a8a9ab

                                                                                          SHA256

                                                                                          376b6312cb29b1471b06d45f20e8885dbbb45fed025e9edfeac7b48033354f85

                                                                                          SHA512

                                                                                          93201c462c9b6aa5e26be7107913c0db9876116fbd99bfcce95927b049587b1daeb8865084c10508be9da3b15e04d584f9f777f3c83442e508e83899da94b2fc

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001

                                                                                          Filesize

                                                                                          41B

                                                                                          MD5

                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                          SHA1

                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                          SHA256

                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                          SHA512

                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13327707459975434

                                                                                          Filesize

                                                                                          1KB

                                                                                          MD5

                                                                                          22df44392b54da4b80dea0b45acb74bb

                                                                                          SHA1

                                                                                          5a870a46f5266b587138560788e576bb4eb3fae6

                                                                                          SHA256

                                                                                          c4b919259df59afb772807b943f8d6f7c9a376968fd42d7a6b35f4d351557a49

                                                                                          SHA512

                                                                                          5cd25836b1115d7b976fd829efb85972e52ac1319f61125b1305566345014a7957797053151b69a6f2f30e021dea15ccff20f3daece4f21eefcad4ce54103973

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13327707468464434

                                                                                          Filesize

                                                                                          877B

                                                                                          MD5

                                                                                          63111cea0c7702178b6cb22a857c59e4

                                                                                          SHA1

                                                                                          edb1648bd742c61d65645c03bc81b5f0043b3cc1

                                                                                          SHA256

                                                                                          b9ab6a4617a833d4f09c4bf98844eb4be27a4bdd8673cb1605d0bd8d380c5502

                                                                                          SHA512

                                                                                          2bf9ba796b593ef336e5a03eb555d01cb7101e0bfc581c75301656fc3d7dbe64dc638a15531b44f48125d52a7c0d8809f7b29a8ec2c9d3f8c243bd239458400d

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                          Filesize

                                                                                          350B

                                                                                          MD5

                                                                                          0e9b1fc469462567b1f64aa797fdcdfd

                                                                                          SHA1

                                                                                          410eccf851dbffe969516c0d36364a0b76f5408c

                                                                                          SHA256

                                                                                          4eb23ca4e0bdb648faba80c4c8721c4e39ccc719993eeae0cb674e448f1f0455

                                                                                          SHA512

                                                                                          551b5aeb4935a334f9287426534694b6986034cff029d9e565978341064bd75502ed4cd9568eb874b1397e40238daf0bd0613854b018ac3e217a96da957a8eb5

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                          Filesize

                                                                                          323B

                                                                                          MD5

                                                                                          3627de84e0e58cfe2bfab3c232a66710

                                                                                          SHA1

                                                                                          cf5b382612f9b16ac75b91793a7ca3a9f22a3940

                                                                                          SHA256

                                                                                          7337282c1492a36affaab92dab777e44bd6772034b04b02a1a5a705f09b04a80

                                                                                          SHA512

                                                                                          157d3c28e801c470be6050ec3170b1411babcdb3754bea06c33e3f2e4d6bf510cce0c51d3e35c6341c160f99460cd4123b6cde048e44967f250c5ce3e691a960

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites

                                                                                          Filesize

                                                                                          20KB

                                                                                          MD5

                                                                                          f44dc73f9788d3313e3e25140002587c

                                                                                          SHA1

                                                                                          5aec4edc356bc673cba64ff31148b934a41d44c4

                                                                                          SHA256

                                                                                          2002c1e5693dd638d840bb9fb04d765482d06ba3106623ce90f6e8e42067a983

                                                                                          SHA512

                                                                                          e556e3c32c0bc142b08e5c479bf31b6101c9200896dd7fcd74fdd39b2daeac8f6dc9ba4f09f3c6715998015af7317211082d9c811e5f9e32493c9ecd888875d7

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                          Filesize

                                                                                          372B

                                                                                          MD5

                                                                                          0fbda733ec4a891f9b6e40ced39ba35b

                                                                                          SHA1

                                                                                          e3e8be9651bfd7a703f114823c077660744753be

                                                                                          SHA256

                                                                                          5f78bf90aac446dc5ceb3a764ce7db1573bde23221004efd4d7fe38492cf381b

                                                                                          SHA512

                                                                                          42186ef7a7f0555a4d77087d4867278b22976d099b5b8204ab3a137337a4725702075c21bcba0c15d12d3bbc79ed0f936f11d9eb952f29e76de932700ed62be4

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                          Filesize

                                                                                          372B

                                                                                          MD5

                                                                                          24c6433f078d816634ad82e391cc26bf

                                                                                          SHA1

                                                                                          2b6ab19cad098f30be74162b81e04d856fe327af

                                                                                          SHA256

                                                                                          7047030c1145decd1e900c6e0e3b67eb6dbe953d1628e2bbd5571d4a3feb0a18

                                                                                          SHA512

                                                                                          2ab7f2bb5b58d7398a578e44d31ca67be00c32072bdd036c609ee14c22f83fb574dcf53894daf120f7299a4c88c90db44736177bc63606dccd8fc3a8d350f237

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                          Filesize

                                                                                          372B

                                                                                          MD5

                                                                                          7d76ba0ee9a75d9723f0b1c5a6062579

                                                                                          SHA1

                                                                                          d42fa0e69d013ddc92197e574a878161a67c3886

                                                                                          SHA256

                                                                                          533f800e53751fc13ba4eaf9403b38cabc226c488ae00f3bb4eb45915932bec0

                                                                                          SHA512

                                                                                          ea0fc59b21b8f8ac226547df9128bbcf9f477e007f16aa348ba9d36c050548581708f3883cda5f50f51e3efdb07ede7265b63b3523b1025523dd6bff9a508f1f

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584513.TMP

                                                                                          Filesize

                                                                                          372B

                                                                                          MD5

                                                                                          842df93b88989c163b4830086c6cae30

                                                                                          SHA1

                                                                                          1ad06cb8be2d8520e7ac972097fc53bfe785fbd9

                                                                                          SHA256

                                                                                          a13edc89c080fb3b1ecfa87fe3b5754bfb1be4ab3cd33afd210f0297d21bd2b1

                                                                                          SHA512

                                                                                          f8b8796e47a5cd29d6ff85d0d181e20f83bcf44d53d6062d2586be1ac8de68e849f64464e7b9d0f1dc385973c863b5ea6468f5cca43c677cd4ec6c72cc2f4075

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                          Filesize

                                                                                          128KB

                                                                                          MD5

                                                                                          9cdea81efe326d00eadc9b4e5f1f641c

                                                                                          SHA1

                                                                                          f6101e09c5f45f97fc4f10f2765028349b36c0f7

                                                                                          SHA256

                                                                                          faa64c11157fd4800333a5ca0e1ac328d130079c042b668586c5c5c277cc33b2

                                                                                          SHA512

                                                                                          7a9254e8c8755f4d420d51293ff8c9d82d9781a550ce45a7a6832e201a14b98908bde618d97b5c87ac051b4ef588de252d7e1a0dddb024f434a4a3dd485077ba

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                          Filesize

                                                                                          116KB

                                                                                          MD5

                                                                                          f70aa3fa04f0536280f872ad17973c3d

                                                                                          SHA1

                                                                                          50a7b889329a92de1b272d0ecf5fce87395d3123

                                                                                          SHA256

                                                                                          8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8

                                                                                          SHA512

                                                                                          30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d7cf69d2-2751-4e35-a306-d7fb5880802a.tmp

                                                                                          Filesize

                                                                                          6KB

                                                                                          MD5

                                                                                          9c7f6e3c94f04ab2bf855e7b7eacd838

                                                                                          SHA1

                                                                                          5f260ae3def12b6631ab2b56bc069dcfdbcf1e48

                                                                                          SHA256

                                                                                          dcf43dad4f80c86bd1fa4d3dfc19fac9b8126eeac4134b77226e58be3b3d9723

                                                                                          SHA512

                                                                                          061a56c4b917887bd5b44fccc0905c11871006de14c7f2d6fe2aabb53b4bf46a024d8306551f385c5f44730a1d9cfb1cdb73246ce947df6cda9b61f4c2292e11

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          206702161f94c5cd39fadd03f4014d98

                                                                                          SHA1

                                                                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                          SHA256

                                                                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                          SHA512

                                                                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                          SHA1

                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                          SHA256

                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                          SHA512

                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

                                                                                          Filesize

                                                                                          44KB

                                                                                          MD5

                                                                                          7b146daee0e9e7f169a12557c240b9b8

                                                                                          SHA1

                                                                                          408d2dbd584d4fa2569422a5dd2f7f2422babbc8

                                                                                          SHA256

                                                                                          008f54e9b34be399d1ab2b4fe23ef687e470fdcade41bc1a94aaf1b58c27db8d

                                                                                          SHA512

                                                                                          044321550c8f6f096d5fa285b337da7257e7dc8052c18123fd1d033242a0ca29e93b4e4eb6a94fb5a4000cbd6bd9b25db3c869be84820c74948a3c5e17ec0ff4

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          46295cac801e5d4857d09837238a6394

                                                                                          SHA1

                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                          SHA256

                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                          SHA512

                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                          Filesize

                                                                                          187B

                                                                                          MD5

                                                                                          d1f25aec3c378eb1d14309d0616b6314

                                                                                          SHA1

                                                                                          cd06f8c86a34d41c1b628a26104092f60195c02d

                                                                                          SHA256

                                                                                          b1260a25f06815a3506806a5e91085bb95717ac0cc6a3b3e162140857ee6bdb1

                                                                                          SHA512

                                                                                          d9c0e7259a85e5fa991f7a1a670d8a2c16b8f1fd109b100881aac4d7a068baf931659f150546ff80d57c724e1501cd6e6ce4b1610b0fb653e7c1e14b5432c6fb

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          46295cac801e5d4857d09837238a6394

                                                                                          SHA1

                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                          SHA256

                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                          SHA512

                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                          Filesize

                                                                                          279B

                                                                                          MD5

                                                                                          570968e9e4a3b9adc84e893b848dc791

                                                                                          SHA1

                                                                                          a43822a443bd6cc66ce95ee5862fb703d6b46992

                                                                                          SHA256

                                                                                          9f563d8c05b3bd4d57d1e04df8c733b24b7a25f6085da57b7e601d696cfebfae

                                                                                          SHA512

                                                                                          c43ec8335df3a25a5c7ff88c4e8ff07748968e811f59bca2c4ff914b1edc60658f07304aedcf72840093d4e62aa3d4fd2eff13a87ada607a673cb2b6858d40ee

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

                                                                                          Filesize

                                                                                          41B

                                                                                          MD5

                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                          SHA1

                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                          SHA256

                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                          SHA512

                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

                                                                                          Filesize

                                                                                          41B

                                                                                          MD5

                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                          SHA1

                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                          SHA256

                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                          SHA512

                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                          Filesize

                                                                                          531B

                                                                                          MD5

                                                                                          53100910a82c0e43161d44f627fa816e

                                                                                          SHA1

                                                                                          619425f62a721a8a36fa0ea5d0d99209073fd316

                                                                                          SHA256

                                                                                          3d3be2a732c34364087885446f37473b3f2298aea282c86a2420672e06e8d677

                                                                                          SHA512

                                                                                          eec46f1db758b665b83662c94cb2d21f3da756e7f794f7b870ee97ac81e0a8b8825987f87f147a1dc6d4699a9541cb5f85a5ac9b6ff21fcf0425cd25fb8e7992

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

                                                                                          Filesize

                                                                                          16B

                                                                                          MD5

                                                                                          46295cac801e5d4857d09837238a6394

                                                                                          SHA1

                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                          SHA256

                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                          SHA512

                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                          Filesize

                                                                                          297B

                                                                                          MD5

                                                                                          749f659e4cc648f2596219688c27cbc4

                                                                                          SHA1

                                                                                          cc90e2a17314f5f9aa46774663d54f7b8c76db6b

                                                                                          SHA256

                                                                                          3008a01e7158f53cea9adf78a08755ebb28013961105163d936afbb8465bcaed

                                                                                          SHA512

                                                                                          4f79ab6675a473dbc50cd360e4655911f13da5e3f6e7aff1571e3adc0da4e27762107a330e7c05ed43ee6069ba11288ef3d0d82d33a365ca866aaeb785b3e70b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                          Filesize

                                                                                          41B

                                                                                          MD5

                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                          SHA1

                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                          SHA256

                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                          SHA512

                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

                                                                                          Filesize

                                                                                          264KB

                                                                                          MD5

                                                                                          f50f89a0a91564d0b8a211f8921aa7de

                                                                                          SHA1

                                                                                          112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                          SHA256

                                                                                          b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                          SHA512

                                                                                          bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                          Filesize

                                                                                          11B

                                                                                          MD5

                                                                                          838a7b32aefb618130392bc7d006aa2e

                                                                                          SHA1

                                                                                          5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                          SHA256

                                                                                          ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                          SHA512

                                                                                          9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                          Filesize

                                                                                          10KB

                                                                                          MD5

                                                                                          bdf2e42f8715e744c6bf4e2bab2991f1

                                                                                          SHA1

                                                                                          d5b9ad1904a0533858f2579246e2f29bbf697093

                                                                                          SHA256

                                                                                          655eec42d0f482fc65b98c66135b5336c48498b5626d4a46aad5fb86df1be134

                                                                                          SHA512

                                                                                          94a5bbfa922caf9e82a7bba6fbfe8b4f13711ee7ca82e141be0c90f19fe7b54f3829fa14e3c655ce7c66f4ba5e798872b0efaa6f6a8b6ee097f1e278f816c759

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                          Filesize

                                                                                          13KB

                                                                                          MD5

                                                                                          a146bb05d240af6c858fa709e948fbe1

                                                                                          SHA1

                                                                                          0928e4db7f6dd065d995d78a87ab6e8d1ed6e2a3

                                                                                          SHA256

                                                                                          31cc6d3aadf3a6b752e13ad322d352091615500c108e52869e94b422838d0262

                                                                                          SHA512

                                                                                          e27a164f7fbc5a986473f0a2f05873460e530d3257b75170f68a087bbd2488b56c464cd030dfc94a50a8a3190c37e30e24ba84a3d7ed949260f73e7a83be5152

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                          Filesize

                                                                                          10KB

                                                                                          MD5

                                                                                          6cbce9281053c0760b88911ed7e67069

                                                                                          SHA1

                                                                                          e081db49fe74081aa4ef017da11a95d40975f733

                                                                                          SHA256

                                                                                          5aca0266b8b60d6b66e6e4cb8cab4ba683242305320a4d353a9eec4e153b0c19

                                                                                          SHA512

                                                                                          44089b84af7ba9dd2f34831f11cdae39221d02749a8b5ec892018e40f5f69df36cb1a9859bdc3084e3e1d007bb7564559fce3cbf9a8f9aa5bedf14f1798daba1

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                          Filesize

                                                                                          10KB

                                                                                          MD5

                                                                                          6cbce9281053c0760b88911ed7e67069

                                                                                          SHA1

                                                                                          e081db49fe74081aa4ef017da11a95d40975f733

                                                                                          SHA256

                                                                                          5aca0266b8b60d6b66e6e4cb8cab4ba683242305320a4d353a9eec4e153b0c19

                                                                                          SHA512

                                                                                          44089b84af7ba9dd2f34831f11cdae39221d02749a8b5ec892018e40f5f69df36cb1a9859bdc3084e3e1d007bb7564559fce3cbf9a8f9aa5bedf14f1798daba1

                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

                                                                                          Filesize

                                                                                          264KB

                                                                                          MD5

                                                                                          f50f89a0a91564d0b8a211f8921aa7de

                                                                                          SHA1

                                                                                          112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                          SHA256

                                                                                          b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                          SHA512

                                                                                          bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                          Filesize

                                                                                          3KB

                                                                                          MD5

                                                                                          6ed669d61c8192adba84078dd701afd7

                                                                                          SHA1

                                                                                          59999fa31748fa78bc0208d79da99d4966dd92b1

                                                                                          SHA256

                                                                                          9996a5d9652e99a9031b62ba590ade406d8ad3b18fb9eadfb15e385836c414a7

                                                                                          SHA512

                                                                                          700ca5c480d91f45128d2a5217936d9458f4f6a5d6f25e7a3dd13dade4c12f752b3f03c957e4ceb2d42636349a48d64ed178765bdb2d5c00a091432d65c21637

                                                                                        • C:\note.txt

                                                                                          Filesize

                                                                                          218B

                                                                                          MD5

                                                                                          afa6955439b8d516721231029fb9ca1b

                                                                                          SHA1

                                                                                          087a043cc123c0c0df2ffadcf8e71e3ac86bbae9

                                                                                          SHA256

                                                                                          8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270

                                                                                          SHA512

                                                                                          5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

                                                                                        We care about your privacy.

                                                                                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.