Analysis Overview
SHA256
976790c0cee5b9a2a264fdaadc28de45827047ae2448ee3be6df7fbde7baadd9
Threat Level: Likely malicious
The file Clicker - TobiaszGaming.exe was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Registers COM server for autorun
Drops file in System32 directory
Drops file in Windows directory
Unsigned PE
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Modifies registry class
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-02 23:17
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-02 23:17
Reported
2024-03-02 23:20
Platform
win10v2004-20240226-en
Max time kernel
137s
Max time network
132s
Command Line
Signatures
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{8A69D345-D564-463C-AFF1-A69D9E530F96} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LOCALSERVER32 | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\Recovery\ReAgent.xml | C:\Windows\system32\bootim.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\system32\bootim.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\system32\bootim.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\system32\bootim.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\system32\bootim.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "156" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{D674391B-52D9-4E07-834E-67C98610F39D}\IconSize = "16" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" | C:\Windows\explorer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 0c0001008421de39080000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-983155329-280873152-1838004294-1000\{DE0FE95B-91C7-433E-BCB5-FC0FFB3534B3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed." | C:\Windows\explorer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0 | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CHROMEHTML\APPLICATION | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Windows\explorer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\shell | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." | C:\Windows\explorer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f706806ee260aa0d7449371beb064c986830000 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Windows\explorer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8} | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" | C:\Windows\explorer.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\system32\bootim.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe
"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7360 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7044 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --uninstall --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6e4157688,0x7ff6e4157698,0x7ff6e41576a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --uninstall
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffba3279758,0x7ffba3279768,0x7ffba3279778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://support.google.com/chrome?p=chrome_uninstall_survey&crversion=106.0.5249.119&os=10.0.19041
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa38dd855 /state1:0x41c64e6d
C:\Windows\system32\bootim.exe
bootim.exe /startpage:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.speedtest.net | udp |
| US | 104.18.203.232:80 | www.speedtest.net | tcp |
| US | 104.18.203.232:80 | www.speedtest.net | tcp |
| US | 104.18.203.232:443 | www.speedtest.net | tcp |
| US | 8.8.8.8:53 | cdn.ziffstatic.com | udp |
| US | 8.8.8.8:53 | b.cdnst.net | udp |
| GB | 2.16.153.162:443 | cdn.ziffstatic.com | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 8.8.8.8:53 | 219.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.203.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.131.236:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.static.zdbb.net | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.131.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| GB | 92.123.26.32:443 | cdn.static.zdbb.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 104.18.131.236:443 | cdn.cookielaw.org | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 54.86.142.225:443 | rp.liadm.com | tcp |
| US | 8.8.8.8:53 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedlon.hyperoptic.com | udp |
| US | 8.8.8.8:53 | speedtest.upp.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | lg-lon.fdcservers.net | udp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | speedtest.noone.co.uk.prod.hosts.ooklaserver.net | udp |
| GB | 193.3.26.19:8080 | speedtest.upp.com.prod.hosts.ooklaserver.net | tcp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 93.113.26.250:8080 | speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.214:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 188.94.45.252:8080 | speedtest.noone.co.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 50.7.152.4:8080 | lg-lon.fdcservers.net | tcp |
| US | 8.8.8.8:53 | gurgle.speedtest.net | udp |
| US | 8.8.8.8:53 | zdbb.net | udp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 3.232.250.157:443 | gurgle.speedtest.net | tcp |
| IE | 52.209.62.127:443 | zdbb.net | tcp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.26.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.142.86.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.112.37.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.101.10.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.26.113.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.26.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.12.22.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.46.92.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.111.87.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.45.94.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.82.148.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.152.7.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gurgle.zdbb.net | udp |
| US | 18.215.19.117:443 | gurgle.zdbb.net | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | tags.bkrtx.com | udp |
| US | 8.8.8.8:53 | jogger.zdbb.net | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs-simple.com | tcp |
| DE | 52.28.203.152:443 | c2shb.pubgw.yahoo.com | tcp |
| DE | 52.28.203.152:443 | c2shb.pubgw.yahoo.com | tcp |
| DE | 52.28.203.152:443 | c2shb.pubgw.yahoo.com | tcp |
| DE | 52.28.203.152:443 | c2shb.pubgw.yahoo.com | tcp |
| DE | 52.28.203.152:443 | c2shb.pubgw.yahoo.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| US | 50.16.170.133:443 | jogger.zdbb.net | tcp |
| GB | 23.207.215.130:443 | tags.bkrtx.com | tcp |
| US | 8.8.8.8:53 | cdn.krxd.net | udp |
| US | 151.101.2.133:443 | cdn.krxd.net | tcp |
| US | 8.8.8.8:53 | 127.62.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.250.232.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.19.215.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.215.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.203.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | secure-us.imrworldwide.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| IE | 54.229.27.244:443 | secure-us.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stags.bluekai.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 2.19.169.14:443 | stags.bluekai.com | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 11b3e3d762e42b21bb08d287ed40dc25.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | 11b3e3d762e42b21bb08d287ed40dc25.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | cdn-gl.imrworldwide.com | udp |
| GB | 108.156.46.26:443 | cdn-gl.imrworldwide.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | bee.imrworldwide.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 108.156.46.27:443 | bee.imrworldwide.com | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 130.215.207.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.170.16.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.27.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kqyqyf0kv4qzfmrbt259frpzgflf51709421510.nuid.imrworldwide.com | udp |
| GB | 216.137.44.109:443 | kqyqyf0kv4qzfmrbt259frpzgflf51709421510.nuid.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 109.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| NL | 185.235.87.99:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.47:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ookla-d.openx.net | udp |
| US | 8.8.8.8:53 | idx.liadm.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 34.98.64.218:443 | ookla-d.openx.net | tcp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 34.239.212.226:443 | idx.liadm.com | tcp |
| GB | 2.17.5.216:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 213.19.162.80:443 | token.rubiconproject.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.5.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.239.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 93.113.26.250:8080 | speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 93.113.26.250:8080 | speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.161:443 | th.bing.com | tcp |
| GB | 92.123.128.149:443 | th.bing.com | tcp |
| GB | 92.123.128.149:443 | th.bing.com | tcp |
| GB | 92.123.128.161:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 161.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.74:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | namemc.com | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 104.22.78.227:443 | namemc.com | tcp |
| US | 104.22.78.227:443 | namemc.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | s.namemc.com | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.mgr.consensu.org | udp |
| US | 8.8.8.8:53 | kumo.network-n.com | udp |
| GB | 143.244.38.136:443 | kumo.network-n.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.22.78.227:443 | s.namemc.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | d322cqt584bo4o.cloudfront.net | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 199.232.56.157:443 | platform.twitter.com | tcp |
| GB | 18.165.227.38:443 | d322cqt584bo4o.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 227.78.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.56.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.227.165.18.in-addr.arpa | udp |
| GB | 143.244.38.136:443 | kumo.network-n.com | tcp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 8.8.8.8:53 | z.moatads.com | udp |
| US | 104.22.34.123:443 | static.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| GB | 96.16.109.251:443 | z.moatads.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | boot.pbstck.com | udp |
| US | 8.8.8.8:53 | static.anonymised.io | udp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| GB | 18.244.179.121:443 | cdn.privacy-mgmt.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 34.107.217.107:443 | static.anonymised.io | tcp |
| US | 172.67.25.151:443 | boot.pbstck.com | tcp |
| GB | 95.100.246.12:443 | tg1.aniview.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 104.22.34.123:443 | static.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | track.kueezrtb.com | udp |
| US | 8.8.8.8:53 | gtrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 34.107.217.107:443 | static.anonymised.io | udp |
| US | 104.22.35.123:443 | gtrack.kueezrtb.com | tcp |
| US | 104.244.42.72:443 | syndication.twitter.com | tcp |
| US | 104.22.34.123:443 | gtrack.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| GB | 18.244.179.121:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | cdn.pbstck.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 8.8.8.8:53 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | aegis.anonymised.io | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | track1.aniview.com | udp |
| US | 34.117.250.57:443 | material.anonymised.io | tcp |
| US | 8.8.8.8:53 | intake.pbstck.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 34.107.217.107:443 | aegis.anonymised.io | tcp |
| US | 96.46.186.186:443 | track1.aniview.com | tcp |
| GB | 95.101.143.160:443 | feed.avplayer.com | tcp |
| GB | 104.91.71.145:443 | player.avplayer.com | tcp |
| US | 34.117.250.57:443 | material.anonymised.io | udp |
| US | 34.107.217.107:443 | aegis.anonymised.io | udp |
| US | 8.8.8.8:53 | mb.moatads.com | udp |
| GB | 132.226.214.62:443 | mb.moatads.com | tcp |
| US | 8.8.8.8:53 | 123.34.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.217.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.179.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.25.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.246.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.0.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.250.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.syndication.twimg.com | udp |
| PL | 93.184.220.70:443 | cdn.syndication.twimg.com | tcp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | 62.214.226.132.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| NL | 185.89.210.20:443 | ib.adnxs-simple.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | pre.ads.justpremium.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | exchange.kueezrtb.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tag.wknd.ai | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 18.165.201.58:443 | sb.scorecardresearch.com | tcp |
| DE | 52.29.248.8:443 | tlx.3lift.com | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| DE | 91.228.74.251:443 | secure.quantserve.com | tcp |
| DE | 3.124.161.171:443 | pre.ads.justpremium.com | tcp |
| GB | 52.84.90.86:443 | config.aps.amazon-adsystem.com | tcp |
| IE | 52.209.39.79:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 147.182.142.170:443 | exchange.kueezrtb.com | tcp |
| US | 147.182.142.170:443 | exchange.kueezrtb.com | tcp |
| US | 147.182.142.170:443 | exchange.kueezrtb.com | tcp |
| US | 147.182.142.170:443 | exchange.kueezrtb.com | tcp |
| US | 34.120.253.250:443 | tag.wknd.ai | tcp |
| IE | 52.50.112.109:443 | hb.yellowblue.io | tcp |
| GB | 2.19.152.155:443 | secure.cdn.fastclick.net | tcp |
| GB | 18.154.77.98:443 | aax.amazon-adsystem.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| GB | 18.165.201.38:443 | tags.crwdcntrl.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | api.bounceexchange.com | udp |
| US | 8.8.8.8:53 | assets.bounceexchange.com | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 34.111.8.32:443 | api.bounceexchange.com | tcp |
| US | 8.8.8.8:53 | events.bouncex.net | udp |
| DE | 91.228.74.251:443 | secure.quantserve.com | tcp |
| IE | 52.209.39.79:443 | ap.lijit.com | tcp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | tcp |
| GB | 18.154.77.98:443 | aax.amazon-adsystem.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| IE | 34.246.36.174:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| GB | 18.245.187.38:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | ed88d1eea085af4a6e463984ce2038c4.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 34.111.8.32:443 | events.bouncex.net | tcp |
| US | 34.111.8.32:443 | events.bouncex.net | tcp |
| US | 8.8.8.8:53 | 58.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.253.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.248.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.161.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.112.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.152.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.8.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.142.182.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.72.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.39.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.77.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.36.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.187.245.18.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 34.111.8.32:443 | events.bouncex.net | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | contextual-analytics.wunderkind.co | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.admanmedia.com | udp |
| US | 8.2.110.17:443 | sync.admanmedia.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 104.22.0.93:443 | intake.pbstck.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 17.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 184.2.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.mgr.consensu.org | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.47:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.99:443 | gem.gbc.criteo.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 34.111.8.32:443 | contextual-analytics.wunderkind.co | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 89.149.192.245:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| NL | 89.149.192.200:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.192.200:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 89.149.192.200:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | a845820c3884a5589ccf0cf4d81f8c26.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 104.22.69.131:443 | csync.smilewanted.com | tcp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 245.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.69.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | cdn-geuw1-xch.media.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| GB | 95.100.244.20:443 | warp.media.net | tcp |
| GB | 95.100.244.20:443 | warp.media.net | tcp |
| GB | 95.100.244.20:443 | warp.media.net | tcp |
| GB | 95.100.244.20:443 | warp.media.net | tcp |
| GB | 88.221.134.90:443 | qsearch-a.akamaihd.net | tcp |
| GB | 104.91.71.145:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 142.250.179.230:443 | s0.2mdn.net | tcp |
| GB | 88.221.134.90:443 | qsearch-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.230:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 104.91.71.139:443 | content1.avplayer.com | tcp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | go1.aniview.com | udp |
| GB | 142.250.178.2:443 | googleads4.g.doubleclick.net | udp |
| US | 173.0.146.6:443 | go1.aniview.com | tcp |
| US | 8.8.8.8:53 | 139.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.146.0.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| FR | 154.54.250.150:443 | ads.stickyadstv.com | tcp |
| FR | 154.54.250.150:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | inv-nets.admixer.net | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 104.91.71.139:443 | content1.avplayer.com | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | sync.kueezrtb.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | networkn-d.openx.net | udp |
| GB | 96.16.108.246:443 | acdn.adnxs.com | tcp |
| GB | 2.17.4.21:443 | contextual.media.net | tcp |
| US | 142.93.124.30:443 | sync.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 96.46.186.176:443 | s2s.aniview.com | tcp |
| US | 8.8.8.8:53 | 150.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.167.202.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 213.19.162.80:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | 21.4.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.108.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.124.93.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.186.46.96.in-addr.arpa | udp |
| IE | 52.211.35.42:443 | rtb.gumgum.com | tcp |
| IE | 52.211.35.42:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 142.250.180.10:443 | imasdk.googleapis.com | tcp |
| GB | 142.250.180.10:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 42.35.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.justpremium.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| DK | 37.157.3.20:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 96.46.186.15:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| JP | 211.120.53.204:443 | tg.socdm.com | tcp |
| IE | 34.254.110.70:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.205.227.51:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 52.87.49.60:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| JP | 211.120.53.204:443 | tg.socdm.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 15.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.110.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.227.205.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.49.87.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.53.120.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| NL | 213.19.162.71:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 81.17.55.113:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | 71.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| FR | 5.135.209.100:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| DE | 3.69.82.17:443 | rtb.mfadsrvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | aniview-d.openx.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| IE | 52.30.150.129:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| DE | 57.129.18.121:443 | wt.rqtrk.eu | tcp |
| DE | 52.57.57.202:443 | match.sharethrough.com | tcp |
| DE | 52.57.57.202:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.82.69.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.150.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| NL | 35.214.247.195:443 | csync.loopme.me | tcp |
| IE | 52.19.9.47:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 121.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.57.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.247.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.9.19.52.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.mgr.consensu.org | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.47:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.99:443 | gem.gbc.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 18.184.215.206:443 | btlr.sharethrough.com | tcp |
| NL | 213.19.162.21:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | ed22e35de65ad6dfb07322d90532a38f.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | us.ck-ie.com | udp |
| US | 8.2.110.97:443 | us.ck-ie.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 54.216.78.237:443 | ce.lijit.com | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 237.78.216.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| IE | 52.211.253.53:443 | ads.yieldmo.com | tcp |
| US | 54.205.227.51:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 53.253.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.google.com | udp |
| GB | 142.250.187.206:443 | support.google.com | tcp |
| GB | 142.250.187.206:443 | support.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | tools.google.com | udp |
| GB | 216.58.204.78:443 | tools.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.213.14:443 | apis.google.com | tcp |
| GB | 216.58.213.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | feedback-pa.clients6.google.com | udp |
| GB | 142.250.178.10:443 | feedback-pa.clients6.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.178.10:443 | feedback-pa.clients6.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gstatic.com | udp |
| GB | 142.250.200.35:443 | gstatic.com | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 2.20.37.224:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.146:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.37.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9f44d6f922f830d04d7463189045a5a3 |
| SHA1 | 2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c |
| SHA256 | 0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a |
| SHA512 | 7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d |
\??\pipe\LOCAL\crashpad_4580_CXAUQDQPMTBGMMLS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7740a919423ddc469647f8fdd981324d |
| SHA1 | c1bc3f834507e4940a0b7594e34c4b83bbea7cda |
| SHA256 | bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221 |
| SHA512 | 7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5812ceca356a483e4a8b0de6f4030f26 |
| SHA1 | 80826265c9f179bfb0bf80fbc2197196ad0ae0d0 |
| SHA256 | 5abff6d8a432ca35c9b4d5ea693aeafd3c43c86df216ecd48ba70266331009c0 |
| SHA512 | acbcfcfacaaab55f754ff20d0ad8c249d377dfa42d3ec2aa8a9fb8aaf9eb7e4607e025f28ef4a9e89ab27c2bdc13142e79359168334093a54171d9a6bc921303 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4280314a0324c52d1beec1d2d1092dd9 |
| SHA1 | 0585cafd1e665adb5faef8e8196854159d570d50 |
| SHA256 | 3a87639b1dea71ba28309b416ac925cc2e77101b557e4275a8c737e2af05dad9 |
| SHA512 | 09cf15366f6f188b43415abb3599ba7a49fe9cfe72f509a547a46006876e09ce84d9de5bc2a8e9a49405cb8d62b696bee0f9f95db95e9994500fb98c30482d2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ce5961a21a67e76d486a061e7f5392b5 |
| SHA1 | 0066906a7241e09dd38bb9fc4e7e81db86023bec |
| SHA256 | 924b446e2b0d84360ca33b90e0e5d418936a55c130dff7d473a73664962afc97 |
| SHA512 | 80bcb3513de6c7cc9cedf83019baa9561a648b6448198abeb9ea0109c8ea39c263c345cba49e142381fea07fae28e87d654206edc795c3ab8a008e30a30c15c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7ce7ad251ae48d9390bfa9fe1cbefda6 |
| SHA1 | 1c8822a476c7857714fd6614dd7e6f1a3dff7469 |
| SHA256 | c36cfa33b31e1799c22da13eadc25ea0ad5f43516e9f7065493a2033da2ea732 |
| SHA512 | bcef3cea44ad0dad25343aedac873a3cf7973a0d2da57dc1cc122edb9e7374db65a3c1155fcc7b10bcb2be2dbdec3daf646af38ac4ef204f04a5ed4ebf8fee38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 184d3e91eddf213fde9e6c5e665325a8 |
| SHA1 | 96af1c7cde326fd1ef928f96e1ed0e6046c83e55 |
| SHA256 | c46c8d9dc27d9134428a643905d7779f0304f69396df64652e66122c1a455d71 |
| SHA512 | f822ab92070607dfcbb19c42fb05ec41d4663c5752c1aef00d847f92b0dc5201d89599d6ebfd852806fcb5e44a979693e2d36e243c06c9cf2477430cab665d5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e58d.TMP
| MD5 | 5247bcfc19b7ef8f99a929b4992a60af |
| SHA1 | bd97e47927b8daee04a12f33e420c03ecc4e91df |
| SHA256 | 355214979816868839f082d09613d945a47a82d713b580c9fa725347cefe1ab5 |
| SHA512 | b9ecbe9c49901fc7f3102e0516af846d2cb7ca47c7378fc6f366e0e63962ae39d73a6ebf64c73fe2b61b8d7dd9b2164f8509e82a6eb1db15daa5529f42ac0f98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9b9d182d562a6278b4c82ee94e9cb004 |
| SHA1 | ac6e042dba6af2d4a389f2035587ae863acb7e35 |
| SHA256 | fdd48617b34cd531c72677c526b3241bd6d29d042da22717e0630add85f2ec60 |
| SHA512 | 0fc2acfa72692d026e5f3ae38b23c822a7076c08dae2bbbfaeb66837b579cc9733b02835b0c98b8c9981226c38c255b98c4ef0e444b6163e2ddf92f04bc0da8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 36bff9d87c8ac436e57e6ce027e8ed04 |
| SHA1 | ea0d38977b1d3390ad3129276f8f54b7705e0104 |
| SHA256 | 7940e0727de31766073966f47e6d7ad53af46c08b8f0ffd4f74006b0117359c6 |
| SHA512 | f669281d502362b18121c96e4e493dc5fd519c3a30552857a51c7c60361cda6dcc31913ca322a7866336d151c090e1c5669c915b0a29d7cbb863b2d33540c19f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | f73705f1dde46fc0a28d89bfada19560 |
| SHA1 | 1b11f47a604b40716767c12289aa36a1d22b8e8f |
| SHA256 | bdf50fece9cf39818d0d7512a6a19b4f317f7e7f76c780ac976a442da86e37c3 |
| SHA512 | ac1ebc7297d717e5cbd948be58c702efa314ecacf3898ff5249d881d233533089dea49a105a7abb844d93fb1abc6d9ad9b402ece2e63e8573fc5ea9cc1bca247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | 2f29cf103c9da0bf9b4d0fea702f04e4 |
| SHA1 | 8cad5f690c64a6e877fb2636a11047836ea558a3 |
| SHA256 | 6917add9c9b53b1c6adc217ca75ec4850ab443aa394bf08283326186d19cb423 |
| SHA512 | b6c25d8942d64cd3a6bebaec70630a3e3f530dcbbcb714709c5e35935850fb928a9e7823b83a66571e351ad2ee76eebd1e0ddd61de022e273d8509b823070858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | d453eca18d366c4054d2efd57717cf9d |
| SHA1 | c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4 |
| SHA256 | be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc |
| SHA512 | a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | c15d33a9508923be839d315a999ab9c7 |
| SHA1 | d17f6e786a1464e13d4ec8e842f4eb121b103842 |
| SHA256 | 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 |
| SHA512 | 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1fea1ec7ac7ec1f6c021e4e10b0a8939 |
| SHA1 | a775af997b1f75bc5782b95373c5bc536d3921ea |
| SHA256 | b5aca83c35c346874b8b4e97fcb08f0be90e23f240d7e1f29609bf37eab6f13c |
| SHA512 | 424b9876540b7f4ad309268cdaf93c95d47515023ba9af4d72a16666075f6268a558ac1b30d022996f00e20eaeb655efd4a35b897349a2a2968a63917e236f1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0e9c0f60a42c3ef8d9c46c5be737fe7b |
| SHA1 | 14464789ad6f5d1b001b82d7ea75c13dd51826f4 |
| SHA256 | 1ff90d233c74c485acd44bf2da2553cbd0690a4631086183f9ac925325bf5fde |
| SHA512 | 80d2eb9640b53456041173ac2eeb71ff79561b0bfa1549a7cf7f256bb2cdb96ca98a0ad9fbf33ec0e9c140ebd433a86dd6f46fc17ff3a5e9e5ac31303933f6c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | bd277d6710263cbd9eed572248cb83b2 |
| SHA1 | 2ee01929f87f04b766f04a9dc2e19860139f3a90 |
| SHA256 | 8b96c5f204df1979e7452832ba595b20ee698b5ef9d334cb2342f6ca9a354f04 |
| SHA512 | cc79e88e39f54f7497600716db9d30e073edd4350fec8e4d58d427f8c194bc9532a108ac27d88e1bebbca0780a3fb02294d35a3b5acc8383344eacbafcaafc3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | 748d1872b4494039155e243e2fec9e51 |
| SHA1 | d0e34135d545ff733d654d7f5dc7c8492e530210 |
| SHA256 | 39f89ef640b071a2376ccf8f59677d3ff36fd097b825e4e4d060a7b828090695 |
| SHA512 | 85f7b27c03c16fdba9d39ae3c1ae5ddf6e9c4f7a3e69eeca1c29f99b17f8e63783fb596bbf38fd02856f0c69f125aa480fd54260125719015d65ecfed94274cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 2c4e11f1dd7c68428d6264dde3905183 |
| SHA1 | 8383cbc6741bdc648ef5f3aac9451143f0a0b91b |
| SHA256 | 8eddfb6115005dd9626e438fd970154c97f5d721904d507c94f0158f9c966af1 |
| SHA512 | 03d8b034b592dd41cea1e40fb063f5460410e2d5ad37661300c1448734bdf309328ab49ec74b724baaa2236777548b08b59b40fd779a07ead28d5c706482118d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | 9efa5823df2a18150e094e8327507da8 |
| SHA1 | 949252af168a66baa0799428830c12782275f212 |
| SHA256 | b8067f516f3ad2dacbe59f783064c29fac154f84f501f6f07fde4e88d8b011ed |
| SHA512 | ef552cd0682eb82e7064cbe444f936260abafa8aa1c09632d91770dbccf170fadd32b7fa518e62868f29ff3287ce1808b0ecd5c4c87bbad01eec26666fc67bcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | cf1ef78c904c715dfd91b823a6af4dcc |
| SHA1 | b53f441d3a5857546bdc8c421399a09ab159a6af |
| SHA256 | 82eb08a4b6967a90b9c4220d1d8025ec090d3d759b736f78224cb469174f86f4 |
| SHA512 | 60cf4ed04725d11a11f27493a1ac063e69960a2777c354db1815bf4e117230e610b3e36792ff289d2979cdc3b3b4cf29e84b3c4047cc8234ae9684d2dd043165 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ab3db71c7649a39d5236a40f97d635e4 |
| SHA1 | 80b4f21145844be0f164d84980b5c65f89be3782 |
| SHA256 | 65cae17d6b83973bb030834cbf4211959c4927869432e6912674b6b20b5c6475 |
| SHA512 | e7cc1d9ed7f2a238af6e8d5a64002c523dbc2c30342cf2e318f969aa23dbc2a0ba7eec717949f5e7a6eef9638a3a6f54514dd202fe2e9f6a18c75c261d324c2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | 5c32684542e22faa94d045720ea8420a |
| SHA1 | b9a565a60d8226167b94d514d9c9c70838a971d4 |
| SHA256 | b9f94b85edb146d26d6f744a829d458709bbe9ce390bbc50a838bad8c39e3a79 |
| SHA512 | a1f5d678c09f93c1d41d3f5632fde006bd4c1ea1e0ed55fafbdf9a9ab476d4bd080644887b0cd5b24654964a3069be2831e49f4fb658f6a121a7a38e74a7f554 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | af94c65f2769a3aba95564fad18c1106 |
| SHA1 | 460186fc66d52dd7f3bf9bdb825f95a17b27e9ac |
| SHA256 | dc7e7a029f68958314b01a8d663065ab8b7fc14d100463fd76cdc43f390205f8 |
| SHA512 | 2e1037b5bdea07f28d255e0c31179504c2511b1cc08ca79358e0a2ee562bb84a75e421d067910e38f64166a95fe6db48c0122b68f3e06b1b970e7c07cfc47be9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | 929993628fa6ac57c7a2694fa5f5d7ce |
| SHA1 | 20ac5a4faaaa5a87e3874724aa41ab8ccf8f92e7 |
| SHA256 | eba47d4a3e28d90785a6e2972840917c9f44151d6aca3279c992ced991ec3b41 |
| SHA512 | 777aebb666e3947cbbce5fc1636fd4b12fc4f197bd4eae78ca739540e8556e10bb5fb81080c27d5bb2e65b0893e43cc004bc09047ba132691b9152eb2516a808 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | a771fc73613b56e8450448cb6ad29ed8 |
| SHA1 | 07a9c54334c90849554df4b4ee8aa4e61b2f45e1 |
| SHA256 | b79d977a373c2b0c50bc6f7090f9d478645f6a8cf68c40f10185926802ec9fab |
| SHA512 | a46baac5723760e790a297f49d0c15b692dd69263658ce5b027bd12f06da5a6b0a7b8dc8dfa93815fbbc6cd69906e6886d7a0a2b1091dcd49a6a53d4e15353b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | c314e5949c3a64b86160ff20243955ee |
| SHA1 | e493abea7258bf8871048ce4ee71a2e9ed2c154e |
| SHA256 | 075d79c6f3debab7cd0e241df6559152677c6bfa873a4ac8c27ff531534799a7 |
| SHA512 | c0b81f352880860098282faf8044bdaad22795c3b9671e37f293ceafc4613752120d31a43f3e5150db76624bc6fd28c89c801b662b42ab71aebfc54c1dbfb06d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | 2edd402f579cb7ba111f83314e85dc37 |
| SHA1 | 5e0ad84e150683808ad82d45118a4784a62896fe |
| SHA256 | 941147267ffca7cb70f30bdd2ea3c1308b3e230112c8a031d2e88f31674f2393 |
| SHA512 | 31b50ef95b265eb0c64586006458282c89ae62ced99ace6a6335469d998285ff88138bc59bd90d9e440406f1fc9b41105cf0adc6a214fc85a1c4f08462d6377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | b11c29627af739a82589fa05ac56a2d0 |
| SHA1 | 8f725d54d3700e3927ccc7dc3529baa6862249b2 |
| SHA256 | 1df1ed387779f2875339a0303f2f6a98c303bb52bb911011a237d8b00221dd38 |
| SHA512 | 20eee0fa314a7078cff271bc1b5fa871d48017134f011104b1376bc4f70b3218b48e40d9060d863dc29e8c513664fe218788346ec2f399a4f7f24076e73e24fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 42e7c85cb2dc4b9514a51a7d0557efec |
| SHA1 | ec2d4fafcfbf5a262cf4b525c90be708de596547 |
| SHA256 | 43ca7c2a78a7428df2d542d97cc93b3cf6f4b3af81f6aff115249fae42dc2e85 |
| SHA512 | 1adbaa1cf29864c79452a94f80e610f7dfe14ebae9fba08893d5c07a0be1e0dcc1c6b94fb9592d52af41889fcb17139e50c2dcbec737c510d3cf08f65d6c87ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | 84fd9773f086a9b808482d9916fe70a5 |
| SHA1 | e66fc8571000ab9e82dcccc64cf7ee368d0b8ea5 |
| SHA256 | 1ba8f38ebd055f4c6b109f7991ed267fe0952008af78b4cae4d569dd15cbe665 |
| SHA512 | cc80a10a554e26764f311078645329741c6aae4efa0e6ba384e63165ec23ba54f91ac998c9f843c14118b47c845503c1ba7ea5ada17d0aaadfe8f2817f4acd32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | 983957d8d873d170d6e1a53983bf4b55 |
| SHA1 | 1efbdf5ae419c9a1a61f1b8d5b83735d146e27f8 |
| SHA256 | 7d4cb940aceb5dcf3286a45ddd9b1bfce9c93d94cc8a135846f1b1f005ae2cc2 |
| SHA512 | 768f27cd67e3b5e344f60ca34a6fafb87b71c6350dd3d28983e6e3f7ce4c82d312bc0043921e69c4ce8b987b408ec1350d1b1cde94880b76b3484123cb8cbcf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | 144b7f4be6c93cf3d9859c0ad7d26d7a |
| SHA1 | bc6e8daf31ce14bcca0aa2d6da0bd9c2515685ef |
| SHA256 | 2ca26e633b92afbbdca3909080374c44aa948eb19ffaf5b283e707fad8a87ac9 |
| SHA512 | a8f725d906c1855f51c79868a2e8ce1b699f6411cb2ec9ca054c4dce1ce86bda06b12eba64614d44038e7ffbdcaf415ce421486354d63c0a599b4a6a125ac247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | c9e916390862543b54ad0ecae786305a |
| SHA1 | 77ace8d2e0d39dd87de0ff70d92e38ef2f97d1bd |
| SHA256 | 46079dad59a8ba4baeeeb9d212e5bc926512e81fb19a40bdce22c9edd7b30cba |
| SHA512 | 9f54e779896940bc4f6c0831e7e6573737670bdb53eaa1240748da6fdad2684f86a95d72ce921464fe57da2d6bf70d5fecaa15a62bec56ee38cb33c138198dc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 6bfe54db13e6705ca9ca287316eb58a0 |
| SHA1 | 082b8403beae6b4a4bae5cd0e425c57478f5f8a5 |
| SHA256 | 1eb7baaf77afba3f7c340f4167f0c5cdfbb6ae9d17d254b9af37e2ac671dbfc4 |
| SHA512 | b05c23c16665f224c7d88097e0f3bc61bd333d30733b46e0e3d11ca73ae3f722acc4353b0a06c615d78d02d1cccec8ffdd5e65b3004aba8c39503ccd171839ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 0f7891c04cd4b6ebb4f092c3224edff4 |
| SHA1 | 21c5027c1768cbf25403398f74abc3fdfb330ad3 |
| SHA256 | d4d2d2466dec18bb19a46bbe8d9f4b8edde53b3a266f79087a5dc4fc844a3234 |
| SHA512 | a13cfae7639ef67497a4f9803f5475a7a511703089efc882855b9e16b6fde06a9570efdb370792ef83346c1af33699aacc0294892fbd4917a3cdf0fc62dc299f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | af9af7871a811c16a2b3f9784b361d74 |
| SHA1 | 1201aa7b9a8a15b786bbce02bbcb5f12f1c96acc |
| SHA256 | 0ba364dc77bd16bea50600b8159e0580de2d38d28f64a1673a2193818eb113b1 |
| SHA512 | 426ea74958047d236735157ca80d49ee7120b5f39f7ca7e25bc43195215e175c02a4242e3a475a3f559d87bf2f630ab284f6cc1e1557d492c1464780145ba544 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | 12f0ed750edbcbadd6ea2bd0fee0e5e1 |
| SHA1 | 7946d88aadec876bb4e2ffe52e0619b76c5f06d8 |
| SHA256 | 1bb7bd8cd40ab3cdf3634ceb0e1457fdcc8e37ffc0f93159f0f7107170eb5b7b |
| SHA512 | c8697e986fce94a6df13f99fa5a7c9237646226a3622ee1303be0486e59e1eebfc14b6515fba019a290204658fe4278d867674e59a2039df12ce306451db6de9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cbdfb45f7d7076cb76bcf17f66f4cbe0 |
| SHA1 | 89ef89132773f158e9b200e7c479752773308a6d |
| SHA256 | abf5a911403591a2260933e2295257a960a0459ba208ed5d520c04e125a7663b |
| SHA512 | 42277b46b1605113fb3707daa660567f4abafeec5fd690a8b61899f74a21bc3b2e6ac85069b79d1ffb22ea53994baa84e83bbec765d6f6e6d243a381a0fca5f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_namemc.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 838596dbd872af4b2aca25a7920fd406 |
| SHA1 | 2cf025602d162c5771e0da68b5b8d871d4a8cd98 |
| SHA256 | 8f0f3fa0fd47687d46462d682e8906d7b190ebc80d03ba7c3f0f4f489d18e752 |
| SHA512 | 625723c5411e010abb411e8447651cfb816a200d86b52b2d672894bd4f42b290240ce6908125d353340defb47152b4927cb5a62c57b1af99eb6f1b54f36c22e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22f40a8d2b5282977e1cb4d9e635ab06 |
| SHA1 | c2aaa97bbd4f2d974e269308a23e0a7cc8e0b126 |
| SHA256 | f0530a6ccaf1b9492e6c0b81f981f7898c70f9262536cf20d3dbb97caac77e32 |
| SHA512 | 3cb2911c0a4d400e2ca1066d94911bbda758a14bddedcc85c40534573d35861c3c60cc457611ba6509f146f2e15e7727c745f244e79213fbebb1a30050f11b1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c4e553285b6647a2ea226d4eeee3072 |
| SHA1 | 0ee00899b37ae3062fac16df7680926d66df019d |
| SHA256 | c919532db4a675be545130481f265755ea1c07c6952ede083f47afe7c44844c4 |
| SHA512 | c38c9b1f38642d24a70d74ef244a06658f8695776b9b35d66ab4be62adf84a9a386e20f2289483ca04480c1840adc22b3912a49feb543394875fcc3950a23a91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | abaaea4d531725fabdad238b3926a0d6 |
| SHA1 | 91fcdd8591674eb32c9cadcad659b3f512371be4 |
| SHA256 | a2a2788c51f73ea80c23dc3e6d5b47befa38725cebd4608e8567b41279b7b273 |
| SHA512 | 73be9eb378cb9df107d23b3be6b2015ef2a71b89b0197fbf12f71ee39572ac764a24831e87d2df174481c43c26e3b3446c0d918e0bdd1ba40716d7b2ad3f672f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14b33ae99c8ee0db3b2cad3ec9c4e252 |
| SHA1 | 74b500cb482b2c2e94456ba314ded1dfc9181c2c |
| SHA256 | bec6cccaf6b04b6c08eec36447d6ac9584cde459b6f03a19dec3d1950bcfc0cd |
| SHA512 | 621a495b1c55ef5d2c39011265b2dec39b74e4e3519c7aae03200b669a320897796247cabe3c7f5d6becb41e6815068855693754b16b810cd5f5c266bc86cc43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4a4642516bc6372d8579b9c3705ec3ef |
| SHA1 | 4353ec5ea33952ad03b1058dc5d1b39489695058 |
| SHA256 | d8e0273e0138799bc98ec2fab75cb21379f1ec7d9426b570fe0d7da120ba18c9 |
| SHA512 | 528ea3d3d02d6c0b861bb2b8400fbc27af54524dee25e4ca12d713e1ac52722ceac32ebcdb429509d85e66adde29efe4cfbd314629c6c20ab13f778b4d0fae30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 296ca2fc16f1322c385592699f153ac7 |
| SHA1 | 523b919cc32bf4e081cf2a6e9dda64d22b4a8efe |
| SHA256 | 2041e8d6c1da8aec31875b5349f8a310e0b95aa5d9cc2479a2b680e528ab7f8c |
| SHA512 | b3bcc4fcb8108ff265c4e25ba3743e76cf729f027f016c04c5f9603a0bbd792887bcc0c4aedef4e634a1544822796edfc94df69d0afe774437774aa1e215bf7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0823586d8a7bd005a0535fd024237fe8 |
| SHA1 | cfec06c71ef1057e0bb4487369baf4fdee29e5ce |
| SHA256 | e0268fea510999a7f145de974c8966f2f2df93759128651195a81cf11bc917c4 |
| SHA512 | 55154a5e4c55d9b44cfe6829100fe1654351ca8732a196d3a277365d46c17e16719229cfc3fb49ee9337e403a355f6a6e64995be90267b677356dc95890b61d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089
| MD5 | 032f97d15e951ecf1df389b8569d61ba |
| SHA1 | 3a3846c7f1bd8c39696a7688ff47c141a4899768 |
| SHA256 | 03501b91ac299d943644c0efd601328bc25e9f4814cf7d7e9086f6f20f75bbac |
| SHA512 | 1979cc0b094a1a0f25e61b9f12a0d5baec8155d99990953762dc5c6f2cd308d8a0ae903c9f2b532fd5f3156176493fff968c10c712690fa25325ff74dd17bcbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fb2ee4736954f5c6f51e9a232d3f0511 |
| SHA1 | 04248778cb1a14c3fb28d07c1982a1a27d52533b |
| SHA256 | efa93ca676ca0a7eb41c95f73ce05a446f14b0f3bf1bbad85d16422c9049f778 |
| SHA512 | 0db54feb36c9819836f25bb23a0252ece05be159f28130a01ae972570c2a7a9aad47ad85eaf7f3528475e24957e0b090c40c5e77f61b3d3d531b4b5b962ae19d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 887e3e7b3a034e5a7fdf439b2d936bef |
| SHA1 | d5c936ead1de59bbc54e00fab152663fdc7de517 |
| SHA256 | 309fcc3856babf98c3c62318466398c9042f7df5c214f7410ef2e79327ab0b2d |
| SHA512 | e9e865383257c342b34bd8af636585fdefb4447abf5cd41dc57d0656adc73849c5b484bd412e18900ed954f4242381340550461961d7927efa059611f13005a5 |
C:\Windows\System32\Recovery\ReAgent.xml
| MD5 | 6fd5b0fe99125289d97e3f641f5f6450 |
| SHA1 | ae506bf8bcdc35419d8f6cad39478af2a190a2fe |
| SHA256 | 68b5e93c47779d6d5ec230e848ef412df87eb2aba57463f79e09d50210c77a77 |
| SHA512 | 6f363f92986cec7f476d03bbb879dcf75119cb5388985f117779e74b88c9fea1412988d6c4c12a6f5c0f1d5b649b4f00e59b970d2c7c0f8df7156d1ae174d554 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-02 23:17
Reported
2024-03-02 23:20
Platform
win7-20240215-en
Max time kernel
121s
Max time network
121s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe
"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"