Analysis Overview
SHA256
f57e68d5fba1f21a3647723716401cea821d777b49acb61c5f1fd63e5d7026fa
Threat Level: Known bad
The file 2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
SocGholish
Legitimate hosting services abused for malware hosting/C2
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-10 10:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-10 10:58
Reported
2024-05-10 11:01
Platform
win7-20231129-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
SocGholish
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "10209" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10209" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{44412031-0EBC-11EF-A140-5ABF6C2465D5} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10209" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421500591" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3627615824-4061627003-3019543961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1632 wrote to memory of 2660 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1632 wrote to memory of 2660 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1632 wrote to memory of 2660 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1632 wrote to memory of 2660 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1632 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | ahlikompie.com | udp |
| US | 8.8.8.8:53 | www.insidethemagic.net | udp |
| US | 8.8.8.8:53 | www.thefloridahotelorlando.com | udp |
| US | 8.8.8.8:53 | lpmpjateng.go.id | udp |
| US | 8.8.8.8:53 | pewresearch.org | udp |
| US | 8.8.8.8:53 | www.myhotspots.co.uk | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | images2.tempo.co | udp |
| US | 8.8.8.8:53 | images.messara.multiply.com | udp |
| US | 8.8.8.8:53 | uniqpost.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.files.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.files.wordpress.com | udp |
| US | 8.8.8.8:53 | i.okezone.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | klimg.com | udp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | nyunyu.com | udp |
| US | 8.8.8.8:53 | farm4.staticflickr.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | informasitips.com | udp |
| US | 8.8.8.8:53 | www.memobee.com | udp |
| US | 8.8.8.8:53 | www.tabloidbintang.com | udp |
| US | 8.8.8.8:53 | nasima.sch.id | udp |
| US | 8.8.8.8:53 | l.yimg.com | udp |
| US | 8.8.8.8:53 | sites.google.com | udp |
| GB | 216.58.201.110:80 | apis.google.com | tcp |
| GB | 216.58.204.74:443 | ajax.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.204.74:443 | ajax.googleapis.com | tcp |
| GB | 216.58.201.110:80 | apis.google.com | tcp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| US | 8.8.8.8:53 | t2.gstatic.com | udp |
| US | 8.8.8.8:53 | images.detik.com | udp |
| US | 8.8.8.8:53 | www.info-regenten.de | udp |
| US | 8.8.8.8:53 | bloggercilacap.com | udp |
| US | 8.8.8.8:53 | pub.mybloglog.com | udp |
| US | 8.8.8.8:53 | cdn.wibiya.com | udp |
| US | 8.8.8.8:53 | bloggergadgets.googlecode.com | udp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:443 | img2.blogblog.com | tcp |
| GB | 216.58.204.74:80 | ajax.googleapis.com | tcp |
| GB | 216.58.204.74:80 | ajax.googleapis.com | tcp |
| ID | 103.30.180.77:80 | lpmpjateng.go.id | tcp |
| ID | 103.30.180.77:80 | lpmpjateng.go.id | tcp |
| SG | 172.96.191.56:80 | ahlikompie.com | tcp |
| SG | 172.96.191.56:80 | ahlikompie.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| US | 192.0.66.2:80 | pewresearch.org | tcp |
| US | 104.16.151.108:80 | www.insidethemagic.net | tcp |
| US | 192.0.66.2:80 | pewresearch.org | tcp |
| US | 104.16.151.108:80 | www.insidethemagic.net | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 104.26.10.22:80 | www.widgeo.net | tcp |
| US | 104.26.10.22:80 | www.widgeo.net | tcp |
| US | 104.18.160.83:80 | www.thefloridahotelorlando.com | tcp |
| US | 104.18.160.83:80 | www.thefloridahotelorlando.com | tcp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| US | 76.223.67.189:80 | www.myhotspots.co.uk | tcp |
| US | 76.223.67.189:80 | www.myhotspots.co.uk | tcp |
| US | 172.67.183.110:80 | uniqpost.com | tcp |
| US | 192.0.72.21:80 | humorsingkat.files.wordpress.com | tcp |
| US | 172.67.183.110:80 | uniqpost.com | tcp |
| US | 192.0.72.21:80 | humorsingkat.files.wordpress.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 104.18.31.212:80 | i.okezone.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 104.18.31.212:80 | i.okezone.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 192.0.72.29:80 | sehatkufreemagazine.files.wordpress.com | tcp |
| US | 192.0.72.29:80 | sehatkufreemagazine.files.wordpress.com | tcp |
| US | 34.95.124.251:80 | www.tabloidbintang.com | tcp |
| US | 34.95.124.251:80 | www.tabloidbintang.com | tcp |
| GB | 87.248.114.11:80 | l.yimg.com | tcp |
| GB | 87.248.114.11:80 | l.yimg.com | tcp |
| HR | 65.9.190.84:80 | farm4.staticflickr.com | tcp |
| HR | 65.9.190.84:80 | farm4.staticflickr.com | tcp |
| SG | 35.247.151.7:80 | klimg.com | tcp |
| SG | 35.247.151.7:80 | klimg.com | tcp |
| ID | 103.49.221.102:80 | images.detik.com | tcp |
| ID | 103.49.221.102:80 | images.detik.com | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| GB | 142.250.187.238:443 | sites.google.com | tcp |
| GB | 142.250.187.238:443 | sites.google.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| NL | 185.107.56.194:80 | nyunyu.com | tcp |
| US | 217.196.54.25:80 | informasitips.com | tcp |
| US | 217.196.54.25:80 | informasitips.com | tcp |
| GB | 142.250.178.4:80 | t2.gstatic.com | tcp |
| GB | 142.250.178.4:80 | t2.gstatic.com | tcp |
| IE | 172.253.116.82:80 | bloggergadgets.googlecode.com | tcp |
| IE | 172.253.116.82:80 | bloggergadgets.googlecode.com | tcp |
| US | 188.114.97.2:80 | cdn.wibiya.com | tcp |
| US | 188.114.97.2:80 | cdn.wibiya.com | tcp |
| US | 192.0.66.2:443 | pewresearch.org | tcp |
| US | 52.20.84.62:80 | www.memobee.com | tcp |
| US | 52.20.84.62:80 | www.memobee.com | tcp |
| US | 104.16.151.108:443 | www.insidethemagic.net | tcp |
| US | 192.0.72.21:443 | humorsingkat.files.wordpress.com | tcp |
| US | 192.0.72.29:443 | sehatkufreemagazine.files.wordpress.com | tcp |
| US | 34.95.124.251:443 | www.tabloidbintang.com | tcp |
| US | 104.18.160.83:443 | www.thefloridahotelorlando.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| HR | 65.9.190.84:443 | farm4.staticflickr.com | tcp |
| US | 104.18.160.83:443 | www.thefloridahotelorlando.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 104.18.160.83:443 | www.thefloridahotelorlando.com | tcp |
| US | 2.18.190.81:80 | apps.identrust.com | tcp |
| SG | 139.99.69.164:80 | bloggercilacap.com | tcp |
| SG | 139.99.69.164:80 | bloggercilacap.com | tcp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 104.18.160.83:443 | www.thefloridahotelorlando.com | tcp |
| US | 8.8.8.8:53 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | www.atom.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | cdns.klimg.com | udp |
| SG | 172.96.191.56:443 | ahlikompie.com | tcp |
| NL | 96.16.53.155:443 | cdns.klimg.com | tcp |
| NL | 96.16.53.155:443 | cdns.klimg.com | tcp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| SG | 139.99.69.164:443 | bloggercilacap.com | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| US | 104.22.72.252:443 | www.atom.com | tcp |
| US | 104.22.72.252:443 | www.atom.com | tcp |
| US | 104.21.72.39:80 | www.tealdit.com | tcp |
| US | 104.21.72.39:80 | www.tealdit.com | tcp |
| US | 8.8.8.8:53 | s1.rsspump.com | udp |
| US | 104.21.72.39:443 | www.tealdit.com | tcp |
| US | 64.98.135.66:80 | s1.rsspump.com | tcp |
| US | 64.98.135.66:80 | s1.rsspump.com | tcp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | sehatkufreemagazine.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.wordpress.com | udp |
| US | 104.26.10.22:443 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 192.0.78.13:443 | humorsingkat.wordpress.com | tcp |
| US | 192.0.78.13:443 | humorsingkat.wordpress.com | tcp |
| US | 192.0.78.12:443 | humorsingkat.wordpress.com | tcp |
| US | 192.0.78.12:443 | humorsingkat.wordpress.com | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| US | 104.22.75.171:80 | widgets.amung.us | tcp |
| GB | 142.250.179.238:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | applify.me | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | cdn.muslimah.or.id | udp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 104.21.54.150:80 | cdn.muslimah.or.id | tcp |
| US | 104.21.54.150:80 | cdn.muslimah.or.id | tcp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 104.21.30.34:443 | arvigorothan.com | tcp |
| US | 104.21.30.34:443 | arvigorothan.com | tcp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.21.54.150:443 | cdn.muslimah.or.id | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | www2.cbox.ws | udp |
| US | 8.8.8.8:53 | i1045.photobucket.com | udp |
| DE | 195.201.153.71:80 | www2.cbox.ws | tcp |
| DE | 195.201.153.71:80 | www2.cbox.ws | tcp |
| HR | 65.9.25.31:80 | i1045.photobucket.com | tcp |
| HR | 65.9.25.31:80 | i1045.photobucket.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| HR | 65.9.25.31:443 | i1045.photobucket.com | tcp |
| GB | 142.250.187.225:443 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:443 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| US | 217.196.54.25:443 | informasitips.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 1779555b7f60921738aeba3dfa9110d5 |
| SHA1 | 2a3baf1893d3934e8fb2971fee3a78d1702b1852 |
| SHA256 | 375c6a542b5c0f0edfa3878bfc5bffac7ef5e63e86eb08c430dc72f3b430c9e3 |
| SHA512 | 7492fd9276a2c3261d86530f34f1c5e3aee5e7c48132fa61cfece0c509ea1363bd139a54d0d7eb90ec5d2135d7a53a84f4a5c966f116257f1e737eb09de46323 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24
| MD5 | 3e455215095192e1b75d379fb187298a |
| SHA1 | b1bc968bd4f49d622aa89a81f2150152a41d829c |
| SHA256 | ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99 |
| SHA512 | 54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd |
C:\Users\Admin\AppData\Local\Temp\Cab1C09.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar1C1D.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8388e2ed65a1582f7a332d57fea30644 |
| SHA1 | 7ab4049b2ce4a9d5a728ed48e77f01fa3808ab6d |
| SHA256 | e8fe117816a17f7230c49a90f2bc1ecda792d03602e6a719ce3ee4941100322a |
| SHA512 | 7dd2f285408b3b8c4131693bdb634dea2c966157b8b8f03f2f28f7ec503f8d19e252095dedd79f70d6d85ab57910829118845d8fbd105a45b02f8213f2a91df1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 9cb8b4bfa5e219bd0ebfcd76a2686ae1 |
| SHA1 | 53b9d149f5d4a8f649d6533fc29b898d48c55039 |
| SHA256 | 4626f68db80e51e6431a2f7f044dd25a18e14175ac42c3e2b3193a7e6d192a29 |
| SHA512 | b52027b841c9ff2a98ba512083c677e3924fffad8baa9453413d8e444508e78585287c570e9b30d8489b29a9d33a343faa2c296d3d262e9247944ff08d8039d9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 0561966f7fe73dc0fee7c66d25f4d47f |
| SHA1 | 656b49b37aacd2aa33a8c32b067ab0f4151f73ff |
| SHA256 | 110c32eca928c9a3ab98ff6a7d6d791bea426fc78fe7df46c23be7ae0ea1f832 |
| SHA512 | 8d3d9a52368ebac2a75251ef5d1c771a6d881e96b63c3242c849ef6579dcd4e949de7887ba1c7816910fecd3ead713a7bf94bf7a01447a81003e3627b3a402c8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ca1ae2edb27df001cd878ce20ff5ab68 |
| SHA1 | bde24a73fda7c0baaace468b005499eea636a24f |
| SHA256 | a5308ec3112b1280ef743172e8990341f332e02e4ba9c90d771729a043f5c94c |
| SHA512 | 78a372b66bcad19ba008c1883dda87fa1d5bb059c5e603356e611cff012af29def1e655d0770bc1b89b42184cb444fc71fedc1b683090f14c12947a4ae265ba0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | a5684e3f113e071b6c33204e9b855bb4 |
| SHA1 | d2069beb1b21b3ebcb43d59d0980e19bfc069349 |
| SHA256 | 466dd689b472a3418e86b42fdf72a3a8c32fb4983925e43d265421cfcbdfb153 |
| SHA512 | 9b20abcd8fde388574228617018c7313b282b9a69f500c14dd7c8bc1a39b184d98ba657f5bcd91a624a25c37cb66554614197053241ab94e61a4af056a0942ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9a30d329040f7aa9cf8295c8cd1e6b7c |
| SHA1 | 41b777dcad807821119c5b50e879e3c6aa10efbe |
| SHA256 | 066ff427bc2fdad3612cd2a29e4ab9a7fc1f7d398a687dbfea908983a7a54a12 |
| SHA512 | 146c23ee50ef422ecb88dc75e3bc72b92d159a9abeaafa8d88d717ac5f6f6218bb4fb482a6d3474787d68d2ec674ea72a4f1de7a878536a85296d1500e3cb393 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | fca8af0dc8436b9952fdf961f8c7f401 |
| SHA1 | ac194f887a84a4538985ece94daf59cea48fe65b |
| SHA256 | 477645c7b83bbde8bdcf6d066f0de596d5b02fd47c223f89dde7d86903338cf9 |
| SHA512 | ba0d8f654216d9530bec83aa011a3433cea27873be327ac60eb1244997995489db76e25077dead09fcd43009b05deda51fd37b30a33fff01c94ba3927e1c21d5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 80a7652c4d227eae4a4e7d67f5d1b056 |
| SHA1 | 93c6d9375da82d038c21f3995faaec1cf8a5f61d |
| SHA256 | a2ee7a64ab0fc4e10e711678c02fa3e02dc3275128f2efc132089bad9e90b669 |
| SHA512 | 22fb6dff60118772675248e628dd046f91aa980d1501d826c9f0c366de3e7e3150dd483ee0d69ae3feaa83b276e2ca34d6433b57bf98f5b37e25845e58fe9628 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | b06ba8b0ff3b0b375ebf865712c6b98e |
| SHA1 | c47ccbbc634cafcafa41ba7e0ee7d6192c72cadb |
| SHA256 | 524f6d03a1d85cacb77b1eaf976878c39bca8f1d4f3e591e3b4210e5d16ff00a |
| SHA512 | 41bd886ebbe726cf37eccef8f148b0283ac2d414afe6e66b3634b44c084d1ad7cf4036c770ad1d2a7dd2d3d8d020299bdee01ec78c2a95b40bb524bfd2e64f6a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | b5cf7d41599f21e229e75c7ccffd4a1a |
| SHA1 | 7f35fa69504093d663b5e23444d9dd07267693ea |
| SHA256 | 682274a1e5bbe3e9b619e1dafb080a8d3dce7f7ca60de9e443689832e63762df |
| SHA512 | d77b5794cab31e632d5ef481484a8a0c57b65540aadc9c816d8bc3f78cb1999b4137ed1f4caa28d141886e2d05c7d826815b01bcec8aa387d2f65f26ad75baec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 43dc9c323ea1d40217a75ad373338b5c |
| SHA1 | c5c870dea8dc59fa8209ff8e3de19b9cc9effdbb |
| SHA256 | e92eaf6a8be09f25db882ca030b06e302d2fc24c3f4048dc2d34d22ed491b3b0 |
| SHA512 | f90ea882a8e80e8ae64101a49cab0334ac2f60521d4de0a80612db29cbd1200920da48bfb956ed87d86f6ba8cac46c004791bf5ce5f406cd620bdfc5273c88f9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | d995ab26337952c46a3fea694357bca1 |
| SHA1 | 52946063c9aa5e73c89d00573a384fe687ce3f73 |
| SHA256 | 6409234ab51f0261b1d778b3d9b94c0963917e7ca56ac52c719cf2a2fab6867d |
| SHA512 | 47e605e5e5747774e632cfef21170bd55efa172cf0412e84b7406d20c870a56c56e21fcf2447421f23de88ea6614b5aa30ef64f51a179970fd51afa7aa665b0d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA
| MD5 | 4389257558ed6ab76a4598d4067df02a |
| SHA1 | 11ababb3ae559ad46d7f08aff05ccef2b9fb4bff |
| SHA256 | 7173140ffbdcbf3778de66c2c28825cc0ce09632f761ccce755cd98542fef7fb |
| SHA512 | 50cfcadd5137a3dc2060c35517655d0785b63317451f7f24854ff5e97f2289e0f39ea9379aa8ccb2ce7ac15e9773766a8b93b44a208869daacd65634f1f88930 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA
| MD5 | 172831834ea62b24f27ae09586544041 |
| SHA1 | 1bb2f6eb9c319fe96051c9a7db6cc4b882912471 |
| SHA256 | c88fedc9c4ce58c474cbda40048f9c60ea139d81438401ca3f9f38de59e57319 |
| SHA512 | ab2e156cf49e575074aabec3dc76df497408755944acb34ea9a67f85eb75bfd1fc4eb898b445cab38d6cfb799288668ca6ca9338422de9d774264dffcda4de44 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2c1f57c2e1f6a557fe7fcc06c34a341a |
| SHA1 | a41a73447a2c1a130f7e50c630950b3fdc9f312d |
| SHA256 | 7524393185f20d8af0859c185c2df4061387409634a98731da20a3186b0e2aef |
| SHA512 | 3b4c8315222dfef5a53c29797cb2ebb944ecab441151bdb50ed7d8a96834f70373ac563ae07a71cbf0e81522ec116e7a2f684b458e611346291f1e6740fee5ab |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M7Q5HQC\plusone[1].js
| MD5 | fb86282646c76d835cd2e6c49b8625f7 |
| SHA1 | d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0 |
| SHA256 | 638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109 |
| SHA512 | 07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df6414b0cf2f1f8f29415f5781eeecc1 |
| SHA1 | 4274b5c9db78a7e8553290a3c3f0ec6df25c4f71 |
| SHA256 | ac97c1702ddc9e2e2fe5df17f7a994bc0901dc0bf5a839bfce90dac1a2bc60d4 |
| SHA512 | 328d2e6bfc18aabce5dc736291acd71074f56685d557b586bf84beb4110ab881dffc24325e580cde4290b420237570ef5997a84bb18bdac424dfb1b1a4ba1814 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c7f163dc982c8d7563e5840e35da30fe |
| SHA1 | 7847d81866ecdcba16f7e158cf55468e89465174 |
| SHA256 | 80322bb64be85b3fe342e7d28e37889c7e6c8192c1068664512e0d1688bb0267 |
| SHA512 | 767e206de01d86a426673c45f533338dd00e7b33514b801b1ecc77fddf3275439fffcf64e3fc6cf2908d8978f9936affbdf511ff75e6b430ba227d1c18cec56a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | 87f0113b9b43860454cd82c97e5ce19a |
| SHA1 | a270f18848257f5dbf6fead728a7fa1feedbe49c |
| SHA256 | 9e48d6a87f80e3aa8e7fd8f21d1ee203cd0bccc39e1fd20b7e7ca9001c8a7e9b |
| SHA512 | d17786656195150bc37a820ca648ca02bcdf4fdc1d098ac99b3407dd5a0e791aa721dd06311f28f153094d2ca6f687bbd23ecf8b9165240c1c4443f3a9571da4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M7Q5HQC\v1[1].htm
| MD5 | 0104c301c5e02bd6148b8703d19b3a73 |
| SHA1 | 7436e0b4b1f8c222c38069890b75fa2baf9ca620 |
| SHA256 | 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f |
| SHA512 | 84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 153d787910aa43bb21993ae15836114b |
| SHA1 | 2984babf2f375a54a69b1bd4b56469a80d932187 |
| SHA256 | ae49968834fd8b1156c93af16b47598173d4daf2bcf63d3b7792d081bc248435 |
| SHA512 | 100f46c08def92ed11243046177d5a28088a41208a9a681de3c40dda428779cb9d33f1e0afba1f96fae70cf189a82d4c013c9a06f95398b940b4236400e5f2e6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35a82d4bebefc87cf961cb443ac5963e |
| SHA1 | 9ce6ce546917bfe83a060a29b8f153f418b6677f |
| SHA256 | a6152310d5825d88542f00eb80c6ce31302d31a91c81d46cddab73ad2903c245 |
| SHA512 | 48a2da8c248e5aa9b5382bca4e48f418b5fa6c1e934a30001cf3c530ab34afb376a46884e1738ee952bce590ad45228efb2f068c6bb9b69913ad8dcea78db63a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4d1f2a462fe1dd2e53fde68352a6d4be |
| SHA1 | a342b2f07d6668864d4c6731c904c3f0c518faca |
| SHA256 | b5fa86bc8c9d1a1d6c2a9e60201ba98da0fbfd616834110d9ae9886bb66ee1a7 |
| SHA512 | 6a080f409c800ff46bfb7b1fdbebf663dfc00077f51f4d332e681a0909a7fd5525767f4150e78b7ee97b33e85c492f10ef65c3eda9a42ccbdec815cf1ad770ff |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cb18964a770773c39567191c03b53f51 |
| SHA1 | 95c77b6a20a5d586db7c4bc5ce749a1e0f8eb157 |
| SHA256 | dea6011979e061a96ce56fe6d448c95ad545382e733394c0bf064dfa5f62631a |
| SHA512 | f6f22eeb88fdaaa4ba18a05b2c5fa6d9f48a49ebb0c26c50d4335a61e5b8c2173a4243b4374503a3fdc9eb929a063fb025cd7df61471dcd5bef5797114eb2348 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8c31616a433de559e10c381c52896392 |
| SHA1 | 623b914b0c87c77e6b4904fbffa21c7d0e826659 |
| SHA256 | 424856ee9e78ea446778cdd4bfe9e4460b2509e74710fa4aa98ed5fe484cb23b |
| SHA512 | 6f76ba93ac55da8f020d01981858ef745a477207e0d4924a4dab528d69c7285a5dc720b651ec48db99b01426627461f51faa3bab28826a9a0b65b79dfd5f12f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 232d5be3b636293876f61be47c2ede41 |
| SHA1 | baef4e423df6fd34748d756d5f977cb574dbbbec |
| SHA256 | 136a0eec37045f9cd9451b7f8fba1649d3e26a8c129514f41a3b95944bf4c20f |
| SHA512 | 1810032b9b90e7e5b58043c88834ecfaa2ef5aa4a3bcf175288dc43c6ab4e4ce6f60b84958e398f2a6432c5ce1cc1d48c4acd1bd9e0f2665cb43175137663fc6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOEMIIXD\cb=gapi[2].js
| MD5 | 4d1bd282f5a3799d4e2880cf69af9269 |
| SHA1 | 2ede61be138a7beaa7d6214aa278479dce258adb |
| SHA256 | 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693 |
| SHA512 | 615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6784d7287dc81e1db741b6b203116ff1 |
| SHA1 | aec332ee2318222f3717aa7aedb8da1a9f832da0 |
| SHA256 | f2c1028468825775f5118a388b51fd9c4f91568217045480920de3bb9406726c |
| SHA512 | 3f5254d74e1faf80686e9f95397a95bd9488b53700d73fc02ec5ef542c9ae8854128e6caf792466ffc89e38237f1a77a431a98aed50a084f79c69f20fb2956c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a4ccd942b2375dfbb3ff1b49be323698 |
| SHA1 | b05432b982abb7d4ee5a67f0648ebc719105a485 |
| SHA256 | e8138d1f5a8270fe09635f51378baa36cc7bbc90ce8743c59f9ad5ae22e53ef9 |
| SHA512 | 949cef65217e5016970ce09e14d305906060235dc92b5dea590313a6069aabee214cd844c8d897280683c8fffac5a7a4a6e1e8da4d7da00c5338b3faef05ae71 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 98d9869baae3e8933cbee526fff7c548 |
| SHA1 | 7390fd4d7408d61510edab2db61cdfe710e0579a |
| SHA256 | 2743cfb6b073841a31c025a811c98056e180dbae0e281b69fb3763dc62ac633a |
| SHA512 | 30d0e5a97ce2f7c0b23c4c86b8b860f891765596bcb6c3dcfd33281e54c724c24bc32b6e45742ad86b890725adb973cbd5410bfbdbd724a7798f1dc7b0656e67 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5be700f72403eed650e3ca15eaefcd37 |
| SHA1 | 5cd3f3ef344e42bd308a7c711f3cf6022bbaeb7c |
| SHA256 | 9453e5d5851f0b48d99059a434784664862dee132d948c2df464662d465fb8a4 |
| SHA512 | 42e4feee6f496e0083caefe7037b3b85b51e3c58457e5f7a308e02428165cea462eeb05dd81ffc7f79aace55af3381dc56506f6e0b935ef2bdd486221e3efae9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 96f16778f0151452973734f6ca376225 |
| SHA1 | 18372818c6f51e04480bb468491bf5a18320c128 |
| SHA256 | 8b031bb15c0f396f92d56057ee304fcc150af3b0a669afa01489828965235c6c |
| SHA512 | 7b7213384abffe1e63d211aa5351c53a5e3d27b5a04a833ecad649efee011ceafa3c9bd5e18e7116e7934135f98b773cd3f2d4c83d2685edc9999ae92d5a82d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee93382399ebd612c780a1b799093f43 |
| SHA1 | 6b5297594e081f2cabe7b04d527f619d89887fb1 |
| SHA256 | 17969fe355f3e7b0af6dacba413421c52f7a09a8e00744dc1d4b50d9e52e6b72 |
| SHA512 | 6ab6f2838ff2d67d1d382b04758940ef79082058f1ba50707207d64bb366238b727261a086fc7186a6080ec1631e92b41dba189d9556aaf22e23f5d5c45cd057 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719
| MD5 | b75ced05df31da08d32b89c1b27aae69 |
| SHA1 | 62c61a8756b55e9efcd8e3cb52069ea4b57df063 |
| SHA256 | e61caebbc452136a095f35f8902e461602db957d41ba882c66d0acb317340949 |
| SHA512 | 49a0781b80bd0b46ab7e20e030fa13185ffa90553ae63d55e8ad2558d227e3d720ce0682f324a95fcc1b57d4a2d496a8f7306c1394e8c443d63fdbf78ee91c3d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_C66311BFC31F329FE5E6FBB46563B719
| MD5 | 8054872b37200a510f4c5402c9bc8613 |
| SHA1 | 3134db147434a201795bb804ff6f71cbe7c60b0d |
| SHA256 | b949dfd054405ef3e4d0f1764cf2f14352b53e6bd6e10012681ffc484756c813 |
| SHA512 | 219f3968e6fdc10338973ca4c622ad46d8ef8c566e8ed641b9a2f5c70e5754618a90428db4782b31af99e92573b79a9eba2f1d274d6fa8eaa006ce951cb929f0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d0176e5dce8f2086cb88d2433ced475e |
| SHA1 | 2005796685c99418a080c91e7cda551378f34d25 |
| SHA256 | d8c1703623ec38cc0286e5d37ed2efcc5d00f096f747ed0def1459b24bbc3e68 |
| SHA512 | 18b71791086bc247272d1ecbdd69a1f1b2e547c495678a04957f6f8a9305570eafc09be09467b44562ecca6ef39ddcb93be89bc54bea34d7cef8f30a8a32e619 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd1b4573df3701aaddd870dac91cd928 |
| SHA1 | 7da04c1fb4a5b71462e55a8af5206f826a04690a |
| SHA256 | 974c993f4906890a26b98f8eb01c3a16b691c7073322846d57c6f158ee11ba2e |
| SHA512 | 0a25a213b8a7a7533094020857ea102212824dda3c609666bfa48fc4ee6dfc4813429160d4d4c62f21d09bc981a0b77db042f5e7c0dc5a68618c609173562fd7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | accece194482114ffb46aa74fcda3688 |
| SHA1 | 31319e5cd88152563a19e1ed49985e2d8f990c72 |
| SHA256 | 6e69611c7730c608d75e1c1c05b641b990b09eee8a9d29f1682ff5e425eda027 |
| SHA512 | 548f1535bde0b4994d4729adf0e1e2b5b6b111f6a15f3121e9ef9245ffe9a9e1c9394845fe986c4553c5ad9a2fd0c199b1d19285dde688a0e23ee6388cb50db3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 19263b757056c8b3365cb6f8cf811a9a |
| SHA1 | f9145d0820ba77fc9de6daa45a3eca2296d940e7 |
| SHA256 | 8212f5cd7bb32239120301a9695b816bba9238b874193189e6f9308c2df2df27 |
| SHA512 | 45fd2402d63efdb517896ec769feb4ca495032a44c529c2b000b0f589a5d0e916a77c8482f1c4d6be5d4956109d3f8328304d2a077b9f00701db8b3ec7c04ec6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 070fa72fe8b40e080eae7fe8dee8641a |
| SHA1 | 795549c37336aa611b83c50dc762644a10b9abea |
| SHA256 | 90703b28c7f143c942bb62a6d6fc78caeaff499ac48e62bdcde3a0d560da2be9 |
| SHA512 | 2292712782eaa8700acbf8875caafacbabf4d36bdc116a6f47b7618ef8d5c1feb942ef4da7a3cb6fcf1405fffec917d37c929edea925db16ee9a7c0650d6eda0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 308ba2f514f6cbe69cad66485e0fb500 |
| SHA1 | 7041665709dcab3a0b7f836e451fd64b0822e795 |
| SHA256 | 9a9812bb39a36648f1e4c6279b3368dacf0cfcff480db58bae82f5ec5c9c880b |
| SHA512 | d04a50af2b4bdcde66d50b2524ab39939338c21b0ba151e812dcd14c8269b283fce6ce95a53b1898fcfb35187796198cc0f9f0cba29e71ed94864a7414cf219f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d3e0ddebad4ae4de4bbf80e98f0f9fd3 |
| SHA1 | 194e1089b45409f3ac498f093ef28497af8d1ed3 |
| SHA256 | e09d1a29e4ae28041bbd704e0e7f53f9ec0874937b1155502841f6510895a0f3 |
| SHA512 | 13bec33c875f01edad88f6f49b7135376aa27052a7cc7bc7c6d4d5969f1f820f1b1c2827fce884f72d10dce57a52a1db9d15d443d37285dde2ace630cc9b0b24 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d2a259d9d0eac4ae67edd734b2dfdc07 |
| SHA1 | 6c9c062c5b9a249708f6f6f9027803b1b26550d9 |
| SHA256 | 3fa861556e91007e63487cd10907c9ff12b84905e1dba25687e6294a9a17c592 |
| SHA512 | f6a080a46627153734776fb6adaa089cea0ac032f0794e1510f00de3d2a718ca7f14fa28c394b358b2ca3753da28ae78e8972a47845c185ff34a5a0c8a300ac6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | 4a8e79cfcb3ca8a80d9c5b03d4914704 |
| SHA1 | 904962135197f81e04ec2da4f4bae24fc60bf32f |
| SHA256 | 101f4a64fde19893fdec1056844bba063bdca3dcff1689d9674e9f5a1472cb08 |
| SHA512 | e4e60f0c8e8829d247a0dadf56212d90c2b0dc37e48ecb8de4b2377f408a159b0a1008b5be5692b37ae1d3b46a88b5dde602823a4831c201120331daf07a0dae |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | 635e92c9a7d213bec60ec7c2bcf5efc0 |
| SHA1 | 6d79694a84c32cd82c7e194682a99a68698df97e |
| SHA256 | 001c3f4c2663e91081c8c52236e37d9c28576d83f6857c5b12f6b11cc56844ff |
| SHA512 | bfa3be25a9a176a467e51f136dbc9a5d77d0eb07c033d693b4bb175c9cbc91032338ac7528d7ebdc5d3360567c462f5172a0497d0e5ec140b9b4b8bce6a10e2d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | 3353beb87b27d19225a3dae8fd135973 |
| SHA1 | 875fe0e4fa6bf2d76aca19a9fb5d8f53b1d3f222 |
| SHA256 | 309d04a6b58313a41e26d4bdfd3e3c13dd4768c575b2e887487a4418eeaab4ad |
| SHA512 | 3a35544ab3526924d47ccf6a7622647d01325b131abae8498a137779d6cbe0a3df877b731b355e6806705a01c40906220cffc752560543a0d58d4d1d256df5c9 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | 0b54ce56f473b202feef9702d7463a55 |
| SHA1 | 000c8259a1cefdd834cf96d47e88421b1d63f153 |
| SHA256 | b8e19ce7cd600e2aac26dfd4e006972beefa7a5fe927ea33a6ac2c91936df915 |
| SHA512 | 62d45744a7b9411d4161db96d5cd63b4ca443a76992e919e4edee0a86cfa69114749aafc95834f2f2420fa5055d01190d04252b231d6435957db2dfc79342818 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYLGDVXN\www.youtube[1].xml
| MD5 | d151eacf3ae1c48756a7b94f88ba741c |
| SHA1 | 4bba74befcc2eb996e6ace91767a423192905c59 |
| SHA256 | e230e78d40e1b5bac493ebd1fa26ec5446ac391bf65d3ac117331433332c0a1d |
| SHA512 | 6aab68e481231c9b6e5d9a6dfe9ec9c5c527775e2e63e1a4640ec11c43a35c5400f3c725901581601bfaa8bede1e0b5b2584927e1d96c190237bde29731cdeee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0bf876a58ebe9001ab9f5856083c942c |
| SHA1 | 2fec767742d54ca72e703acfd2d273b50c976316 |
| SHA256 | 787e33f4ac4a1af8878fdfca9e46496fe38f04ca5b30c5d19daa11a4d97f2d60 |
| SHA512 | 20440bb98fb0a3fd92d0e655a8a3819bdf5ff6eafc6dab91bf411cc1698e4c0c0423321ae2684f04391592e15f37ccfa4e3dd0096d998dc311c98f2f274eba03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 172f299f1eac4dd1e0f3d87ef04ce451 |
| SHA1 | 4636ce230955549dfbc5c158721019b6962c4fbb |
| SHA256 | bdcc4492f72ca744b8b3681fca7436b4ceccf5c6cd5319b661ffe71e5a04ec5c |
| SHA512 | 89296c1b72a748b325ad756b815a808efa09c59a59cd15282b995526c3baffd0eff8260a9ef4bd96c1a8a16139744d0c63b4c8b1dfe2ab3f79344665667c7926 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 02dd76f92c26f56dfae8128e5b2ec78e |
| SHA1 | a87b696434dbda0a03e8398eb001d96a4ad834ae |
| SHA256 | 35a93e2df5a38adc22af39be6b143a981cdb0f5b84272b1df232b57e16fc53a9 |
| SHA512 | 989238e84b2d781c3327ccb471f35504c34e73549dc14ea1a7b897880fd4a27c8abdd075d974d54ab5bdadeae234aa55206c9a1e42edefaa734f2bfc6982fd3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6985ad488ce54758ba1cca3af9127598 |
| SHA1 | 1f773044d7cf91033effa2f2172addd52fbed0e2 |
| SHA256 | 2e04b6c3c7189bd96d109a4cb0ae8d0984bb09a92e229651ec0bb7d7f624bbba |
| SHA512 | efcaea277f254763bdf97c1cbd069ccf3789b5f5823c51df414d582dced8225d4032d89fc6a0243287e6095e8b4feed9de73a4dec9938df9f19988986ba842be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 64eb08788bc42b66b717bc80e466896c |
| SHA1 | 033ecfb47c009a9c6d006bf1ebaf53e3d79f2a76 |
| SHA256 | 7a926045096b732fa6577df61cfc4b73886b2a0d7d27f43d71b9ce6d0671c5eb |
| SHA512 | c75f44137b211d4da9cdb72c5737bd65bf1debf9527d0eaaa4ec98fb4327eedcd03f0e5b2f2d6b1d2093f8d2800c72ef4789c9618840397e09d85658d62c3628 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d1215239c1b9646c2933df4631f94793 |
| SHA1 | 13bae0264b1ab64c21770c58bc36c20b46e1db1e |
| SHA256 | 9172a7cf99b36af7ddd940e21aaae5613a2699d1fd6ebb774c3ebe309dd68398 |
| SHA512 | b8fba87141aaf89d2d6d7f479fc973e8fa5f9e879c55e182661bd268033995a1309e860767a8e07f7ae17e5b0d538397ebb36197e4beefeabf8083aae0fe0609 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7f40de7effd22c9f22eb1ffa3d3fcd9e |
| SHA1 | 465c040e3e14cc5b4ee434db13e97024551d4683 |
| SHA256 | 90e3e108378da960a289258b0384cedad2f51932127d24e5c8bffec89f84bab5 |
| SHA512 | a7f19327c173943e3381586ec3783a85c06c7530a5c9fde83b56570b2d267b7c1952d011cd37eb78dd0037aeafcbf7750d1ccd01282943450a0757ee87e97473 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 7dc9d4a28bd0517a616d525aa49fa397 |
| SHA1 | 1ef59921190b87df79063f0a7af3ec9fb34f1d88 |
| SHA256 | cae3810657cf7a8b1cb9e6428a10eaa6bc122d37f7572a2e0f36f64a1a7aec99 |
| SHA512 | ed3e7dd9f116270b8f858f38c1152d2f906b2289e24b684c57e5343d8e766c20ac113642768597aaa0d949675032e50b2690a10c964ba578589ab847ce30d3ca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a42f603ff4ce67317948d00f6d4b6eea |
| SHA1 | 92a30443a76984477f2d12d5fb130e2364b0a595 |
| SHA256 | b880d66b111e31d4b473fd97120cef7b05b5e0e9ea3e680ec36212e7ec7687f7 |
| SHA512 | 88a770434e047cfb5b2c883672ed2cbb2721fdc200ee653a93886a14c408158bec92efd2538ee41bee1d1b145487dd88461c47bb16c743ca67e539138dde8737 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9f68dc8369796a47dd37485ad32f7ba8 |
| SHA1 | 7cbb78dc8121528a28e90f2bc87f796ae2ca0cc6 |
| SHA256 | 0c509d48b2eb2a415cfffaa65f777fdb21be4c74779148dedb6797dcf1bfa600 |
| SHA512 | 6b40edeec331a48902d6cefbac3eb291a8f96f34bb174a30bf8505a839ed750b566c94542965d7367de63edbfe458d0e9b164c6deb753d903bb2bf2db6d564b1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | be197bafca6b25ebe657aa2a94c4ecba |
| SHA1 | 34dc3e37fe7ed377770aa86d8140b2bbb06f30ad |
| SHA256 | 203dd3368fa634079ce3a10a7a62d0d9c1903db63673167eacb56ecd9b4e6840 |
| SHA512 | 51d2383f31d16ed865cadd905a4f70f71af51b95144e112e67dabf9459cc67b8e9c8b53429201d5cf8bb6d1c337ea64df17bd1fb163b541c46574b493d3e4b8c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-10 10:58
Reported
2024-05-10 11:01
Platform
win10v2004-20240226-en
Max time kernel
145s
Max time network
153s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\2ec5e7d60accf0644b452896b83dd12c_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=4016 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5952 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4956 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5548 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5568 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=4032 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=3220 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=6204 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6360 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6556 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6312 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=6764 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=7632 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4896 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=5452 --field-trial-handle=2256,i,6670388345726423024,18382795228658886258,262144 --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 239.249.30.184.in-addr.arpa | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 13.87.96.169:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| NL | 96.16.53.149:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| NL | 104.123.41.162:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | ahlikompie.com | udp |
| US | 8.8.8.8:53 | ahlikompie.com | udp |
| US | 8.8.8.8:53 | www.insidethemagic.net | udp |
| US | 8.8.8.8:53 | www.insidethemagic.net | udp |
| SG | 172.96.191.56:80 | ahlikompie.com | tcp |
| GB | 142.250.179.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| GB | 216.58.204.74:80 | fonts.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | www.insidethemagic.net | udp |
| US | 8.8.8.8:53 | www.insidethemagic.net | udp |
| US | 8.8.8.8:53 | 149.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.41.123.104.in-addr.arpa | udp |
| US | 104.16.151.108:443 | www.insidethemagic.net | udp |
| US | 104.16.151.108:443 | www.insidethemagic.net | tcp |
| GB | 216.58.212.195:80 | fonts.gstatic.com | tcp |
| SG | 172.96.191.56:80 | ahlikompie.com | tcp |
| US | 8.8.8.8:53 | www.thefloridahotelorlando.com | udp |
| US | 8.8.8.8:53 | www.thefloridahotelorlando.com | udp |
| US | 8.8.8.8:53 | lpmpjateng.go.id | udp |
| US | 8.8.8.8:53 | lpmpjateng.go.id | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | yourjavascript.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | pub.mybloglog.com | udp |
| US | 8.8.8.8:53 | pub.mybloglog.com | udp |
| US | 8.8.8.8:53 | cdn.wibiya.com | udp |
| US | 8.8.8.8:53 | cdn.wibiya.com | udp |
| GB | 142.250.200.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | bloggergadgets.googlecode.com | udp |
| US | 8.8.8.8:53 | bloggergadgets.googlecode.com | udp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| US | 8.8.8.8:53 | www.linkwithin.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 8.8.8.8:53 | resources.blogblog.com | udp |
| US | 13.248.169.48:80 | yourjavascript.com | tcp |
| ID | 103.30.180.77:80 | lpmpjateng.go.id | tcp |
| US | 8.8.8.8:53 | pub.mybloglog.com | udp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| GB | 142.250.200.9:443 | resources.blogblog.com | tcp |
| IE | 172.253.116.82:80 | bloggergadgets.googlecode.com | tcp |
| US | 8.8.8.8:53 | www.myhotspots.co.uk | udp |
| US | 8.8.8.8:53 | www.myhotspots.co.uk | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| ID | 103.30.180.77:80 | lpmpjateng.go.id | tcp |
| SG | 118.139.179.30:80 | www.linkwithin.com | tcp |
| US | 76.223.67.189:80 | www.myhotspots.co.uk | tcp |
| GB | 142.250.187.225:80 | 2.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 4.bp.blogspot.com | udp |
| GB | 142.250.187.225:80 | 4.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 4.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | img2.blogblog.com | udp |
| US | 8.8.8.8:53 | images2.tempo.co | udp |
| US | 8.8.8.8:53 | images2.tempo.co | udp |
| US | 8.8.8.8:53 | www.info-regenten.de | udp |
| US | 8.8.8.8:53 | www.info-regenten.de | udp |
| GB | 142.250.200.9:80 | img2.blogblog.com | tcp |
| US | 8.8.8.8:53 | images2.tempo.co | udp |
| US | 8.8.8.8:53 | www.info-regenten.de | udp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| US | 8.8.8.8:53 | 9.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.116.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.191.96.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.67.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.180.30.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.179.139.118.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.151.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 3.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | images.messara.multiply.com | udp |
| US | 8.8.8.8:53 | images.messara.multiply.com | udp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| GB | 142.250.187.225:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | uniqpost.com | udp |
| US | 8.8.8.8:53 | uniqpost.com | udp |
| US | 8.8.8.8:53 | images.messara.multiply.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.files.wordpress.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.files.wordpress.com | udp |
| US | 192.0.72.28:80 | sehatkufreemagazine.files.wordpress.com | tcp |
| US | 8.8.8.8:53 | humorsingkat.files.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.files.wordpress.com | udp |
| US | 192.0.72.20:80 | humorsingkat.files.wordpress.com | tcp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 28.72.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.72.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.okezone.com | udp |
| US | 8.8.8.8:53 | i.okezone.com | udp |
| GB | 142.250.187.225:80 | 3.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 3.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | klimg.com | udp |
| US | 8.8.8.8:53 | klimg.com | udp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 1.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | nyunyu.com | udp |
| US | 8.8.8.8:53 | nyunyu.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | farm4.staticflickr.com | udp |
| US | 8.8.8.8:53 | farm4.staticflickr.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | informasitips.com | udp |
| US | 8.8.8.8:53 | informasitips.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | www.memobee.com | udp |
| US | 8.8.8.8:53 | www.memobee.com | udp |
| US | 8.8.8.8:53 | www.tabloidbintang.com | udp |
| US | 8.8.8.8:53 | www.tabloidbintang.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | nasima.sch.id | udp |
| US | 8.8.8.8:53 | nasima.sch.id | udp |
| US | 8.8.8.8:53 | l.yimg.com | udp |
| US | 8.8.8.8:53 | l.yimg.com | udp |
| US | 8.8.8.8:53 | sites.google.com | udp |
| US | 8.8.8.8:53 | sites.google.com | udp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | t2.gstatic.com | udp |
| US | 8.8.8.8:53 | t2.gstatic.com | udp |
| US | 8.8.8.8:53 | images.detik.com | udp |
| US | 8.8.8.8:53 | images.detik.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| US | 8.8.8.8:53 | bloggercilacap.com | udp |
| US | 8.8.8.8:53 | bloggercilacap.com | udp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 142.250.187.225:80 | 1.bp.blogspot.com | tcp |
| GB | 87.248.114.11:80 | l.yimg.com | tcp |
| HR | 65.9.190.84:80 | farm4.staticflickr.com | tcp |
| US | 8.8.8.8:53 | data.tribunnews.com | udp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| NL | 37.48.65.153:80 | nyunyu.com | tcp |
| US | 34.95.124.251:80 | www.tabloidbintang.com | tcp |
| ID | 103.49.221.102:80 | images.detik.com | tcp |
| GB | 142.250.178.4:80 | t2.gstatic.com | tcp |
| US | 217.196.54.25:80 | informasitips.com | tcp |
| GB | 142.250.187.238:443 | sites.google.com | tcp |
| SG | 35.247.151.7:80 | klimg.com | tcp |
| US | 8.8.8.8:53 | nasima.sch.id | udp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 52.20.84.62:80 | www.memobee.com | tcp |
| US | 8.8.8.8:53 | 0.gvt0.com | udp |
| US | 8.8.8.8:53 | 3.gvt0.com | udp |
| SG | 35.247.151.7:80 | klimg.com | tcp |
| ID | 103.49.221.102:80 | images.detik.com | tcp |
| SG | 139.99.69.164:80 | bloggercilacap.com | tcp |
| SG | 139.99.69.164:80 | bloggercilacap.com | tcp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.189.173.22:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.65.48.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.124.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.54.196.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.84.20.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.151.247.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.221.49.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.69.99.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s1.rsspump.com | udp |
| US | 8.8.8.8:53 | s1.rsspump.com | udp |
| US | 8.8.8.8:53 | s1.rsspump.com | udp |
| US | 64.98.135.66:80 | s1.rsspump.com | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 64.98.135.66:80 | s1.rsspump.com | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | applify.me | udp |
| US | 8.8.8.8:53 | applify.me | udp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| US | 8.8.8.8:53 | 66.135.98.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| DE | 138.201.94.231:80 | applify.me | tcp |
| US | 8.8.8.8:53 | www.thefloridahotelorlando.com | udp |
| US | 8.8.8.8:53 | www.thefloridahotelorlando.com | udp |
| US | 8.8.8.8:53 | pewresearch.org | udp |
| US | 8.8.8.8:53 | pewresearch.org | udp |
| US | 8.8.8.8:53 | ahlikompie.com | udp |
| US | 8.8.8.8:53 | ahlikompie.com | udp |
| US | 8.8.8.8:53 | lpmpjateng.go.id | udp |
| US | 8.8.8.8:53 | lpmpjateng.go.id | udp |
| US | 8.8.8.8:53 | uniqpost.com | udp |
| US | 8.8.8.8:53 | uniqpost.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.files.wordpress.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.files.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.files.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.files.wordpress.com | udp |
| US | 8.8.8.8:53 | i.okezone.com | udp |
| US | 8.8.8.8:53 | i.okezone.com | udp |
| US | 8.8.8.8:53 | www.tabloidbintang.com | udp |
| US | 8.8.8.8:53 | www.tabloidbintang.com | udp |
| US | 8.8.8.8:53 | farm4.staticflickr.com | udp |
| US | 8.8.8.8:53 | farm4.staticflickr.com | udp |
| US | 8.8.8.8:53 | informasitips.com | udp |
| US | 8.8.8.8:53 | informasitips.com | udp |
| US | 8.8.8.8:53 | bloggercilacap.com | udp |
| US | 8.8.8.8:53 | bloggercilacap.com | udp |
| US | 104.18.160.83:443 | www.thefloridahotelorlando.com | tcp |
| US | 192.0.66.2:443 | pewresearch.org | tcp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| US | 104.21.91.254:443 | uniqpost.com | udp |
| SG | 172.96.191.56:443 | ahlikompie.com | tcp |
| US | 34.95.124.251:443 | www.tabloidbintang.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| US | 104.18.31.212:443 | i.okezone.com | tcp |
| US | 192.0.72.28:443 | sehatkufreemagazine.files.wordpress.com | tcp |
| US | 192.0.72.21:443 | humorsingkat.files.wordpress.com | tcp |
| HR | 65.9.190.84:443 | farm4.staticflickr.com | tcp |
| US | 217.196.54.25:443 | informasitips.com | tcp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | cdn.wibiya.com | udp |
| GB | 142.250.187.238:443 | sites.google.com | udp |
| US | 172.67.143.66:443 | cdn.wibiya.com | udp |
| US | 172.67.69.193:443 | www.widgeo.net | tcp |
| GB | 142.250.200.34:445 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | cdns.klimg.com | udp |
| US | 8.8.8.8:53 | cdns.klimg.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| NL | 96.16.53.155:443 | cdns.klimg.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | www.atom.com | udp |
| US | 8.8.8.8:53 | www.atom.com | udp |
| US | 8.8.8.8:53 | humorsingkat.wordpress.com | udp |
| US | 8.8.8.8:53 | humorsingkat.wordpress.com | udp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.wordpress.com | udp |
| US | 8.8.8.8:53 | sehatkufreemagazine.wordpress.com | udp |
| GB | 142.250.200.9:443 | www.blogger.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 172.67.26.69:443 | www.atom.com | udp |
| ID | 103.30.180.77:443 | lpmpjateng.go.id | tcp |
| US | 192.0.78.12:443 | sehatkufreemagazine.wordpress.com | tcp |
| SG | 172.96.191.56:443 | ahlikompie.com | tcp |
| US | 192.0.78.13:443 | sehatkufreemagazine.wordpress.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| SG | 139.99.69.164:443 | bloggercilacap.com | tcp |
| US | 8.8.8.8:53 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 104.21.72.39:443 | www.tealdit.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.26.11.22:443 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| SG | 139.99.69.164:443 | bloggercilacap.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.blogger.com | udp |
| US | 8.8.8.8:53 | 254.91.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.160.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.66.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.72.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.143.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.26.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.78.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.78.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 104.26.11.22:445 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | 39.72.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.200.9:443 | www.blogger.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| US | 8.8.8.8:53 | 2.bp.blogspot.com | udp |
| GB | 142.250.187.225:443 | 2.bp.blogspot.com | tcp |
| GB | 142.250.187.225:443 | 2.bp.blogspot.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.2:139 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | udp |
| US | 104.26.10.22:445 | www.widgeo.net | tcp |
| US | 172.67.69.193:445 | www.widgeo.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | cdn.muslimah.or.id | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.muslimah.or.id | udp |
| US | 8.8.8.8:53 | cdn.muslimah.or.id | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | www2.cbox.ws | udp |
| US | 8.8.8.8:53 | www2.cbox.ws | udp |
| US | 8.8.8.8:53 | www2.cbox.ws | udp |
| US | 8.8.8.8:53 | www2.cbox.ws | udp |
| DE | 195.201.153.71:80 | www2.cbox.ws | tcp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| DE | 195.201.153.71:80 | www2.cbox.ws | tcp |
| DE | 195.201.153.71:80 | www2.cbox.ws | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 8.8.8.8:53 | arvigorothan.com | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 8.8.8.8:53 | widgets.amung.us | udp |
| US | 172.67.139.229:443 | cdn.muslimah.or.id | udp |
| US | 8.8.8.8:53 | i1045.photobucket.com | udp |
| US | 8.8.8.8:53 | i1045.photobucket.com | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | udp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| US | 104.22.74.171:443 | widgets.amung.us | udp |
| HR | 65.9.25.81:80 | i1045.photobucket.com | tcp |
| US | 172.67.150.119:443 | arvigorothan.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.153.201.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.150.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.25.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i1045.photobucket.com | udp |
| US | 8.8.8.8:53 | i1045.photobucket.com | udp |
| HR | 65.9.25.18:443 | i1045.photobucket.com | tcp |
| US | 8.8.8.8:53 | glakaits.net | udp |
| US | 8.8.8.8:53 | glakaits.net | udp |
| NL | 139.45.197.242:443 | glakaits.net | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| US | 8.8.8.8:53 | t.dtscout.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| DE | 141.101.120.11:443 | t.dtscout.com | tcp |
| GB | 216.58.212.206:80 | developers.google.com | tcp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| US | 8.8.8.8:53 | www.widgeo.net | udp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 8.8.8.8:53 | sr7pv7n5x.com | udp |
| US | 8.8.8.8:53 | sr7pv7n5x.com | udp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| GB | 142.250.179.227:443 | ssl.gstatic.com | tcp |
| NL | 192.229.233.25:443 | platform.twitter.com | tcp |
| NL | 192.229.233.25:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 8.8.8.8:53 | developers.google.com | udp |
| US | 104.244.42.200:443 | syndication.twitter.com | tcp |
| GB | 216.58.212.206:443 | developers.google.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | 18.25.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.120.101.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.195.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.190.117.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| BE | 88.221.83.186:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 186.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:445 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:139 | connect.facebook.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 172.217.169.42:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 104.22.70.197:445 | static.addtoany.com | tcp |
| US | 104.22.71.197:445 | static.addtoany.com | tcp |
| US | 172.67.39.148:445 | static.addtoany.com | tcp |
| US | 8.8.8.8:53 | static.addtoany.com | udp |
| US | 104.22.71.197:139 | static.addtoany.com | tcp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | cdn.viglink.com | udp |
| HR | 65.9.25.4:445 | cdn.viglink.com | tcp |
| HR | 65.9.25.10:445 | cdn.viglink.com | tcp |
| HR | 65.9.25.16:445 | cdn.viglink.com | tcp |
| HR | 65.9.25.2:445 | cdn.viglink.com | tcp |
| US | 8.8.8.8:53 | cdn.viglink.com | udp |
| BE | 88.221.83.234:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 234.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| US | 172.67.8.141:445 | whos.amung.us | tcp |
| US | 104.22.74.171:445 | whos.amung.us | tcp |
| US | 104.22.75.171:445 | whos.amung.us | tcp |
| US | 8.8.8.8:53 | whos.amung.us | udp |
| US | 8.8.8.8:53 | 208.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kepingan-hati.blogspot.com | udp |
| US | 8.8.8.8:53 | kepingan-hati.blogspot.com | udp |
| GB | 216.58.201.97:80 | kepingan-hati.blogspot.com | tcp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |