Analysis Overview
Threat Level: Known bad
The file https://ryosx.cc was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Checks computer location settings
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Enumerates processes with tasklist
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Runs ping.exe
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-26 03:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-26 03:32
Reported
2024-05-26 03:42
Platform
win10v2004-20240226-en
Max time kernel
600s
Max time network
607s
Command Line
Signatures
Lumma Stealer
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe | N/A |
Executes dropped EXE
Enumerates physical storage devices
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133611679812133606" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\edit | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\open | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\.bin\ = "bin_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\edit\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\.bin | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\open\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\bin_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ryosx.cc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xe0,0x108,0x7ffea4379758,0x7ffea4379768,0x7ffea4379778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5264 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ .rar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3840 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\README.txt
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa.exe opssvc.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\autoexec\HOW_TO_USE.txt
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c md 122774
C:\Windows\SysWOW64\findstr.exe
findstr /V "MasBathroomsCompoundInjection" Participants
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b Flooring + Textiles + Optical + Attractions + Assumption + Typical + Miracle 122774\M
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
122774\Locking.pif 122774\M
C:\Windows\SysWOW64\PING.EXE
ping -n 5 127.0.0.1
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\autoexec\autoexec.lua
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2744 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:2
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\uwpversion.txt
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\celeryuwp.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2412 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3752 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5420 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6004 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5904 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4484 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4752 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6400 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2260 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6528 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6660 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6640 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6996 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7132 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7284 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7440 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6736 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7076 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7636 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7780 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7764 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8008 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8124 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\celeryuwpver
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\uwpoff.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6264 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=9200 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7392 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6764 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7368 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7372 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6660 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7884 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=840 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7680 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6932 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6912 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\uwpversion.txt
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5004 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa.exe opssvc.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9176 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa.exe opssvc.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6056 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6048 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6032 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\scripts\scripts\" -spe -an -ai#7zMap17317:250:7zEvent28622
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5564 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=5264 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=5472 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c md 122774
C:\Windows\SysWOW64\findstr.exe
findstr /V "MasBathroomsCompoundInjection" Participants
C:\Windows\SysWOW64\cmd.exe
cmd /c md 122774
C:\Windows\SysWOW64\findstr.exe
findstr /V "MasBathroomsCompoundInjection" Participants
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b Flooring + Textiles + Optical + Attractions + Assumption + Typical + Miracle 122774\M
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b Flooring + Textiles + Optical + Attractions + Assumption + Typical + Miracle 122774\M
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
122774\Locking.pif 122774\M
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
122774\Locking.pif 122774\M
C:\Windows\SysWOW64\PING.EXE
ping -n 5 127.0.0.1
C:\Windows\SysWOW64\PING.EXE
ping -n 5 127.0.0.1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\scripts\scripts.dll
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\scripts\scripts\.rsrc\29\string.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7648 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x418 0x244
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3760 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\scripts\scripts\.rsrc\3076\string.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\scripts\scripts\.rsrc\3082\string.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=6996 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=5328 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7788 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7828 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7760 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6552 --field-trial-handle=1876,i,14324879926390082743,17805610172096664776,131072 /prefetch:1
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa.exe opssvc.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c md 122774
C:\Windows\SysWOW64\findstr.exe
findstr /V "MasBathroomsCompoundInjection" Participants
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b Flooring + Textiles + Optical + Attractions + Assumption + Typical + Miracle 122774\M
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
122774\Locking.pif 122774\M
C:\Windows\SysWOW64\PING.EXE
ping -n 5 127.0.0.1
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa.exe opssvc.exe"
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe
"C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\S o l a r a X.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui.exe avgui.exe nswscsvc.exe sophoshealth.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k copy Emotions Emotions.cmd & Emotions.cmd & exit
C:\Windows\SysWOW64\cmd.exe
cmd /c md 122774
C:\Windows\SysWOW64\findstr.exe
findstr /V "MasBathroomsCompoundInjection" Participants
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b Flooring + Textiles + Optical + Attractions + Assumption + Typical + Miracle 122774\M
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
122774\Locking.pif 122774\M
C:\Windows\SysWOW64\PING.EXE
ping -n 5 127.0.0.1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ryosx.cc | udp |
| CZ | 89.187.188.226:443 | ryosx.cc | tcp |
| US | 8.8.8.8:53 | static.wixstatic.com | udp |
| US | 8.8.8.8:53 | siteassets.parastorage.com | udp |
| US | 34.49.229.81:443 | siteassets.parastorage.com | tcp |
| IE | 18.66.171.27:443 | static.wixstatic.com | tcp |
| IE | 18.66.171.27:443 | static.wixstatic.com | tcp |
| IE | 18.66.171.27:443 | static.wixstatic.com | tcp |
| IE | 18.66.171.27:443 | static.wixstatic.com | tcp |
| IE | 18.66.171.27:443 | static.wixstatic.com | tcp |
| US | 34.49.229.81:443 | siteassets.parastorage.com | tcp |
| US | 8.8.8.8:53 | static.parastorage.com | udp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | tcp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 151.101.130.217:443 | browser.sentry-cdn.com | tcp |
| US | 8.8.8.8:53 | 226.188.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.229.49.34.in-addr.arpa | udp |
| US | 34.49.229.81:443 | static.parastorage.com | udp |
| US | 8.8.8.8:53 | sentry-next.wixpress.com | udp |
| US | 54.90.160.203:443 | sentry-next.wixpress.com | tcp |
| US | 54.90.160.203:443 | sentry-next.wixpress.com | tcp |
| US | 54.90.160.203:443 | sentry-next.wixpress.com | tcp |
| US | 54.90.160.203:443 | sentry-next.wixpress.com | tcp |
| US | 34.49.229.81:443 | static.parastorage.com | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.160.90.54.in-addr.arpa | udp |
| IE | 18.66.171.27:443 | static.wixstatic.com | udp |
| IE | 18.66.171.27:443 | static.wixstatic.com | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 54.90.160.203:443 | sentry-next.wixpress.com | tcp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.114.74:443 | static.mediafire.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 142.250.187.238:443 | translate.google.com | tcp |
| IE | 18.66.171.36:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 52.37.13.65:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.13.37.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.166.156:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.166.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.166.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download2334.mediafire.com | udp |
| US | 199.91.155.75:443 | download2334.mediafire.com | tcp |
| US | 199.91.155.75:443 | download2334.mediafire.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | HDCIZfrnmkrkibbwxQlVwAYZqH.HDCIZfrnmkrkibbwxQlVwAYZqH | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.179.234:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | employeedscratshj.shop | udp |
| US | 172.67.186.163:443 | employeedscratshj.shop | tcp |
| US | 8.8.8.8:53 | museumtespaceorsp.shop | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 8.8.8.8:53 | buttockdecarderwiso.shop | udp |
| US | 104.21.45.202:443 | buttockdecarderwiso.shop | tcp |
| US | 8.8.8.8:53 | 163.186.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.184.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | averageaattractiionsl.shop | udp |
| US | 172.67.220.163:443 | averageaattractiionsl.shop | tcp |
| US | 8.8.8.8:53 | femininiespywageg.shop | udp |
| US | 104.21.71.3:443 | femininiespywageg.shop | tcp |
| US | 8.8.8.8:53 | employhabragaomlsp.shop | udp |
| US | 172.67.203.218:443 | employhabragaomlsp.shop | tcp |
| US | 8.8.8.8:53 | 202.45.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.71.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.220.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stalfbaclcalorieeis.shop | udp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 8.8.8.8:53 | civilianurinedtsraov.shop | udp |
| US | 172.67.197.146:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | roomabolishsnifftwk.shop | udp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | 218.203.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.3.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.197.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.55.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.base64decode.org | udp |
| FR | 51.83.2.171:443 | www.base64decode.org | tcp |
| FR | 51.83.2.171:443 | www.base64decode.org | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | jconnor.org | udp |
| US | 8.8.8.8:53 | cdn.base64decode.org | udp |
| FR | 51.83.2.171:443 | jconnor.org | tcp |
| GB | 142.250.180.10:443 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 172.67.203.223:443 | cdn.base64decode.org | tcp |
| US | 172.67.203.223:443 | cdn.base64decode.org | tcp |
| US | 172.67.203.223:443 | cdn.base64decode.org | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 171.2.83.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.203.67.172.in-addr.arpa | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| BE | 64.233.166.156:443 | stats.g.doubleclick.net | udp |
| FR | 51.83.2.171:443 | jconnor.org | tcp |
| US | 172.67.203.223:443 | cdn.base64decode.org | udp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| IE | 18.66.171.20:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| BE | 23.14.90.90:443 | cdn.fuseplatform.net | tcp |
| US | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| IE | 18.66.171.20:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 90.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| IE | 18.66.171.56:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 35.156.23.70:443 | api.cmp.inmobi.com | tcp |
| DE | 35.156.23.70:443 | api.cmp.inmobi.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 187.142.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.23.156.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | i.connectad.io | udp |
| US | 3.162.140.83:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 104.22.55.206:443 | i.connectad.io | tcp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prg8.smartadserver.com | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| NL | 81.17.55.160:443 | prg8.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg8.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg8.smartadserver.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 52.48.217.227:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 221.148.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.55.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.20.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| DE | 18.184.248.131:443 | 1x1.a-mo.net | tcp |
| DE | 18.184.248.131:443 | 1x1.a-mo.net | tcp |
| DE | 18.184.248.131:443 | 1x1.a-mo.net | tcp |
| DE | 18.184.248.131:443 | 1x1.a-mo.net | tcp |
| DE | 18.184.248.131:443 | 1x1.a-mo.net | tcp |
| US | 8.8.8.8:53 | b6d2c9d4ca4860f2e41fea7b828c4cc2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| GB | 172.217.169.65:443 | b6d2c9d4ca4860f2e41fea7b828c4cc2.safeframe.googlesyndication.com | tcp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 227.217.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.248.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 172.217.169.65:443 | b6d2c9d4ca4860f2e41fea7b828c4cc2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.doubleverify.com | udp |
| IE | 2.18.24.25:443 | cdn.doubleverify.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.24.18.2.in-addr.arpa | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rtb0.doubleverify.com | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 8.8.8.8:53 | rtbc-ew1.doubleverify.com | udp |
| US | 8.8.8.8:53 | cdn.pathtosuccess.global | udp |
| US | 130.211.44.5:443 | rtbc-ew1.doubleverify.com | tcp |
| US | 3.162.140.37:443 | cdn.pathtosuccess.global | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.44.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| GB | 2.21.188.27:443 | cs.media.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 50.31.142.159:443 | b1sync.zemanta.com | tcp |
| IE | 18.66.171.35:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 81.17.55.109:443 | ssbsync.smartadserver.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 27.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.216.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 20.253.0.30:443 | sync.inmobi.com | tcp |
| US | 8.8.8.8:53 | amazon-tam-match.dotomi.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 109.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.0.253.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | euexchangesync.digitaleast.mobi | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 63.215.202.169:443 | casale-match.dotomi.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 34.95.81.168:443 | euexchangesync.digitaleast.mobi | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 63.215.202.169:443 | casale-match.dotomi.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 34.95.81.168:443 | euexchangesync.digitaleast.mobi | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 89.207.16.140:443 | amazon-tam-match.dotomi.com | tcp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| GB | 2.21.188.239:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.81.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | tracker-shr.ortb.net | udp |
| US | 8.8.8.8:53 | tr.blismedia.com | udp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 147.135.71.152:443 | tracker-shr.ortb.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 35.214.142.145:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | us.ck-ie.com | udp |
| US | 8.2.110.97:443 | us.ck-ie.com | tcp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| NL | 35.214.142.145:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 34.98.64.218:443 | eu-u.openx.net | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.71.135.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.142.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 104.22.55.206:443 | i.connectad.io | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| NL | 185.89.210.153:443 | ams3-ib.adnxs.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | udp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| GB | 172.217.169.65:443 | b6d2c9d4ca4860f2e41fea7b828c4cc2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads4.g.doubleclick.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | d.agkn.com | udp |
| US | 8.8.8.8:53 | pix.pub | udp |
| IE | 54.220.25.0:443 | d.agkn.com | tcp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 151.101.1.108:443 | cdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| US | 8.8.8.8:53 | 0.25.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.171.66.18.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| GB | 2.21.188.221:443 | acdn.adnxs.com | tcp |
| GB | 172.217.16.226:443 | googleads4.g.doubleclick.net | udp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| IE | 54.220.25.0:443 | d.agkn.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| NL | 34.91.62.186:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | 221.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | idsync.frontend.weborama.fr | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.62.91.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| FR | 51.83.2.171:443 | jconnor.org | tcp |
| US | 172.67.203.223:443 | cdn.base64decode.org | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.89.210.153:443 | ams3-ib.adnxs.com | tcp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| FR | 91.134.110.128:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| BE | 23.14.90.104:443 | m.media-amazon.com | tcp |
| BE | 23.14.90.104:443 | m.media-amazon.com | tcp |
| BE | 23.14.90.104:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | images-eu.ssl-images-amazon.com | udp |
| US | 151.101.1.16:443 | images-eu.ssl-images-amazon.com | tcp |
| NL | 81.17.55.160:443 | prg8.smartadserver.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| BE | 23.14.90.104:443 | m.media-amazon.com | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 18.66.171.60:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| IE | 18.66.171.60:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 104.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.169.253.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aes.eu-west.3px.axp.amazon-adsystem.com | udp |
| IE | 34.250.155.46:443 | aes.eu-west.3px.axp.amazon-adsystem.com | tcp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 60.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.155.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| FR | 142.250.201.163:443 | beacons2.gvt2.com | tcp |
| FR | 142.250.201.163:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c25.gcp.gvt2.com | udp |
| FR | 34.155.84.81:443 | e2c25.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.84.155.34.in-addr.arpa | udp |
| FR | 51.83.2.171:443 | jconnor.org | tcp |
| US | 172.67.203.223:443 | cdn.base64decode.org | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| GB | 142.250.187.206:443 | analytics.google.com | udp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.90.14.23.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 104.22.55.206:443 | i.connectad.io | udp |
| US | 8.8.8.8:53 | prg8.smartadserver.com | udp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 34.149.20.76:443 | ssc.33across.com | udp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | amazon-tam-match.dotomi.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 9452cbc7c9251bf77635d9a7ba3c3237.safeframe.googlesyndication.com | udp |
| IE | 18.66.171.8:443 | s.ad.smaato.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| NL | 89.207.16.201:443 | amazon-tam-match.dotomi.com | tcp |
| GB | 172.217.169.65:443 | 9452cbc7c9251bf77635d9a7ba3c3237.safeframe.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 158.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | aes.eu-west.3px.axp.amazon-adsystem.com | udp |
| BE | 23.55.96.210:443 | tags.bluekai.com | tcp |
| BE | 23.55.96.210:443 | tags.bluekai.com | tcp |
| BE | 23.55.96.210:443 | tags.bluekai.com | tcp |
| BE | 23.55.96.210:443 | tags.bluekai.com | tcp |
| IE | 54.194.197.27:443 | aes.eu-west.3px.axp.amazon-adsystem.com | tcp |
| IE | 63.33.74.9:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| IE | 18.66.171.25:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| GB | 172.217.169.65:443 | 9452cbc7c9251bf77635d9a7ba3c3237.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 210.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.197.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.74.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 3.218.109.201:443 | pixel.adsafeprotected.com | tcp |
| GB | 142.250.178.2:443 | www.googletagservices.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | 25.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.109.218.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| IE | 18.66.171.24:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 107.23.229.143:443 | dt.adsafeprotected.com | tcp |
| US | 107.23.229.143:443 | dt.adsafeprotected.com | tcp |
| US | 107.23.229.143:443 | dt.adsafeprotected.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 172.217.16.226:443 | ade.googlesyndication.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| GB | 2.21.188.221:443 | acdn.adnxs.com | tcp |
| NL | 185.89.210.20:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 24.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.229.23.107.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d.agkn.com | udp |
| US | 8.8.8.8:53 | pix.pub | udp |
| IE | 46.51.204.86:443 | d.agkn.com | tcp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| IE | 46.51.204.86:443 | d.agkn.com | tcp |
| IE | 46.51.204.86:443 | d.agkn.com | tcp |
| US | 8.8.8.8:53 | 86.204.51.46.in-addr.arpa | udp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 107.23.229.143:443 | dt.adsafeprotected.com | tcp |
| NL | 185.89.210.20:443 | ams3-ib.adnxs.com | tcp |
| FR | 51.83.2.171:443 | jconnor.org | tcp |
| NL | 185.89.210.20:443 | ams3-ib.adnxs.com | tcp |
| NL | 185.89.210.20:443 | ams3-ib.adnxs.com | tcp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 185.89.210.90:443 | ams3-ib.adnxs.com | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| IE | 18.66.171.8:443 | s.ad.smaato.net | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| NL | 89.207.16.201:443 | amazon-tam-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 7babcf593757414cbc21b16832fd328d.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | 7babcf593757414cbc21b16832fd328d.safeframe.googlesyndication.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 54.194.197.27:443 | aes.eu-west.3px.axp.amazon-adsystem.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 18.66.171.25:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| IE | 3.253.169.168:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| GB | 142.250.187.206:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | e2c21.gcp.gvt2.com | udp |
| CA | 34.130.135.16:443 | e2c21.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 16.135.130.34.in-addr.arpa | udp |
| IE | 18.66.171.103:443 | cmp.inmobi.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 104.22.55.206:443 | i.connectad.io | udp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg8.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| NL | 185.89.210.90:443 | ams3-ib.adnxs.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.223.37:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 37.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a717.casalemedia.com | udp |
| CA | 85.91.47.88:443 | a717.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 59170b6c84ea6a38afc62540171d501c.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.65:443 | 59170b6c84ea6a38afc62540171d501c.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 88.47.91.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | k8s1-event-tracker-am.lb.indexww.com | udp |
| NL | 185.80.36.156:443 | k8s1-event-tracker-am.lb.indexww.com | tcp |
| NL | 185.80.36.156:443 | k8s1-event-tracker-am.lb.indexww.com | tcp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| BE | 23.14.90.98:443 | ced-ns.sascdn.com | tcp |
| US | 8.8.8.8:53 | 156.36.80.185.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 98.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | e2c8.gcp.gvt2.com | udp |
| SG | 34.87.124.238:443 | e2c8.gcp.gvt2.com | tcp |
| SG | 34.87.124.238:443 | e2c8.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.124.87.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| IE | 34.249.65.85:443 | match.prod.bidr.io | tcp |
| IE | 18.66.171.40:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 40.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.65.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.128.46.52.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pix.pub | udp |
| US | 8.8.8.8:53 | d.agkn.com | udp |
| GB | 172.217.16.226:443 | ade.googlesyndication.com | udp |
| IE | 54.220.25.0:443 | d.agkn.com | tcp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| US | 8.8.8.8:53 | amazon-tam-match.dotomi.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| NL | 63.215.202.140:443 | amazon-tam-match.dotomi.com | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 140.202.215.63.in-addr.arpa | udp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | euw1.smartadserver.com | udp |
| NL | 81.17.55.99:443 | euw1.smartadserver.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 99.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| IE | 34.250.199.34:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | ads.avct.cloud | udp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 34.199.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| BE | 23.14.90.96:443 | apps.sascdn.com | tcp |
| GB | 142.250.178.2:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | cs.lkqd.net | udp |
| US | 8.8.8.8:53 | x.dlx.addthis.com | udp |
| BE | 23.55.96.210:443 | x.dlx.addthis.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | cdn.doubleverify.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| BE | 23.14.90.107:443 | cdn.doubleverify.com | tcp |
| US | 8.8.8.8:53 | tag.researchnow.com | udp |
| IE | 18.66.171.45:443 | tag.researchnow.com | tcp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb0.doubleverify.com | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 8.8.8.8:53 | HDCIZfrnmkrkibbwxQlVwAYZqH.HDCIZfrnmkrkibbwxQlVwAYZqH | udp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | 45.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.360yield.com | udp |
| IE | 34.253.46.26:443 | match.360yield.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | loadm.exelator.com | udp |
| IE | 52.18.253.4:443 | ad.360yield.com | tcp |
| IE | 34.254.143.3:443 | loadm.exelator.com | tcp |
| US | 8.8.8.8:53 | 26.46.253.34.in-addr.arpa | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 4.253.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ssl.p.jwpcdn.com | udp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 8.8.8.8:53 | 114.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| IE | 108.128.7.33:443 | ap.lijit.com | tcp |
| IE | 52.209.140.47:443 | ads.yieldmo.com | tcp |
| IE | 52.209.140.47:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | 33.7.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.140.209.52.in-addr.arpa | udp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| NL | 89.149.192.193:443 | euw1.smartadserver.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | entitlements.jwplayer.com | udp |
| FR | 152.199.22.243:443 | entitlements.jwplayer.com | tcp |
| BE | 23.14.90.96:443 | apps.sascdn.com | tcp |
| NL | 185.80.36.156:443 | k8s1-event-tracker-am.lb.indexww.com | tcp |
| US | 8.8.8.8:53 | 243.22.199.152.in-addr.arpa | udp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | a1.adform.net | udp |
| DK | 37.157.6.233:443 | a1.adform.net | tcp |
| US | 8.8.8.8:53 | a.rfihub.com | udp |
| US | 8.8.8.8:53 | c1.rfihub.net | udp |
| US | 8.8.8.8:53 | a685.casalemedia.com | udp |
| US | 8.8.8.8:53 | ams-139.ams-rtb1.rfihub.com | udp |
| CA | 85.91.47.56:443 | a685.casalemedia.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 3.162.140.13:443 | c1.rfihub.net | tcp |
| NL | 193.0.160.154:443 | ams-139.ams-rtb1.rfihub.com | tcp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.47.91.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.160.0.193.in-addr.arpa | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | 13.140.162.3.in-addr.arpa | udp |
| FR | 142.250.201.163:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | s1.adform.net | udp |
| DK | 37.157.2.250:443 | s1.adform.net | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | live.rezync.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| BE | 23.55.96.210:443 | x.dlx.addthis.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 34.98.64.218:443 | eu-u.openx.net | udp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 3.162.140.47:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 3.162.140.80:443 | live.rezync.com | tcp |
| US | 34.201.225.151:443 | bpi.rtactivate.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| IE | 52.51.22.204:443 | dpm.demdex.net | tcp |
| IE | 18.66.171.91:443 | choices.trustarc.com | tcp |
| IE | 52.215.18.183:443 | secure-us.imrworldwide.com | tcp |
| IE | 52.18.18.165:443 | pixel.adsafeprotected.com | tcp |
| DE | 3.65.80.227:443 | aa.agkn.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 3.220.122.203:443 | partners.tremorhub.com | tcp |
| US | 3.162.140.80:443 | live.rezync.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 3.162.140.80:443 | live.rezync.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | 250.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.22.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.18.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.18.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.80.65.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.122.220.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.124.3.in-addr.arpa | udp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| IE | 18.66.171.75:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| US | 3.162.140.29:443 | prd.jwpltx.com | tcp |
| IE | 34.249.65.85:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| NL | 34.91.62.186:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | bid.g.doubleclick.net | udp |
| BE | 173.194.76.157:443 | bid.g.doubleclick.net | tcp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| FR | 51.178.195.213:443 | ssbsync.smartadserver.com | tcp |
| US | 70.42.32.63:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 75.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.140.162.3.in-addr.arpa | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 174.129.210.230:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.19.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.210.129.174.in-addr.arpa | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 8.8.8.8:53 | gcdn.2mdn.net | udp |
| GB | 142.250.179.238:443 | gcdn.2mdn.net | tcp |
| US | 174.129.210.230:443 | dt.adsafeprotected.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| DK | 37.157.2.250:443 | s1.adform.net | tcp |
| US | 8.8.8.8:53 | code.createjs.com | udp |
| GB | 104.91.71.137:443 | code.createjs.com | tcp |
| US | 8.8.8.8:53 | 137.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r5---sn-aigl6nzk.c.2mdn.net | udp |
| GB | 74.125.175.106:443 | r5---sn-aigl6nzk.c.2mdn.net | tcp |
| DK | 37.157.6.233:443 | a1.adform.net | tcp |
| US | 8.8.8.8:53 | 106.175.125.74.in-addr.arpa | udp |
| IE | 54.220.25.0:443 | d.agkn.com | tcp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| NL | 185.80.36.156:443 | k8s1-event-tracker-am.lb.indexww.com | tcp |
| US | 8.8.8.8:53 | a669.casalemedia.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 142.250.179.238:443 | gcdn.2mdn.net | udp |
| CA | 85.91.47.40:443 | a669.casalemedia.com | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| GB | 74.125.175.106:443 | r5---sn-aigl6nzk.c.2mdn.net | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.47.91.85.in-addr.arpa | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 5.135.209.96:443 | prg-apac.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| BE | 23.14.90.96:443 | apps.sascdn.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 89.149.192.193:443 | euw1.smartadserver.com | tcp |
| DK | 37.157.6.233:443 | a1.adform.net | tcp |
| US | 3.162.140.13:443 | c1.rfihub.net | tcp |
| US | 8.8.8.8:53 | c2.rfihub.net | udp |
| US | 3.162.140.48:443 | c2.rfihub.net | tcp |
| US | 8.8.8.8:53 | 48.140.162.3.in-addr.arpa | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| IE | 18.66.171.39:443 | pix.pub | tcp |
| IE | 54.220.25.0:443 | d.agkn.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 3.162.140.47:443 | sb.scorecardresearch.com | tcp |
| IE | 52.18.18.165:443 | pixel.adsafeprotected.com | tcp |
| IE | 18.66.171.91:443 | choices.trustarc.com | tcp |
| IE | 52.215.18.183:443 | secure-us.imrworldwide.com | tcp |
| US | 3.162.140.80:443 | live.rezync.com | tcp |
| IE | 52.51.22.204:443 | dpm.demdex.net | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | udp |
| US | 34.201.225.151:443 | bpi.rtactivate.com | tcp |
| BE | 23.55.96.210:443 | x.dlx.addthis.com | tcp |
| US | 3.220.122.203:443 | partners.tremorhub.com | tcp |
| DE | 3.65.80.227:443 | aa.agkn.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| IE | 18.66.171.75:443 | static.adsafeprotected.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| IE | 18.66.171.75:443 | static.adsafeprotected.com | tcp |
| IE | 52.18.18.165:443 | pixel.adsafeprotected.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 174.129.210.230:443 | dt.adsafeprotected.com | tcp |
| US | 3.162.140.80:443 | live.rezync.com | tcp |
| NL | 185.89.210.46:443 | secure.adnxs.com | tcp |
| GB | 142.250.187.206:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| BE | 23.14.90.96:443 | cdn.fuseplatform.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 140.222.94.52.in-addr.arpa | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | employeedscratshj.shop | udp |
| US | 172.67.186.163:443 | employeedscratshj.shop | tcp |
| US | 172.67.186.163:443 | employeedscratshj.shop | tcp |
| US | 8.8.8.8:53 | museumtespaceorsp.shop | udp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 8.8.8.8:53 | buttockdecarderwiso.shop | udp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 8.8.8.8:53 | averageaattractiionsl.shop | udp |
| US | 104.21.62.60:443 | averageaattractiionsl.shop | tcp |
| US | 104.21.62.60:443 | averageaattractiionsl.shop | tcp |
| US | 8.8.8.8:53 | femininiespywageg.shop | udp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 8.8.8.8:53 | 187.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.62.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | employhabragaomlsp.shop | udp |
| US | 172.67.203.218:443 | employhabragaomlsp.shop | tcp |
| US | 172.67.203.218:443 | employhabragaomlsp.shop | tcp |
| US | 8.8.8.8:53 | stalfbaclcalorieeis.shop | udp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 8.8.8.8:53 | civilianurinedtsraov.shop | udp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | roomabolishsnifftwk.shop | udp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | 245.49.21.104.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| BR | 142.251.129.163:443 | id.google.com | tcp |
| BR | 142.251.129.163:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | HDCIZfrnmkrkibbwxQlVwAYZqH.HDCIZfrnmkrkibbwxQlVwAYZqH | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 172.67.186.163:443 | employeedscratshj.shop | tcp |
| US | 172.67.184.107:443 | museumtespaceorsp.shop | tcp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 104.21.62.60:443 | averageaattractiionsl.shop | tcp |
| US | 172.67.141.63:443 | femininiespywageg.shop | tcp |
| US | 172.67.203.218:443 | employhabragaomlsp.shop | tcp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 104.21.55.87:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | HDCIZfrnmkrkibbwxQlVwAYZqH.HDCIZfrnmkrkibbwxQlVwAYZqH | udp |
Files
\??\pipe\crashpad_4436_XRAMEJZWDCHTAQOT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 919aabf14c221f4fc36019f7d5008c78 |
| SHA1 | 4d11648d38d47db12a1e01837cac1417ac47d567 |
| SHA256 | 68ad13bbb92c4420728905580770b8b842892f35c0a72d2deaefb69080d6641d |
| SHA512 | 25b86c1e51146eb67cf2416fdc43042207d2c14e0826c7a75efb73449ce3d0e4f9987e087cc8c2177e17fc8726cbc1296672eb6596ce94e0739f63abfa9c00e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1dd250163267000c43a3b23898bf04f4 |
| SHA1 | dc4ab78498c1d29b89e436c978482cb6a5cb8567 |
| SHA256 | cbbc0b9730d6eabca789eaa367684d20179ac8a9f4f097bf60218c312dbd6c23 |
| SHA512 | 8e49cabc2f951af797d3d49cb3c8b20d681ede88d8847ae548292c613004cd12668c3354743ceaac45c0cfdc132d99d8294e804f568b3401794e6a6f095c81e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0d74611b43ae4e492af50b17388d388c |
| SHA1 | c9fedb84aac9f0179e184a32f2e34724b7351aab |
| SHA256 | 38fffe468c263343ed3e5ee74251d5474a23089d45785a6f84d7d3f95812b38f |
| SHA512 | f9b1413acef8256b57436ed595f77637dce52310d6d9ebf18e7a3ea22780d10dfe40c725b342b10c6736d3c2aa87426e531d0c639c236fa5996f72fa723a5f0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 891527296ff7f6a24304e3b77e7e66a7 |
| SHA1 | 2e211457f2e554de30b2c35fcffc2b926d82d9e5 |
| SHA256 | e9b31e1ff8b1c26ed38b61e6206ff574f746cb493a38c0a56391f1084a368948 |
| SHA512 | eb52938b8ea5a0f458706bc5478584ef622234630402368a253e146ce27a6d90beb8faf46e6e50700f4adaf564c9c21ef0e5e2ac4eb9b6f4ff3b69e9219618e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 979ed68276ee47c46f4bd770cff6ce5d |
| SHA1 | 1963c48c89b4d53f6c0afae50a1ea668a148d981 |
| SHA256 | 47e1cc1c0a3f9863b739b83df1731fb460d87aa5ac88a6a626ce27c325b99c02 |
| SHA512 | 13926eb7e5734124bbbbe325b839d1b6e642ad0599fde0e810a95e1b96287a348c5701d9c9f303fd876988664272b6c5342d2bbd2568647b2e8ff4fdf4c339e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bac5e94578f9f7fe8b353b257b9f2536 |
| SHA1 | 18b4f40085e72eb9c946cca0ed7806dd6186fb2a |
| SHA256 | a2d837921c3918a4d37b5cbe79105de3d9fd7438a90d17a0c26528c0f19196da |
| SHA512 | 5f787e073aa491a5467afff65096f0ddc969a50379ad9c26628eddf6e74c6f49a452a2755fc62d660b11f6da430b8ff334b414e61651ad47720bab1edcef1f69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5861e2.TMP
| MD5 | b8a0825eb859a36531150357b8ebb024 |
| SHA1 | 1dd55f4c86cbc91cc9ea4b3d0df799b280e0ad25 |
| SHA256 | 8942077ac6c5ccd2ab3617ce31ac09a51444d808a0ce16684d803266a8aea0a5 |
| SHA512 | 673c33eeeb1a43bbccb6424f0dacc5ac4fa351612f2eca4f40789e65407dc43fa05520b2ae455a36dcc08a5d3e256bf6f5d1147573bbb75e543a60406104aef3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 0b9ab5f454c0d25cc273c3c509dc850e |
| SHA1 | cafa3a7bf7204f70bec6b1133ef4fd52036ffdad |
| SHA256 | 0fb6f8f6adfeae819369b7f3359fad9e92dfef944ce4e80f7633d16c6fbbe065 |
| SHA512 | 93a9f8293dfba3553fda8d1d22a6876441b17b052f31037b0ed75dff84c15ee056f9d17abb548e9d89ee7e26b980ef662413bc7c29db9e4428edf5b50826055f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b628ce906eb9ca1eb1ad38706748988 |
| SHA1 | 6c83301100da2537ed64e7275708ee37045472f8 |
| SHA256 | ccdc2d48f2124e0cece45baaa3f21da1d6e293ac88845f2cd9ff511883d4d96c |
| SHA512 | a482a1d78a2318f819453423e97bd35743b47b96a40fd53ab729e3a5ad57614cc44efd5cbbd037709199d915fdbd4e6cce6d3d840f3b45fb99eed317372e0449 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b4f498ddec1f0d31cce00cd4ed9b2261 |
| SHA1 | ff512a53afb0c5c958b7b501fb4948a7aa3de9c9 |
| SHA256 | 23873ce2295afecd8701845fb7b963d8cf70b8f426ce3cf40290b84d84ec1d18 |
| SHA512 | e43f5e858042fa399a6abf0c463c23cccaecd8f34e09fcd49517f508170509343dd4a8c7aacc4e73f4338fb628ab59f818363a890fe145b59e9b4152de3953dd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Emotions
| MD5 | 49e438956e29e87cfb22f7274cf2c6fb |
| SHA1 | 026c7a05ce42f00c6aea7e84ddc8cc5d1fab3a1c |
| SHA256 | ae0ea7678feec00efa94c1c87d5a4e9a54df0ca086699fd9128f08cf550f7d8a |
| SHA512 | 2f8616af0c46eed9861b599d9ed5a9d8b50c0839f9db574487de72f53e59ff1c504178145f8faf069aec4ed5887a2fb43ff083b026e236b970125867420c4005 |
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\autoexec\HOW_TO_USE.txt
| MD5 | 4324149d23c0d89f490249e531460c21 |
| SHA1 | 96a44574a5c71d923e91e6cc3e8a7eb7a9727755 |
| SHA256 | a6f1509ddeb9b80f94e3ec9de3821bb129979201c6833f472d25fab16187c1ee |
| SHA512 | c8c49722367d49ffb540cda2ed3fe955027050f810b0e05a501030c2ea5dff44f1a12ccb94c3d982dbadb9f5211ed199cc81d8457fd2821433975261e1c5c82e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Participants
| MD5 | 82a38745ff9cefa0859b47b8bd69f535 |
| SHA1 | 6f97750b298ed3f3910e5aa4044b91e7409db9d2 |
| SHA256 | 92f1df88e0467d0284f1de3e6d30bcf41b0ed56e055719872754627a2b4bb470 |
| SHA512 | d22a5ddfacf8c00cde7c3fa27612ca386ae68f79b9c93b52d40be33d584eaf3c18b100da9ad6ba4efacef1cba4fa5d1665e4c3004454f0eb41c3051b98c60569 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Richmond
| MD5 | 9232a164b3d092088493704963735061 |
| SHA1 | a0d40d6d5373e414fc50c38ae1000ccda89820fb |
| SHA256 | eea1bebddcfd35ddb7d19ab7013bbdbd47119b55896da6706625b45c8cedd08e |
| SHA512 | 3c2ee63455b485c6bb1d9c27d68f478d7685ce23f85d8c97f2e99a97030dbff09897c3dda6082b591a2533bfb2b1ee4871d98fb19103a0ca274ec4314df7f2cd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Alot
| MD5 | a6157f70265f55e4257cbe6640be26d6 |
| SHA1 | 57fc3b1f96934b3ad9abf5a57aa1328923e05549 |
| SHA256 | e0b48cbea6ab0d2b186ccf4883baa0d2289a59dd1dbaf097ac48c08c43395b2c |
| SHA512 | ec7da2e4ff9c3cecd6b3e2de879b39703e04d2e32be0b857e7c3f78ce9f676f2a374b6e5c52955a64a83e5f6fd3a0a73611e236223fec5ffaa00f7c0263a6e92 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Genre
| MD5 | ae8b395af144e66c748bbbc9555db15c |
| SHA1 | 03afb0b40f68d4147265ee3b77b8caeb55297b47 |
| SHA256 | c35b7e43289580e88b96bf6b3d4a13b2a5c1b553b70e47034797e2670796dc04 |
| SHA512 | d82188f0b1a3a8b638af19ca64a414bf2febfb3484ac3dcfbd9004d22c6aff48f961ca3545a94033b6cdd4865873fe007f235d3114dc64043d3ce6007209cf66 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Fighter
| MD5 | 92725ea4754d417dcbad702ca121da4c |
| SHA1 | 5e6d18e3d49f3a45aad0de354ebadab069e0ba95 |
| SHA256 | f89bf81db57d2543ce9d1db36316698f681ed47771dae95fce6ddb02347cf935 |
| SHA512 | 096eec094f4b8608a6370ca7651140e3b684c57624262e3ecdcbd8f3211d47fa46c863b7febb5bd84e268f9f8a3207a36218b0c8a1845352b6fcbea3783a3d6c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Violence
| MD5 | 21c741c3279d29ac54aff1416cfd6e7e |
| SHA1 | db764465e82c208dbab122e98b4e62bc5452cb32 |
| SHA256 | 015408a4960a065c4247dde9ffd4afb13f489f100c8364334cf9ad9b8097f693 |
| SHA512 | 9763dedd878a2f3440279dde01a3d0381827c60cdd85fb07b9f0ec481b1ec453ffe53319f19af6a1b28e1b8fa54437565eeef684fce0aa81f219c90b034ab38a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Ld
| MD5 | af900dc7de6cf5f56a06513bf3331445 |
| SHA1 | 992fbe2d08b656c5f7197fcf2a820143e60f9a95 |
| SHA256 | 0a91ee32b61d95ee558afa18750ba0523895aa6d1d7c36d0c5733688621bc855 |
| SHA512 | 9d85e00b2fe4c46bc809c1b2ac4bcfda7441c71ff03638004027cec61c944f4f7bd995b5d19acc2162df672a4656e7f53fa5a40ea5e0f32b81da08a6e3d1fbc8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Que
| MD5 | 61fa25a3d1bb2a6b5c9a754061a6c439 |
| SHA1 | aabb876591f06cc2a9dc73daff193ed68db31556 |
| SHA256 | 9786cfe5ecf886469c98944e682eba3bbb70205676df25f68ca301d73f8ebd68 |
| SHA512 | 10da243cbf9a3e5e6f8ca3eb50cb005c673d13028c61bd166898175f1a4ca315c388007bdd3b19020d6dede6c0a1b003e1372350abe62dbcf3b849ec261984aa |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Bucks
| MD5 | 61614eff1fc654b21484973b197ab410 |
| SHA1 | 05050687e8d23e8d7d3ae0e33ba9b2543dbf1724 |
| SHA256 | 3e4988cf4e7ce261838b8d647e53e1b69e415c30f6057c74b8a46c8226c4ea6f |
| SHA512 | 99e133e2abd609b719a8a49986ea497ae5777a80b5bc8b750343f948dd1008bf456d3daddd88e2734aaf6a7150568f189748e66c6b1d19356a6b88a8fbf76d18 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Double
| MD5 | 50fa4e54f9135d3c410c70042af6f527 |
| SHA1 | 005cda79cb39d057fd6cf5bd7f022dfc5b40c8a1 |
| SHA256 | c5fde7a021f736fae0480d1f8a75f8e89257c0552c99d7cebc09f83801f134d0 |
| SHA512 | 0cf88524f1ceb1c4972e28dbcc3cb1aea8690405c0ab969d50c3a1e3d357bfd2c9046fa58399f3ad156a705a0662ca751976d5d1eddbd9fb0523f37d5fe03b24 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Tokyo
| MD5 | f8087c28b4befd490b134083932a2d63 |
| SHA1 | bd5077fcbe9740033260e480e9726149b889106b |
| SHA256 | 9f0b85e7bec406a01b3aeab2cf58c304bfe8134158cbea9f789fc06cd66a10f6 |
| SHA512 | c080d4f9b5457c456e78a5a6deb0deba82515dedce0013bedfc5d17016aeb9277b3716a97075dd1ade86d7aff7ec9213db654edafab35035fca6a52614bd6985 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Seek
| MD5 | 92ea3f0bc9902bd2923b7907870018de |
| SHA1 | f47d3362e9217c62083e40f0a8278489cc4bfc20 |
| SHA256 | a74721d77fe2a08a956fab7b88961126015b1e45149c90803b6ce9251454da3e |
| SHA512 | be16a4bb81c66313356728d7c76d077ef98aa184a535378717ccc85973e13a77cbcd198384711d5c91c1789047fce5e9ed45a115578c39a5e5b7f4ee1d554465 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Favourites
| MD5 | 10a617486ec3a227ff8b101d600edb90 |
| SHA1 | f758c2c47a6435bfb33c7305a6faabdef50672c5 |
| SHA256 | 367455ff98b55c0eb209975f1fbe55373b5d4a3ce076b802e3b0a088d069077c |
| SHA512 | 87c7bacbcabd46dfd7337dcdea52916075549bba6b4eb7f54fe76fb4ade0e950004fbc9cda21663806f225d8c09e2e60d9086f7a5240f60c30c0672aa288802f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Instances
| MD5 | 06779209eacb95c6839caf47cac75146 |
| SHA1 | f86689c0b76115674807b57ea4fba5fa61a5f278 |
| SHA256 | b237792368ec3ce7df3fa23f86080427d4f45ff2d659263cc16d3519ffc089bb |
| SHA512 | a5dd02a3ae74ff70b3473ead19816f9b9233f017e07bfde982040e29f72738f42c3b35d8ae54788ae6423959aaf0c51bd050f91acaf262b9b55073fd34712499 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Chad
| MD5 | f2b65916fd551111d1ba0c2be2b3e8e7 |
| SHA1 | a3974955a379a404608b29fb9f1273daebae0208 |
| SHA256 | e80e71cd33accae1a5d53859eb3395434939d843f1d32210cd4c10449f721c68 |
| SHA512 | 660dee0331d313371a71a8f9f284dc0000270a9aa2fe8130903d569901dc082ac53d1a12f1ad1d139cbcc04203b74615f63d89d3a276d8b8b0a25c772dc9ba0f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Cruises
| MD5 | 933b41bdad53039ea17d5d2ab8b4e84e |
| SHA1 | feab644b35e5b537af4e383ba46b83910be99fe2 |
| SHA256 | 9f33dfefdbc883e099425bf4ea4cb184770755404ea9bb9c7a96e963e1d404b0 |
| SHA512 | 38f4726d4460b8043c8b34bc00321160b922c06a67d5590730a56d0dde945bdb9cdb63ee4a22c94a82e5f69b7b7b8670b9de2f684f7ba04151871103cbdadbcb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Hayes
| MD5 | 6390d53017ac3e518333290dd9c4154e |
| SHA1 | f41c64e4203e89603a3e985fa7d52d673e58ea65 |
| SHA256 | 4413c021bebba61ad24324efa70f77904b6f7393056bef2edabaaf353ebbebc9 |
| SHA512 | 271e0f3dcea1b0a62b2344e6c763329b83fc642492bafa149d2daa399c1f25e867018e33d42db73110663e6bb8310fe1301c2cc15750d98bb10a19313bfb9f34 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Race
| MD5 | 63a4cec7749d5aca4920b0a0ffc77cca |
| SHA1 | d6b12953eca8c129f8c6f41a93c9a8ad6c4dba76 |
| SHA256 | e652fe093aec9c9fd7be5112e16ab68e24fa106d24be3833988eb1bc56b3fe56 |
| SHA512 | df9a0196dc292eef2aa94d5c9dcae4a279f8a3ae677898b8f8d22bf0bcf91273a3eaaf29b769bd6137d7ae5a1690f517d11c1573e9c0aeefa006ad0095a0b527 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Kde
| MD5 | 38dbc4be6aad752e017390aae554778f |
| SHA1 | 51ea2bae226686c40246bc62f5cf6780f83ac3fb |
| SHA256 | 9e5779e6ea88fcf1ded100477743cc4d86495711771598184383721faac1e839 |
| SHA512 | e20c15ea80eb394c7604ab1addb1e2893667c7e2c6c56959ad2086bb0201a4f2f3e70ccef023ac5390eeb993d28681aae60333cf0f0d4a65e9ce94fb3ec70b91 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Old
| MD5 | 0c700e1ce9c8ed07ca4bcb5c3c2d584e |
| SHA1 | 5c0c41d7d716d755b2e4a6d474e4bd0a72263425 |
| SHA256 | 1fbce5859a6974d72e92b1e62b3e97c502c39fa2f01aa19ea509fc6fce74d375 |
| SHA512 | 330464add0faf40f7b9a9ebfa16545cdb42ae92332259ade33835ad3be1e97987fa5ef874d25c559425229e4eececadf3c7fb943236328ec5a95a089cc29100d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Consecutive
| MD5 | 57f8159b6d44cda7f86a7018baf9b141 |
| SHA1 | e10138153a5215a07603f40dff54b74d19d7a7f6 |
| SHA256 | 427c3f3dc887b7d7fbd0992660574f7363ba7882f7ae460cd30bfc541ec22255 |
| SHA512 | db3dbc7bced8f01842a9070d74cbe99de1cde47fcd91ffa59bbc6c860e954bf457d83b55327e39ebf044fe93fda9dc23f7bf4221c46c1dee1c5dd510e61393ec |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Tags
| MD5 | edd7a0e7c4bd048e7ca178afe0e25445 |
| SHA1 | 3e61a82941d4c1336057d796e842eea4bb946b94 |
| SHA256 | ef4c824964ae456a9f26dfc9984c7844e400eea406b49031beb112a426f66daf |
| SHA512 | 54bfd671075e2c6f3b0eb19ed218ecd5426b3fe3e02ddccf4bce82689702a23d4e03b58533418b623cc19a3859214b6f536c38264109d2f183d99d70956b85d2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Smtp
| MD5 | 50d8712004d926ad1a52504ce7120c17 |
| SHA1 | ee53537a294d2f06920061b3fb00184b31302cef |
| SHA256 | 6164be62c9ad86103215561822a79b6c64597e03c7dcb644a8f150320015ad07 |
| SHA512 | 2262f9485636145357e44992b2d5dd94d4630efe2db3bc526f3bd47b54e18ddfa36682df44abc1bc6ae4f080c1eb9c1fcd8a7e853aa33816499bed29bbc91a83 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Referring
| MD5 | 0725e160589c7e22ee6a180dc5809d1d |
| SHA1 | 978bc231b38d5a5d000b79c07a07d283983bf02d |
| SHA256 | bed638e82f76865f0977d60980ba296cc0f061d5a811f17ad0f347c19af3effe |
| SHA512 | 57e5559433b45aec664148b616341b493c12d789a683bb23a4b6c7e2e4e999ab6415cbd302ce38f6f348376067f79f46fbdf420b75e67d431f13c7f002824fd2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Studios
| MD5 | bd4a992700c51df67f8876c7a3b01e21 |
| SHA1 | 9da26bc86dfcca6cf76e1c56552d9051861afc11 |
| SHA256 | 0469dc8b161440a8be803a31759949cd0c7fdc182a748c78e6e18ceb6ac95c61 |
| SHA512 | 21f06dd11c9102f0bd7e9b616fb67cbd1a36a5f4dea32b663cf6225c036fbb9ae9a77caecfb5bf67236c03cbc576a174991559558341bb0f6d28857c695db076 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Portrait
| MD5 | 81964a9cc6e968ce4ebbe8d7fc08c1cd |
| SHA1 | 30d53a63a363f4cf403ec0e4fe8c1e2436f7c2d3 |
| SHA256 | 2c3ce7f77fa5438d067feac516f9251c7b0f763bde6d73203f980defd2f5476e |
| SHA512 | 26bbe33098a2fa390dc6c11bb55f1377ce603f36bdea7bd32f82a6413032fd6c81c83115b3a7977115be80741edd4cd5c6e47cf5c601a9fa598ab7a3f73b04a6 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Opposition
| MD5 | d5436fe871faf2ab1fe64d0b002b4edd |
| SHA1 | da2e294738208758fdd7be01db6838752bf792a3 |
| SHA256 | 11f9bfc56e0a0707e4d89c4ce6122a5d6f968d29092e998524e9692fbc464a91 |
| SHA512 | 84dacb80d47a4a4e6be92ccfb59c721a563b5a41434b56297f1361192ca216592d253d76c7d0078af09bf3d9ee97c9233a35dfcbb199fce0ba6c91ce1825b2be |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Creature
| MD5 | ab09b0e1a1da138d204a18dfa8bd854a |
| SHA1 | 5e30688a49bae87f3a8fe37bda2f073bf0e8d226 |
| SHA256 | df3938a733e7980e62a77b005e0306952009e7b345cd919eeffd303f3cf5e904 |
| SHA512 | 92834afaedd39de3cdd976fda71ddf5dbd8c1be453a07f8e7783c9a394f32b4fd434c65c80851d0d2f90c574080472987ef75925a60e6131899ee62b8e4f7c6d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Thereof
| MD5 | a903433cf424106ecec512bb8933b29e |
| SHA1 | 57ee2078e26854ff56f448cc5aef8e494bc831a0 |
| SHA256 | 49544e52a8d4f1be2404027065bb52ff5c294185ac0d7cc0875ba9d0c320c5cb |
| SHA512 | 97f3e13ea5c89aff5dcb5c5acd05d6b4349d8ef30f708482cc56b5397fa11a5a78d67c816957965a604d99ea3de233ce7cc8c6bf2f914909d73ce77c047da28a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Things
| MD5 | eac586ce9cf452d6f537d7703c5ad757 |
| SHA1 | 52c881f2e4c6eb039a665258f5a844aa37a8a4a3 |
| SHA256 | 315ff1ba8430651ad5877a1a972fb1f0c232c214ba3b51fbedf2b7957e47ea33 |
| SHA512 | 62393f37a1d6e0b2d71bf7606a90d88c86cce19014ebe68bfc505f7ebe9a4d9dee15183f41c24b181db6e913ccefd29fe63a57a1a87b3d1a852da2231d637646 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Flooring
| MD5 | 7f022d2ff17badddddbc9c80afe63118 |
| SHA1 | 53a6b3bda53666bff750557fb6c99b521f655e90 |
| SHA256 | 9bb32b10c99717e5fa7e1a63fc0c8adca18bf9ff2e2d1cae7dbbbb3a3fe4d099 |
| SHA512 | bf46b97aa3adcea17429ccc89a175bed6c3953cc89e67be939fdca4b348f34f1960f62775e9ee5ac5907cd329ba76eb81243fca7d2669ad0054f3a0941b4637f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Textiles
| MD5 | 83f0938a3ad1b62bc85cefcb841f690f |
| SHA1 | 46ac969516b7f8cd299694f6ebef8f4a1123b5d1 |
| SHA256 | 992bded3e250de13dfbee8a257d457a0b577bc30085f7bdbce48a5e96ce5f683 |
| SHA512 | c25ff68883c597ae6c07cc4fc5c9f70f2c443fd2194b436a77f5a0dfcae1eaa700ab6a6665895dd2de05e8bde4c7ccfe3d3b108ece87caf2cb7c10d3844b2e96 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Miracle
| MD5 | 9286acc28c7e57c4dac2e3a1a3e35f7d |
| SHA1 | e6ef63283a8af6717b9eebacce09ae286718fe00 |
| SHA256 | dae76be65d7ee43c1c028ff4a0f8421e29e5394483036d505f1a3b9bd6bc0420 |
| SHA512 | ffe1c6cbad2f8f5106463f1f25b93b30e4e06e91c7a26cab3627c762d1c19486f1cb5bede444c9330e047c13b9b9301436b9480bd54626910e9987024c99e7c3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Typical
| MD5 | aac5c53fbea787f18101e52c22c4ee29 |
| SHA1 | 6d6baf8d31fc255e44498a0da46ed9e21d023713 |
| SHA256 | fe14cf539cf98c47b8a1524b2314aeeae1a74dd5a3e5f976efb58b5b5f69dab2 |
| SHA512 | 54aefeb07aef142942f060e59edc31688fa25b686f8f32ab96c32a0a5204007691eb945cef7a7164e75413d002f73fe1d5feabdbdbd5d1e8e50a5d9fbd94361d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Assumption
| MD5 | 059d33906d3973774a934f9d24762906 |
| SHA1 | b6279ec1599f0906fb99414a4b9e07e4a575244f |
| SHA256 | 173b57536541a030e061fea2b4f96c5cf683ea01682f4074eed70ca7470eee57 |
| SHA512 | db204e73ca073f396c1c82e3b02b70a6f3df9f0d3d9d2114f47affb52385621988a590c6b9a8e20edd71fbe29e5917003ee6b66b351f244aef7c896e7aadf704 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Attractions
| MD5 | b1a1ae7931d0b39c2b240e733bcd966f |
| SHA1 | d74f07ee4ca578adaf00b46447bbebe0b1fcf007 |
| SHA256 | bec1eb63f1533efc0f6db1236c878c71369eaecf008d0ac8ca005e5401a97720 |
| SHA512 | 9737db06dcc142bcf106c1dd64d27d38060c83798a97c6167b6d551fcaa98bc3bef5f2e2365c9c7861389956e353e35f54e81058829c2ba35fbd87d198adbf61 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Optical
| MD5 | 85cd05ff556e9187301c35c7e785f991 |
| SHA1 | aea662e73c2bbba7861c82035d298e1f1bf74e59 |
| SHA256 | d971ccdc2fb720e3cf7f4a52bc025764f3c623df3c6c2e593372b739d9b6aca9 |
| SHA512 | bd579519a474d41c2f4e27904dd91dd018d3c697b0ed94f6deba50c66ee9e0dd0ae5ff3db6c18da1345d10ea195ba028ae6fd9d86f82c40ae35964e4954b6a86 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
| MD5 | b06e67f9767e5023892d9698703ad098 |
| SHA1 | acc07666f4c1d4461d3e1c263cf6a194a8dd1544 |
| SHA256 | 8498900e57a490404e7ec4d8159bee29aed5852ae88bd484141780eaadb727bb |
| SHA512 | 7972c78acebdd86c57d879c12cb407120155a24a52fda23ddb7d9e181dd59dac1eb74f327817adbc364d37c8dc704f8236f3539b4d3ee5a022814924a1616943 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\M
| MD5 | 76975cddaca4d63b8803425c2e415850 |
| SHA1 | 88824f191c2b4270de803acc3e3673c1b311155e |
| SHA256 | f0c0f83820d816e912b156f61eec20a6394da3fcc25b594e234d188441f38101 |
| SHA512 | 8332e3c33c00d3537511413513d6ac0f1277e8e66fa20eb9977a82528a627c1d5429b12e506b60f8bf5d733b1d398e0cf1b8d5b3a6413e9233872048389cb0da |
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\uwpversion.txt
| MD5 | f0016f1d09aea25afcb3fb5948acbb9f |
| SHA1 | 5151f95ad805265d9169fb020297c97b589a90cb |
| SHA256 | cc1a4126ba1a738f56187a2a2a9df4f3d3f6baa8dc966feed9d0f6e09a5a486a |
| SHA512 | da19cc04a0a6cc175f056ce4bb5091cb1f7a4efa922704ddedce2aa7dbfda8e53709a81206234744d8ef34c97fd1a31ea0f62ecd41ed7977064dc5ece36477ef |
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\VMProtectSDK32.dll
| MD5 | 7ff7f1e0cc2bb5a6eac9c21762ee66b2 |
| SHA1 | 8e8b1e55c1ae4c6d07c79d120182acd3a5db64d5 |
| SHA256 | ac25bf2734049c16094a1b0d5c1749d11f10f2655d59fa6cfe923e12956f2074 |
| SHA512 | f29c814f327f379a72823bbae55d0fd3df792f7d4f21cd8939f7fab266d3cb8e075c05938da667d4d674b30d61ff088f2c9b55cf822471f65cd2ae3a52ababe9 |
memory/1976-540-0x0000000004E30000-0x0000000004E87000-memory.dmp
memory/1976-541-0x0000000004E30000-0x0000000004E87000-memory.dmp
memory/1976-542-0x0000000004E30000-0x0000000004E87000-memory.dmp
memory/1976-543-0x0000000004E30000-0x0000000004E87000-memory.dmp
memory/1976-544-0x0000000004E30000-0x0000000004E87000-memory.dmp
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\VMProtectSDK32.lib
| MD5 | 60558b29db81ad274a8f992882932426 |
| SHA1 | eccc072b4fb1bb9204b633be4a6c2d783e71a2a9 |
| SHA256 | 9278d85fde55f645cafc39946b1832985b85fb6aac23938edf0c6d5ad3027109 |
| SHA512 | 1b1a6364942309811108b1f1a34e465f0415848d8ec557879c7c4522b13ba594130a224f5055262e1fc8a94aa96c9f5fb037f5a1b1936b2ebf09b3199e358678 |
C:\Users\Admin\Downloads\ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ ㅤ\ㅤ\dll\celeryuwp.bin
| MD5 | b0f566fc20de341e2848a489f69a4e48 |
| SHA1 | 7a81ab4c68ddeb1e0a83c37e17286ae53e29c334 |
| SHA256 | 5223f453b44be5d13f5f249f1f23b020b75c7e237c23712d97813c430015afc6 |
| SHA512 | 4ba8394bede49de1dd1ad98afa59e0546b5118cf6b75dcf2cc83f00fde88bda0d659944c3324d19960d935d9e29e69f8b9b08fa5d5db7f71506e13471bbcb75f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0350ff467fa1d4fd8ccaebbc98c4cc07 |
| SHA1 | 3f9ea619f0d01a055d16295f1f9cf8275e572fb7 |
| SHA256 | b068d0deb7230b72dae92197158b4f548fb8a2abc6e31a9cda3beebae6fb60ec |
| SHA512 | cd4f26c376d76c2f4ec8b85249931ee05b3ca3d91a9b7a23ccb07af341486ace89ba625c904e95ae576ac6008c672ab286ddaa48e3112b8d6d9af88f1c1a8a78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1d5bf7407955e2be40bf4278dfe65838 |
| SHA1 | 42a62179cafde68d4552722e39825362dc500cdd |
| SHA256 | d787e027f34218f2be385caa1e52fa017d4a706d0559b01d884ef2952476fdfe |
| SHA512 | a5025af6967fafdb0b0ffff20183e645eb046e1a77d608b0fa63882a21e40cc5bf48c977cb3f1eea7c38c98a58fefa15b9caec629e470142608b8995729f5f6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8eeb93e770a622e910c9757f35a14097 |
| SHA1 | 6ca597c87e63a8ad79fa463200fba4e32d396a6f |
| SHA256 | b768ca6fa9c5dd67bf7005537c7394325fe4addae2166a1d11702f10f289a827 |
| SHA512 | b172c7522468b2e43e8f1823930cc4c30c376a4c320d18f1ff0928403c72f84062a8cc6484297d8307ea6a0afb235574b5a8f5c3d49b046e1e46d25fe018c223 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 90571da6e7436a0aca81d0daa024a5d6 |
| SHA1 | a7da787c5ed0e7ca85da90ae6e357718094d3f88 |
| SHA256 | 56049f18ed7a252b9f37e8d289b6f9a09753b90301c245930f435858f047aba9 |
| SHA512 | 4184defacd84c946e3867873afe2dc493158dc7ee4ff998fa656e28f3876ef7800e94eb9951e1f2fb195f70ac8b6265366b9575f8c284a267e3a3b6508e6874d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ede9c6b67d3553fd2e5e84b762c39102 |
| SHA1 | db999890c1537f888d0d76878af1a77f4ec8b767 |
| SHA256 | 66be3ee17d23a2a51125637168d511112da7bd4875264437f6b66a0fabac0f98 |
| SHA512 | af9c9c9936fcfa6755a6b09b07a0a5f85eff0906ff3939f5c41cade86c6c6bb1697bb018be74c28c403c48b5f653d4b317390601b97479be531c3c6662172d4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cfddee5c075d073b334264a18bd0ce47 |
| SHA1 | c4273043ca3f76d11eadc7e01bac1a3ce8d438d9 |
| SHA256 | 6970fc15122c53e1e7b08c2f7656d3908f8b8a87122623d76a78261991a18dbb |
| SHA512 | 610755785af51a0417bfc07d27a4796a8345de2857854cadd4e8f00f27e25c167bae257559c4a3d7990a68fc0485e73f92e57667f15c486271da524aa85a5a4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8bf27460600fa5e6dfbd60deb9abae7f |
| SHA1 | d2d20c85460b2279e8b69fcfc0f73d72fddf244f |
| SHA256 | d9a732a464c142bf184fc60551d108a29011de7dc446ec4a3ea1e1e4771002ee |
| SHA512 | b7987e9c297520e3bcff81b261a273bbbf5f165a6d96bd69660ab7d8d4ef1a1171f8fb1da2b7e483b94110efb9cc9add3ae0013e0e8e3a6337ee2bfa3e6ea709 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d
| MD5 | d84862513956cbe61aeb4ebbfdd3355a |
| SHA1 | 14ab269df17cb0333b1556ce120d587324479f6b |
| SHA256 | a18b26912ab9e034923cc64fbfdb59d682500f2c556456930e480b6bd69e33b5 |
| SHA512 | d04ca96d72595f1e291a6ce96f092c1707064800103cde733512a186c1b22e089b63690a0c53965c97248dd782731b22fa2d27b8ee3ae112647382f1c06d1a9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d56e7dcbc398f2f747105d5251969c28 |
| SHA1 | 279e99bf5aa3184e1682d7375461a61681022cd8 |
| SHA256 | ce2a9e2c8ded02e43de0eb0aba0b5934c2f3cb8e7deeddb341b8aa9adb7ae166 |
| SHA512 | 524a341a22d7593702e387d44d360a888d957cc117bf26030a23fc5287ebb183551dcd25662604846f9de1c08f4e38ecd9964448c1ceafa6f63bfdefdb544a69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | d41d72406bf403e2a2d1ec60ef889531 |
| SHA1 | 3af9e732d1366595da6737bd0f943df4704ac4ac |
| SHA256 | 913bf99a86dde22866e137811794ce0a5737a1741583c2e06483c31a6b43629c |
| SHA512 | e1268f335a51062f1d59dd392e13730045cf0b4eac1eef48659f280330a0c280aa3d28064a94918acb3b1c6f6d53ee674f9ecb51eb0e78729672205c25f490ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8e1493b938821e78f7ca0e4d89238380 |
| SHA1 | 5c025284dcb8d3cfaac92be12697b524ac701777 |
| SHA256 | 8e785d5977d098745ef0f2a248464c54b0c8136e47aa40ba452a028b0c8d9de7 |
| SHA512 | 081c8e2f4ff23063412cfbed1000add5c2359d3a81a694612f3cc4d84ec7210f1f6531d805497e95271bb10346bf2699f046b6e0ec438ced584fed004394abdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 20bc48adf1d94b3d713a5112865c2e7a |
| SHA1 | 09502da25668b08112c082af4bc00de3be32fb0b |
| SHA256 | 8b28fcaa9ce5a07c203bb8cc315e1e2fede51d1826d50cf9042fc6edb82b74d7 |
| SHA512 | 43213d0748bffba08665712a8691394e9a3b933fdfda337ef989b32129a960c92f409a12113be8eca3b79e13a1bc288d9b1644e5a62817dd0f16057eb37cd35a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e1445a9ec7ffbed78f5f453b064936dd |
| SHA1 | a865c50afd457089162d037230795249cd12eded |
| SHA256 | 34a8fd252add013c319235b24aaea03aad929df27b86d015e0e6ad315c56ea8a |
| SHA512 | 515b751a42be2a6dce4d79aa10ba0160448a403c0b35efd0f812430776bdc0d48623893cf470f6dd5bc0c76b758155532473c49718d46aa79acfe33b34a16b71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f1be86fe4c69d988d942d0b06b559d22 |
| SHA1 | cf3bedbf878a54ad3a9d540eeb327137c440dd34 |
| SHA256 | 6c8dbb21b44d220f4ed20af468168e3ccd8414d80d5c77247303e20cbfb6297e |
| SHA512 | 547bcf2bf549befd49f383eb104c825deea4cbded7894b77702973a15b03d235ed55aa0daeba6dd04347105f01f28f91d9dd3c34dd5cfff9569f8662f418517a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b8b29960d5adeaf56299775860c06236 |
| SHA1 | 7dae9305e9998774d1c8afb14a07e9cdd58b8962 |
| SHA256 | a52b38f4581193ef0b4dfdfe9ab8f0ef1f996ec276305ce9c23e7ecaca7aca5c |
| SHA512 | c76ebaa51d35a242d1ef1933d36bd4f79897099c34ed04481abdfcc8e5d45b8b29c8a1cfeb03c202c1a159917b23e9f9a0c484a9b1b5071f3f595e732b9b6401 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d59e043a46046a4755bb3ae28eb909de |
| SHA1 | 0fe80aac5eec243cff9347ed125f7a59f9d09c73 |
| SHA256 | e8dc901a3ca80512fdd89c10def1062282706a29d394dfee2c8bdc1c7e116305 |
| SHA512 | d53510093845bfc8880f1af3b29bc25534042daf4331b6dcd9be00560d684a19b48c72273dea8914cd87a31f65090aa963e9f591d17b7f2f121e97a22f710372 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7388ccb8e12ffdbf_0
| MD5 | afb5f60d70e80dade50df49b90e6bca8 |
| SHA1 | 4065ee7003ed013e3ed281dbd833865e21f670d4 |
| SHA256 | eab73a6f3f8fade9497c22c20b60a674c76b7f81126ab94c710d0f056ccb7827 |
| SHA512 | 93c3ebc5eb3bd7ed8f418646643b8054dbeeccf2d7275b202af15970a5d5df15d321d546e4877872393f6112804e78fc78b3c4d2e1e326c9315bc525d6e88dc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\150d8157e5696893_0
| MD5 | 05fff07280b85695998760425d6a51b3 |
| SHA1 | f03806de880996019687412fe31cabbac40bf04c |
| SHA256 | 301318c1ef728f54c206ae27f7c92e4a4bef99b2965406cabfeff53b6762c971 |
| SHA512 | e1775f74ceea5cc47b468d0a9800ebd1e5a2dddb5375e1ef9f6c84d8b7bb672b03f30ba9ae8eecee3f9b31218df2553322c71c6de5bcb8ceef9aa377c661766a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9cd5adb84570ad93_0
| MD5 | a421b850ad06785a7ec3d3e8313bdc7d |
| SHA1 | de6010aaff88e042e1f1e101a07f91e50b19d191 |
| SHA256 | a22f54621cc784cc476b2d90859d2dd5c8b9f826260bac2d0ec52c026ce70eaa |
| SHA512 | 244796ecc5875c7cbe332d71d6274c8aa65e16554c1b96ac124f3ec3687e168c3fb4499a7455f0166fcef4c8ac1663bc8d9b140496e08260e94495493f734c0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83089d6550929f52_0
| MD5 | 606523e80b913fbfa34fd66a22e748ff |
| SHA1 | 6c8a938d5b1570d6a76ea318d69be976540439a9 |
| SHA256 | 8fac0a8fc6d7ec536ff07dc8adc24631e555f21b465eafea8cf8639d90a7ec6d |
| SHA512 | ae6708fc414898b25a686fbec6950b8f85bc54f9c1f5edea04e2516dfd463e8050d7709d137f23a4e807d52cdf88b0b31aff1629696ddf79d034ec584ce33c1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
| MD5 | 7ed17a85b04bfa64cb2d278714d82283 |
| SHA1 | e64e26d690e461a0b5ff551f8ee30e11bc4dc165 |
| SHA256 | 56981a3315fa9ed3d5e8c80472110514725528583a50a72798853af74a1c8fdc |
| SHA512 | df59b5f797a23effcfbefdda8ddadd461a58b6a9e6aa21d0a3aa8d81df18c4d2b9d90dc2206271f2ff357c19fdf3c85bf15ae27f412b794174b0496f3343fa42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044
| MD5 | c984007d060766e41c7822ba1429658b |
| SHA1 | b016cc7dd0f8243422b7bd3636c6f45426edc234 |
| SHA256 | 1a5ce05e4a177d78ac9565c1104e1fd113c41aa5deb202442e48c102d22955d9 |
| SHA512 | 7720ac3ab724bafaaaadd5892fafe526fef0d4cf9618453a5df6dfcebc35173a980aaa52f7ccff7afea99cdc39fe81ab7fed4cd2baa5dca89d07b8befa3480ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | 70dc4f19424ed6d1eb3edf2e3acffdfe |
| SHA1 | f5e03c8717997457ab5875098caf342e959c52fb |
| SHA256 | 4f0529047afe2ad52d6b531440745c009727a374b0302784e5993ad85b3030c5 |
| SHA512 | 92d0562b604a951bcfcea32569343eeee2c400149faa84375b8eab5f4432bf97bb833b5f9c7c287b1f8f1a330bda52cc9a5868cd35a56789beb7ffc1e9cf7580 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7e1d76a9165fabbe8c9d0aaa88904d3f |
| SHA1 | cc7ea48fe57166043370b56688d73be15d9f1402 |
| SHA256 | 8568de127c45d4150824870e031fef2e3818be21b78bff8b1fb05db97fe69ca0 |
| SHA512 | 1d703061055540f79b605e74532f1723c609ee921bce75b8b6f34239a9d15cb3a7549c1f832bae428a9109db596ad4547db96fb83b864918a36caf7c2db11b54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043
| MD5 | 8704c0c425de7cb79ecfb8e75b3d5de9 |
| SHA1 | f45ae58e1f324cfb9d9d2ee45c34fa08b1d239e7 |
| SHA256 | bde61b3aa97c5012da4a52bcea8447cecbc511e7bc9246b2bb0f7d5595115ec4 |
| SHA512 | 2ff30b792ab01279ee5d0d38de60dbbbbc9ec348179ae4c7c619c2d0095d50ddab263bf77c36d9b57c5be1a4050ffc8bacd6706c115d8258343370205d17c684 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e
| MD5 | d651013ee4a647f41f713c252715859b |
| SHA1 | dec0d7e058e0cde2bea41879eab4d040f279934a |
| SHA256 | 162150d6d6111a5f93e118bc0f589cec87a767ff712dcb72681bfa067fb2a73e |
| SHA512 | 7b80dc14071c87fcd5cb9ddb55911b01742e835511472dba2bc8bb46e8945bf07c08e84bbb0a83971ae2dd9eeed5aa823cf5a7bfc3d2d72f2391ee63caeb7e59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b
| MD5 | 494d76113bb92aca6cd8cc4b97890fcd |
| SHA1 | cffe47b2aabec48a134660f03ddfed11ee11e2de |
| SHA256 | a6e6d8fb969e12586c9f2649713ffda54e2358486facaa880a597f23e88d77d2 |
| SHA512 | 02229385a03c3372a17794d818a7e987d177bf94941a28f76ce4ae7c0591c886efbe99e739517d17e124a13868d50f6aec8d7976c0733c2c7fdfa1a18bc8976b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a
| MD5 | 253fd73bca3c19a804e5b3cbb424a55a |
| SHA1 | be4f3927e9f41b5e3cdf68f7f06a3257aab89e6e |
| SHA256 | 10ed3f47134e669d5d62a738719d142d4a8ffd680c2f5df4114dfffd3f262c70 |
| SHA512 | 667919206bd3dddd8c98a09f270a591ca59462a7bb652fd4d7388323b6981c0b970cd53492b9ccc808ac8805a55016a597295889656bb52dd309bb1c2f9dfb0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048
| MD5 | 271aa829d4ee3960b052d1e8e96541ae |
| SHA1 | 3c2f47a58201c0dc0104b11da2fead60054eb7d2 |
| SHA256 | 73b567eccb4e9b2257334d383e9584546f49ac27d893357e2bda2821faa770ac |
| SHA512 | f50b5d261e909e4b3d4cdf99c567843c4b624f0ed9b7dc273167330f84dc544c5ecdf8cc0709db47be7398c70c26deacce5603523e9e6914cd3f66748304723b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 4f74d1d4340fb80d6671effbc9c03f34 |
| SHA1 | 8d89d35eb23c591af321f3dcbcbdae3652de6d45 |
| SHA256 | f27007fb606546d8e12d9abbd57aa55a890e8568851419e1945844ee5c1ad3d9 |
| SHA512 | 1eb00095321d7b1d0e6566b295004fc40e9b223018f1f967fea308fd3874ed64acad83113e63188365953ae41c750f74142569b9edd0e055e7917c265bc0b1f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 559df0297183a8337a4dd7dba5776e63 |
| SHA1 | d39980d01121721d18edc027865a1c0c8d9f9541 |
| SHA256 | 4fee293075987bcee2cc1ddb6f0eb51ec7b3cdbede1bf599adf97c6ec8cb22f6 |
| SHA512 | 14d5c1ad220ea9f901f38e704f6c355bcddbcb4aa787acd489eb32ec96cc6a7d2300334036c898ca8bcadec9c18168aee27375e99258144367659e034bf4ca25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e161d9a62039def_0
| MD5 | ef535d0a62dde71d644a59282b17a4ed |
| SHA1 | 17c4c87abbc7e8bf7eb7083291362f4b8943b9ff |
| SHA256 | a100689d876088149f9b4ebc9afaba5b9a1bcbb46e28e4a2f2833867a3c7b76f |
| SHA512 | 972a9f2a31ea4a2cd5d679bec4c7a960e6eaf5e7d50f6d9d16a74341f562fbfd1c5b546a20c0154acf26924c87fe2bd0c1b8859582511dcc6a59bd213192400b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec1757edf04b4d9e_0
| MD5 | 0ed128af085e7fc767c312e419f76f12 |
| SHA1 | f9cb7428d968722710fbf1e9117b81e068816caa |
| SHA256 | baa8da0c47404add516d13381955ccadfe6cf179ae2b3c151244a55d66d21bd0 |
| SHA512 | bb6824c8f44d57f67bf4df1ce3063090b747dc3c71ab3a21af4ca961acf5561e4f389cc946cd32811a5457e72eb8262799e11cbc8a4988e19a88587a6e9fd726 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7869fe81d043fcd3191cc093a74d9155 |
| SHA1 | 8393bd9b6c749734e93d636b77617418bf4eb34f |
| SHA256 | d8033a420c164aa598e5e6305be14c0b68a1f204a378f8e297b1045f72cdf2ce |
| SHA512 | 9b35b6d4a1222fe161bd9fbca3a45e9aa9223dbe3c87cd636b151c45e841b8d12c739e568ddd2093e61170e97dad54d75f7fb9ddcc0775428c45315832707f74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7cd194e6aa10011c671d34ed5dec3309 |
| SHA1 | b88f0c6f084269b1e5204b32d84807343ab2e3e6 |
| SHA256 | 54591d430e81befc66adc4432ce229daaa4e18ad821e85030c88c3c81d9a9789 |
| SHA512 | fb5f7a33bf5a0d48c077a6f74ec9e02506d6b137cce9f6bd591bb1c7fb67e0cec5b3c78b673f29fb6c28679e8aef451c4742058da8d0abc69aa58f485ffe4a48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 34db5daa882d86615e397b5dfee652aa |
| SHA1 | 75aacb242e358fedf722bf05247f99ea4d83737a |
| SHA256 | c1c0af121d976462498b2f3b5db4ba9df3a743c9e2a9a4170efc3761500c076c |
| SHA512 | 5ea85bfd86d9c60e97e9c76f5a4295fc5d3a774669a699f9854a61e4b062290dbcdfade7b0374566983504441d8a26cac04687247c276530b1248bf9fe66689e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
| MD5 | f4ab1df4de2bc924dc512115ffe91351 |
| SHA1 | f490ca62012d76c089683d59c18fc43014fb311b |
| SHA256 | 1bc5ec8e74b84c76fc38b7e2d2cd0876a0d7adaf7dd2f8fb8b922c65f118a82b |
| SHA512 | e17cc23df0b555bae3602d81b7360407c62293616f1c3ab3b970e4422981cd16ae4e36fac380d162d794ac1f1d59d1f6175e59483c71250b1b96222a5fd3af33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | f4479d2f8c13e893fcb53246ad85249a |
| SHA1 | 6e940a8d8e5f2774179a55481e0e58658dfcb8ba |
| SHA256 | 45555e45a0931d690141416ff40164bedd0edff1756c59456572416a8d95de8d |
| SHA512 | 9997e04120cdaeabfb9e15fa9b758c35a88aa55d5ee0e24bbb67d459872f9f23fdd68dfb8b322954369df7a288bcd429d1aca977a452c37b9d5272aa40abba1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | caa2be847581886eaa5347362a02ae78 |
| SHA1 | d3673733c4c08ab725f7d851311da9a2cb80b747 |
| SHA256 | a4f9140a7d23e9144de25b1bc25c1c366263fb3abd59313d51f0e19f8ae974be |
| SHA512 | 0b8c2898eaa369b04ae2a786f023e1cbebcf9ef24eb43ee86380cbe99074c557486ec750b0aada532773d28b88cb93bfa1e633c37727e1deefb68875379491cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | 6e64a529396354c4c7315eaf773f3ee7 |
| SHA1 | 4a6f76f684428b2c65a170518607b46dd479d148 |
| SHA256 | d681d16e0e71325ddfd93ad12025b3ea4d5d2a5e7b8c4bc0ba8dae7b95aca6b3 |
| SHA512 | 4b1abc4bcfdafc70541e2fea60df08b13045a6270f4440979b3bee3706638a93829e49c3d5e7eb098429a0f7af6c31ca3890a71d776674a18fb4d7ada94a854e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
| MD5 | 6a1bd454b85e92a39f08055bca045a6a |
| SHA1 | 4603143573bb0375816909116da0f4b06900471d |
| SHA256 | 390a3bf94f6be0154789d57aa03493b0733cb4733ad0dbbf9b3f3488e57b2294 |
| SHA512 | 585b84a712c641b446ec5ab5a1453d462629b26f51cd36d14d0d46e836ae6729cf52089662c700d4150ca05773539359340708bb67545d5ee8b035bade850842 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
| MD5 | 977e52517b0df50973992e4ed37db883 |
| SHA1 | 48efe7547574e0dbcfe8a9d998cfd19d86e4ebff |
| SHA256 | 8742d03c2589b19fcc588298aeb70aa26b46dc0efccd963f0c505d1f08d73cac |
| SHA512 | 48b4591855418f55e66d6ee22a5ec280773a2fd6a9c94501e84c2a7570cce633d0d38fb2ca29a785490fba22ed9cf14faa03c89ce66021b9770099ede58bfdd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d
| MD5 | bf8986d1ff0fdd025f5f6004e562ac9c |
| SHA1 | 62bd3a8d631b3dea09ccff1cd8312509cb75ec93 |
| SHA256 | 6df73a092de3b6c328ebba69481eb00383e63e6f2b24d888fafb60233a485784 |
| SHA512 | 89d11b638860336beaf52100712945691d0a0897a31c96d5f51a0a1e0f311d154a127d9702bdc647b6da3e9e76c92f439b40319cf0c00f2d074d6cd720839ce0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 68a4188e422895e8f57386673ecf84b1 |
| SHA1 | 82fa7b8e0da5e2ba8dfbbcf3caeeeba50fbf8b0e |
| SHA256 | f9d6b7b2af3597f3c1827fefdfbabdc65cab7a2153ffb3c068d0efe65d2886cc |
| SHA512 | b097119eba70b6d0174dcf9337e68d55e1f26845e84389f7d0678ec543181ef4178780dff1b2f3e7671cf2fb8407826969553fb9aff998434d309b8395552944 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ed80d9e7abc41b5311fb9cb199aa6908 |
| SHA1 | 2ea427796291dade5839efdecce6a4bce398bc65 |
| SHA256 | 2d8a88f620525832f54f7bf111ec4c01e1498d53ed7f3e42a68961484fe6287c |
| SHA512 | 329a2f22de3c9eb483635c0c205393db42600c65c38f22993a5c25beb9b36d30e250cfa9c2fd4fafb0a182919dd02afe62c9b5f76f047a64a2f283476b881537 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a73796f9a34176481cfb582b5d7b66a4 |
| SHA1 | 57068e6e0bde34b0a2382034bd2986f1cc4c8489 |
| SHA256 | ce1efc0630d71028bad446b98fab16be0c18538c3f9afb60122959da2c0c1c8e |
| SHA512 | 967308a9b0b3bc29ba85ad7d8be2511a8fc2edaa45725f494431cabd3a08b6d89a1c6f2741a667e4e240b1a9d8acb178dd22a7d8a7687a3f445bd82f70eaf0c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e1df5470d3d21b9af54c4c531daf2822 |
| SHA1 | 082d3014f48e92c0c52140f2288a896eccd6313d |
| SHA256 | c230ea59d357db8d578be43d320adfc4cad7fc4f91bc59afa0af1bc2e3cec554 |
| SHA512 | 33f799bc72e2b986f4b4b49443f7c0f9281605f85ad6343ae18081fe9e849bb075d0f8662730ff398d74c7d57cdee205cbe74150b8159f51d3151c19754aad68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 626f3d8beb76cff2ea52fd9fc4b67332 |
| SHA1 | 98497b535827f13d331b8fd8d7e18297d19200cd |
| SHA256 | bd2e30b1cec106d062be8e85e68866f4283588c34323f1d769c17cee5ed33398 |
| SHA512 | 267be76c4be372a863a7c2c0271ece1b4b9580b8478a50c7c5ed29f2de8512ecb550a27561b688c19218f6dbf0db44f78f71298a9bf68bc2d30321bcdd2cef83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | cc26618a4eb335d2c52ef8d6c98de107 |
| SHA1 | b16ea0e917de885f9cce6a49af9f846b1a24d6e5 |
| SHA256 | ff36001a50c13e0aad90f2ee141245c6ee191020975085ccb07f5da21783df91 |
| SHA512 | f57d60666c69658d6a2e1dbecadbdf067ac1f4920432ff3ad4759b80020d981879606b6951d77abfddfeef9e322f7492eeb476a5a3c60f2e3a3345245c9f5077 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4aa90efe2a29e08b_0
| MD5 | 00de072c943e8ace3af7e7efb639af2d |
| SHA1 | 0ba2d5965e9ba18636067d9d03c6f8f0ceb4f6a0 |
| SHA256 | f1949a17f970031ebb39fb8bdd85922bfba9f05a136e911192a7226b8fa6c649 |
| SHA512 | 786f31e13bc4c3b80a0aefddd84a1de047268e1577877e8d034adc4a9692b2066ce83f03b758479909a9aab3f356b75786030a1479b278448d9f7f4ec40cd676 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b
| MD5 | bcdca5d85f90bc77cb2102a114c1b0e2 |
| SHA1 | 1c26237718c441febafb383e75d3f43b9606e529 |
| SHA256 | 0403da003d05984ad997552169c662d43e5c8bd961d87e897a6d46682f49ba0f |
| SHA512 | 570763cb29c75c0b246e460479a6c155caeced89a259e0a941c9447b9b7b2e5b6041922b2f4840b6aeae3ba9c6eca39a8b3506f78ba364d38b0efab021de3cf0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5470f3a74460fadf_0
| MD5 | 088744a3454ff8c4585cb0db0b617879 |
| SHA1 | 74b6a1b57d72ef2cab57432fcfbfe0063a094965 |
| SHA256 | 1ecf6ed1f4f5ad13b868ccd171564b6beea1799e8c36d3e53a04662aecbcd71e |
| SHA512 | 75f5328514a11f1cb225d6ab30ae1e70e378b211fec2d66c76164255d4c9a8e926ee780643443a36cbec6e4ceec4767ea78f67278760b0c6380f861a88dc1991 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\122774\Locking.pif
| MD5 | c663948910204a8847a4368e87c2ae75 |
| SHA1 | 78316a31a3a18ca95950f76d3d29acbc67a2b9f2 |
| SHA256 | 5e10ea830d562937494b6089114f55b6929a643c723131577cf00f635e2e7bd3 |
| SHA512 | e475f185a03017a5ed94cb703f6e78b4f0fa6eef22439a3cb02cc582360aa274628082a00a941e791ce6f302a0488ae60c6659225758a5051f861a035c76661e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d0072866d624bd9f48284d6396c1422b |
| SHA1 | 0bc3dc880a31ed1d7054cb72f251a797ed8a474c |
| SHA256 | 149f9cc8c73af9b701f803d6c6622cd4dc33de3893d7b5e87053be157272aa48 |
| SHA512 | 1ae873d61cc6949a60e6f9b7830e50c5b523c71c834b64f0506366c782f60181a646ac9f38727d72753a839118aea2c08ffaf6e8b30ddbfb98522f6ff0d4afae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b6e7866f63c397d810564598aaf24b0c |
| SHA1 | 31bc2c4f7f7ba172d436ff98ee76bb85bf4d05f0 |
| SHA256 | a071b1a32aca63fe44f4d1653b3238011e23b250042747647cd00a641258a1f3 |
| SHA512 | 6acc1efb8fb00642f02227fabd6325fc16bcce63d6b5d512a095b0aed209cd4891e271cf922a23d1f184caf148ad9aea6f0f8d73e6cbc84402ac9b59038217ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74c62766a4b8845ab4ba69ba05d8ffe9 |
| SHA1 | 0c1c30f3dee887ec77edec8b52b6320b7a48e744 |
| SHA256 | 4cb038696517070d989ce40fd273b8991a368253da58db149491daf643b9b120 |
| SHA512 | e1d4ed6c7165aff7241643d29fa258695c1245d8b841da950a4b9ef058b45ad78b29b6e4a9a5ad09f125d70021342886eda1e673d1a89b4fc47aa7eb0a7d3cdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.base64decode.org_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 44369d9d72ab8c09361516d3e456fb31 |
| SHA1 | d9c22244f34ba90f2e055b5f03715a668b1c0775 |
| SHA256 | 354756f1dc1faaa5b97010445e7814560f94743a33b9301e828183dbf9e503b9 |
| SHA512 | 14b29db0b59431fd9d7485cf8d8d3a6b817eee3411268916bed3c652919d2feae57641440daeda8e73061c1e2be83273db0ad22b754e1fcb27dbf342b80dd459 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a5
| MD5 | 98fdd9d1cacc22c4f6f985e67e4bb8ce |
| SHA1 | f601cf15d4b8ce00e5c2a4d5fd20163dec36d312 |
| SHA256 | 18c503a851ac98f33f8358cfa431a5fb6302079731c7f01acf602dd78e18530a |
| SHA512 | 34552e776fdb4b6e044cd35c89d227199a5dedee99d9daae9d885fe5abdd1cabbb81c84bee79c1a22048a256bf008d3088a55db41c18c537ef2b7b15ba304441 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d22bf2cb7c0f75c2de5972291a7c1ac1 |
| SHA1 | ff16484ba30e7fe19b5721978e1091b00897804e |
| SHA256 | f53b88db76b4f2f0a3790b1520d4837e6868785a398db45c5609cf653efa20b4 |
| SHA512 | 188f1d0e7a4df01f9a706356bf0470f04a719c437c00eba0c5978a1dde52c4fabc3d8ee5975009283ba12e0b80ac1b57a24d855561d81c18961c62eec6073b16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6
| MD5 | 7ebc9123f9f29bf22e0cb3f855faec54 |
| SHA1 | 831df7bdd66b7bb0526a5139cd3c019f42036e61 |
| SHA256 | f228c05ff1652f635a9a696d5eb2d4bb266fb435b1158297f1869389e4a0c5c5 |
| SHA512 | 7c4a2156159f0c9edf7ec5b8607afa145a02374b41a8acd768fd7e33e264df84111c87188c57d63973d5bdb3c5e452f3f063cdb995b8003830c89e98e0d04096 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052
| MD5 | 82ee3ce5e7aed75f1bdfe93db868d452 |
| SHA1 | c7b9912bbd293f37f6718b1cfbd65c8bcb8565cd |
| SHA256 | c377a5b1ac3ff48177e49f188002eed9b1b27929a2d3cbfb63f81787f4bdd992 |
| SHA512 | 70ededa68c9dce8c79906d0bdae4db1b14ae2964dc81c5b374e77f262ac0c789ac47b56079a50ec8d8739e0a0cbabd0a7d1012dcb74697d0bbdf177e620d960a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ed90fd2d-6a41-42c5-b48a-7a7a914da26e.tmp
| MD5 | c693546d02992b8141954561f1020028 |
| SHA1 | 258470990ec86ed119814480a58b02b2663445d2 |
| SHA256 | 688d4115fd9b02b9bdd9da4edf955bbc1f1c01c8195e9002fe8cab07b16b8295 |
| SHA512 | 4c93fbb7b485cb79d313329b5043aed3d71d5d21d153ffcbff9a714d475ee38b8b28cd2be6ae2eeb07b0efc15fa9bb984dfdcb518584c05126a5da27ce580065 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c4aa2841e749588547318505f479b3e8 |
| SHA1 | 03dc32913492b177269a170e90ee2ccd781c7bbc |
| SHA256 | af672ad729b8c8ad72f52d6c82bf302fe5bf3cffa6b45ba0561c323ed1129d35 |
| SHA512 | 14b7cef50cbee119a952fea50959b4b113e040da7fb4819420459630b69b681adc0aa998caa9b304964d0c09fd19ea26ba13953418c5a2d96b6690b38ce9acfa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1f2a59a9b2acb53c081a4b98ce11d0d4 |
| SHA1 | f1a8644dd6d226ecd161602d6ac5af3555893c25 |
| SHA256 | e2577d9f0ebacad48dff5037407c89cfb951dac87a90b5ce8510d4e4dd7c27ba |
| SHA512 | 9a469ebc16e01c68bfbd5bcae5c33fa91d7b871d2e0890aa205765ca362b9287ece4594c48425bb630c5515d80b7b291dd20f573f618af8b28f68660351a7818 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2877f796c2b003f4855ba8f15c6f0657 |
| SHA1 | 0fe4b61fd08dbbc160548f8955d7c8b49b11076c |
| SHA256 | 0b67214c3dd3bab554b507a7b40fff8631fa289967e743e4138c39ea4334c8e6 |
| SHA512 | d8cba3205db2808a0d8ece2a0670f01b9f198249c35d538b3c7b197fb43a4794b3e1f47e375ebda8f4669c472ba664d39519b00d4e853c5265b0800663a54769 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | be5a049ed43a330061e1267338dc0689 |
| SHA1 | 6f37f75d082202d14d727c941e83fdf0974c2847 |
| SHA256 | d73cd494b917b0a82a3e8f473b24f293d80db1380aa22b0c6e476ced658f67e3 |
| SHA512 | fb7821eb59c4364392f34f5b0bb4e8fce403e4340729f60b66a3d7ae0861b45803ae88873cf01fac65adf22997ea0893e4ed0c8cd2574871fdf1518e12dc0ef3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 571f1cd99ecde134db2355c2347dd359 |
| SHA1 | a74ff3c98730a1585d56cffdc01af1f1a3054028 |
| SHA256 | 26f7bc48d11b23f31b794f22e024b005e54194b727d8bfc2fd69e461ef2d9bb4 |
| SHA512 | 09f2c75ca947f1c57195c48995297399405fa437ab26de2f596bcc87432ff5aaca875cc93831106019b16fc2972831fd7e93c0bc6451fcd390f1cd4ed1ea6168 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 7626aade5004330bfb65f1e1f790df0c |
| SHA1 | 97dca3e04f19cfe55b010c13f10a81ffe8b8374b |
| SHA256 | cdeaef4fa58a99edcdd3c26ced28e6d512704d3a326a03a61d072d3a287fd60e |
| SHA512 | f7b1b34430546788a7451e723a78186c4738b3906cb2bca2a6ae94b1a70f9f863b2bfa7947cc897dfb88b6a3fe98030aa58101f5f656812ff10837e7585e3f74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 5ce7bdeeea547dc5e395554f1de0b179 |
| SHA1 | 3dba53fa4da7c828a468d17abc09b265b664078a |
| SHA256 | 675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9 |
| SHA512 | 0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 309cf70f0ac174e2efe4597a310ee13e |
| SHA1 | 563fe6db9b9e230d08211a75cf61387da4186321 |
| SHA256 | a1ef08fd9d42a184f2cc3ff8926425fed2b711918e5c63223e93c7921b60fdfb |
| SHA512 | 8088391e15154cc5becade36df5ee0e5a5b167ef827550626a2a944b577c0b0ce648bd5ad8fa0bb11775e34ff660f6ce0ce941eefacc20fb5e72313c0914f731 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5b3baaaeaf12b75e2ee36b8644589c0d |
| SHA1 | 38b7305010ff4c6d1bbc6c5652722ec20a1e3500 |
| SHA256 | d7881bc500d6698db309043725f01926df10a173c3a91838e4892118a5c158a8 |
| SHA512 | 3c0cc18a5737d78dd7b1575805cf518046d68409285d12afd3324b60b8aca00aa3bb848ff1e5e308e5dfd04b73279b9a78d695bac98227614173ec9d0839f71d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 108db974af18e62b557740bde8b0ee4b |
| SHA1 | 30d36b94b96ffee2625abc34dd69e3f2915cc72a |
| SHA256 | ddb6b3c65e80ea9fd0c11c082284e0d2b6168836e38c46d924c39bdfc3e66304 |
| SHA512 | 8e96671d7f602ec10f58f6f175f4dff12e62e65f1063de419d8ef4bbdb8e66cc8d184cac0a88ea68f1269db66fc0e76b000bd461799973c7b7910e0e439f3b2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 440640d1170cf86c4e38bbb38ae51747 |
| SHA1 | bdd3ce3875b5d0c41df462f35c3fe81030523ed7 |
| SHA256 | 010a2e52664684c3161ffe0562dbdf2a72176a1ca1dfae744edf485188688431 |
| SHA512 | ae81f9c75512734f6847243125c9c20cbd68a7d9f800e7233c66690c3913d96cc3b14245a4e98fd81583a1a51f05a40cbf180877e0963ab5d800422fb7a35a43 |