Analysis Overview
SHA256
3aa5401a16bd3aafff6eddbacf255eba3c3c73118c3433a5bb9d3882aeb7df95
Threat Level: Shows suspicious behavior
The file ed10ac2a-9476-4294-be3b-01e9de2282a2.jpg.url was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Writes to the Master Boot Record (MBR)
Checks whether UAC is enabled
Drops file in Program Files directory
Enumerates physical storage devices
Opens file in notepad (likely ransom note)
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of SendNotifyMessage
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-04 21:21
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-04 21:21
Reported
2024-06-04 21:24
Platform
win7-20240508-en
Max time kernel
133s
Max time network
127s
Command Line
Signatures
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Windows\System32\rundll32.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 204d1e44c5b6da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{6F0E7CD1-22B8-11EF-818F-FAB46556C0ED} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000280046928968c9627008a72d453655a7b2d30cd8ba2b175f182e3f1048099148000000000e80000000020000200000006ddc70fdb571067351eeef544293bbb168a45da743a82bbe92448bb036865921200000002d0c4b3e85191c1c2a8b0e84b1d019612480d056831ce1340c93e9f2c732b9e740000000fe780668a75ded1f11410e1ff454db9c1ef91a7c4e6faaca75efccd697ff14c458deaade82be13b1fff2c1309ef82327a6bc6e41ab09d16266577f2ab80a09bf | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000bd2a7708e9798e4fa0b20f3efd8e936100000000020000000000106600000001000020000000154c839cb044874b53b1efe8de22d9d6b35b3a2532da9be1460a89175a6cdaef000000000e80000000020000200000003a7fc3054a1959e9417d08475fd14645d34cab940fa53da1f1b436cec3e3d9c0900000008a3928070ae9940506709609e7145e7daab597ef5066616bc086187611d7f4f6b3dd58bf57a96a8478f42d9cabfd46c02f447f1b1f272346cda8d22289f4da13118f02848f39fc66514081d97ec56da1bff168199dadf29291373e7060179d3d913729f4df2a6a8ea3b5d1471c864481d83c7abc1cc961db5ddfae21ef8113ac49d736ec5514ba6d3e65791d565697004000000053055330154d9233ec0d19f9c440ef70d8a24e906d9e1cf74a321af1b5e1b1af950c37b218a0151f2581ce9b0875db9e46d33b46361be3226f702c093bedf2b9 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3691908287-3775019229-3534252667-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423697967" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2820 wrote to memory of 2624 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2820 wrote to memory of 2624 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2820 wrote to memory of 2624 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2820 wrote to memory of 2624 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\ed10ac2a-9476-4294-be3b-01e9de2282a2.jpg.url
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
memory/1768-0-0x00000000001D0000-0x00000000001E0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Cab1AB4.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar1B76.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 965e218ca161dcb03c08c8d07cd15b4f |
| SHA1 | 39398c614a4b04a74cd698cbdc51186446487bef |
| SHA256 | e4cb688910b43b3ed48950c79e664f430c31180a758a6a2d67295c00807a86b3 |
| SHA512 | 120b5c6a89c70eab2e0f7a18748108964c75ad8d9fa5e5fb12924d4739f6e97a6b71adc55f76a42daa52028c902118a35a63fe4e0a7767055e7f876a58a1c477 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f7dc737cbefbcbbb9be5964686e9035 |
| SHA1 | cc5feb252353b70abb58a4297c989214b8c9699e |
| SHA256 | e6df4bee46674356c93eea923db6e7b98cad3acf912647ae068dd5c201504c43 |
| SHA512 | 44203488c470e34d2f33e3f20bb57860d308f1bb0196e35e8637bafb34c9cadf9187833c2c65c5db8305bf612da619d0ce9cc31fa28511528b4898033ce4a25d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0951832af5942c3de35861c5543696f6 |
| SHA1 | 7ce3412d2b41ef8e7f99dc297423f02e01cbd936 |
| SHA256 | acd83914ee426a94c4aaa0e455b43cb81b580e07816025c1bbcc228176a0581c |
| SHA512 | 97b0ffd1f7db7844daca06d2ed8387db0c7f0e707b58b3b1590d24c925fce4d0b7c4aa03dfd495c6cb208cb17e292195794907ec263902f47eba4e1e344cc5dc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f727b5ed45e4ec17303e8cd67f5798c7 |
| SHA1 | 9c484990579f64b6d41e9198bf8550524c176939 |
| SHA256 | 4758b53efc45212c3bd21123cd6c007cf7079bec85f92f49b6a3bec1e357a329 |
| SHA512 | bebfeb3e9239ac1dee31d2964afa56c13833e451ae25163c00c5552193faf14460046e9e82122f30a73e174738dee24ece06c07fd614e7a2edc96538be263c52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 56f68440bd063bc3d5389007b40c6cbf |
| SHA1 | 5d805f84881a7ff82d0b7014b6f5c0f00e27e565 |
| SHA256 | 326c0365370d68e5d3029cce8118d71f4412eeb54f5fb687e6d9e77866c0cd27 |
| SHA512 | 294ba554933c0f02d82c11c98eb914be8f24c261bde2b83576186ad40fbf402c185097c1d7978fcf9daa4f523b9a36eb33d99307573890f99d02c337c13c146f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a596adbff04cf14f071707d658004a60 |
| SHA1 | 2538628ee7531b36dc7af01d4b0808046fee6531 |
| SHA256 | b9346bdb162922aa18f8c5c56511b38f8d45b8566ddf8b0dd076bcd2bdaec4c5 |
| SHA512 | 038e0900ec3a6704b18dea70f66a2b366d9032eb926f2c0e35d249a5fbcd90e50074b4673e8fbe84aa98f1e8209a3004c5f6a182fd9e1c0856fd460d8e9d4332 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b44a24cc905785f5fcfb7c64ccc3872f |
| SHA1 | a3f6ff0ffd9fe6d45b2410daa04f9e249f753671 |
| SHA256 | 12918388d0ae8b734f5a94b72bff87de82102b96cdd776a575bb7a6475e1f8c6 |
| SHA512 | ab51a4f0d72c751ed353717c2006bb936b854858d395203d9962bf97ee090f1326d527ac35c112b555f1c575397c55418bb12e5ae8ed971f5f6220c663200c19 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0bdbfaec1624640d4d1c1de7896f5278 |
| SHA1 | 804a572146e95ffa45f9d284c48a8a414cc70a33 |
| SHA256 | 96d967dd28dfb91ca393bd4f2378ce0d58f9303c74e19c02bfd5fe707db3d1fb |
| SHA512 | 41484c1dd52c9d9196a2042b141faca4c0827acb6112efd1b5f7ddbcecfcd91ff483c1f85420e681ab08e67def71e4624d9ab253df906a6d3dbe8b62cdfd23a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 30b18e95aefb0dc287a3fe012f27e478 |
| SHA1 | 8ab19313cfa31a66399433b4a58225feed91ae24 |
| SHA256 | 37199564ad1ef521532bc1a33e3263618536fc13189337f2646b9c4901dc8d62 |
| SHA512 | 1b8acb880a3846c184c73c9d34d389c5c0d0907c87be6e959b075d2f25d8ee88329ee6930970d7fc7190d25023d3fa3fadc9a141c0ae1a1a40ef8b1977866e8b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 22d6c94bbc3065ae2fbe11e610f15650 |
| SHA1 | 3092134f659feb56e0738f5a4629072dc9fdfac4 |
| SHA256 | c98ec79fc7f8ed4d92c3193c03607c90b5a210bc2ecab51bf02bacff5626fbe9 |
| SHA512 | c713ba398e983ddddb8078b60cf43798e7c8cfc5403972df0da43275018e417f5c88a73120b3cff8d219cfe765800a3ffd2f26519ded98f8bb18ab0697852c36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 688a1312f1b366e6081cb196a486f49a |
| SHA1 | 43c0cafed6ee69c75c7fc2a0c4c6b426dda975a4 |
| SHA256 | 0b3e85cdb884e159c3b932c36fafeca4024be02f78cf03a78649932e0c765a19 |
| SHA512 | d2c05abd82fa6294b3ee71767aea941060d07c15244c8c3e58ff11a67a383c385aad365cc2d9199c37032db678395a33136615f024f95e285a2bdea605e9d5bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ede57ffbb92519413d5cb0b72e65561a |
| SHA1 | 5b9d5a800cf8ceb0f760db4b4ee2c85c3adee99d |
| SHA256 | 21fa73948dd8fb7fc1e61d982dabb6edbc5b96130bcf622b261488c1864e5e2e |
| SHA512 | db6adda41c5636251ad4d1ed790279350be732321b961dd99cdd1d7645df17d97e4d5446402c09ff02716e9cd5d57bf30e1df8d11c03b6eedea01c3b7be5c8de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0ed88a084a7dadfaed3eec18b9adb42a |
| SHA1 | e28e0a4efd743313ce63c0eb90f2c98b2f2e6cd9 |
| SHA256 | 72bbc07f18996a8c986097e2800e3493ea79d27bde3d0a3d1f92e8b0de29e57f |
| SHA512 | 8ea403af860b5003fb7062386afcba050a8e29bfa537da622cdeff654f2702baffb5a85924c5348975e5871503250348f25bd027d8e41d305188caeb84011698 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d1dbc77842f536c1a578690b48933a36 |
| SHA1 | 0b9cf02eb1424441da4f0a47871d945e8b4129cb |
| SHA256 | 4eacb9583747fff3e8b4bdfa7cc2f190493bc6df3ab3e4c9b36f02b1daa8e4ee |
| SHA512 | e6e9eb59de936b9d7398ec0a2a6d5bc6e956509b34781529ed5e90e118dc2a52ba2f6b803f691664911408d83947d8b78d2ebb2d0aa0dd5cecdacb2cc00ab444 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6a60113af668b8ef33013a83af5a6fa |
| SHA1 | 014922114fe7772f385517cddc2ad732ad6e374b |
| SHA256 | 441c38891b3d12c1070596cc0bdb43c50ba1511929bb356961a0bcca69977f20 |
| SHA512 | aee11d5dfd8743a6ed48ec9dd567d725f57b38dea4df56392ab43a124f4e66368899719396681cddc528d4d3647bcf5a143b5c33c89536a257b554f632f63e9e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 064692a3ebc8ca8f6c73edeb1ae27805 |
| SHA1 | 9e242966352192c9bab44c2587549fa9a4b8f283 |
| SHA256 | 52258268add5fdc5a8153830d0bc1279800891a62080c64d48bddd9d7ff0ac55 |
| SHA512 | c59151ba9e5cd852687142b2b09c8a56a998f7a882c1a5eda0fd618e27b4c47eef153dd6a07832a245997a0d6dde811ccd73e5480de1eb2c64a4a0c7183e0b95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da800107b3e720b5ffd24165e61cea21 |
| SHA1 | 02deadac0009e88d0a15332da697d52b006647f0 |
| SHA256 | 4581ade4525e113bdff2d9d02b220e14fbb6fe5b52e1c117e2e27240da049735 |
| SHA512 | 620f9ab24bc0c7df18fdf455fea354d1b718fedf80c5e91146b6811a3a9486466bb6fb397d7041aac4e7548a2127ed2836339adc7bce1981efa7e3fb0e1ac1bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8fd8445fe6235c49dd374c158b2b208f |
| SHA1 | ed6ecb086fc913f77752d78134dbbcb18c2a2131 |
| SHA256 | 4e736e25a72d10aa0525a5ac090f9d5a3efbf6114d8ad4aa78583bf4e817008d |
| SHA512 | a3a42eecc99cf118c4656b13afff555a23749580650f72947bfaf10eecfff5323a74f8dbf5ae057952145f63b79674bd30a4dffb15d95df7ec8283ef30bd785f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 66ee4834956b27492b5cd3b6f48c30cf |
| SHA1 | 436ac57c0b24ab0372bbbe7200c524177c5fbea3 |
| SHA256 | e60d83c84d9968a36eb94f587f0a5b919d7ec02dea842918e9e594a8d9b0c644 |
| SHA512 | 8f9081e4e7aea792de558346120abf4978588b7e4923c413af185119ec343895571704582fffd0bd5074ab09b581558c6ce3cd52bb99b363bd397f2531d050b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5af162eb7338dbf99aa2f4e92f903993 |
| SHA1 | 18902fd95ab877a95ea1c44ee157e7b86a79d56e |
| SHA256 | 7ad7d31b2b12e4e7a815ade52c0bf1e4dbe13d6a52607499c29c740ab6ec07ee |
| SHA512 | 4623640d66de63e4baeeb0621aa1490b0174d6c54db846f7c986ecd6a56864071ee9bd056c1f85f8f1ffa59aea64d0f3416bb07e654c5ef76d7103501772cb54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4c88a3b5218a7e7ed7c1251bcd84c391 |
| SHA1 | 5a8db4743e49fb9feb8ddfde9e9ad651dd9e6b1f |
| SHA256 | eabb7b2405a22834ff462d912aaf1a6027039f1c69b0bbd5dc741546a8df4801 |
| SHA512 | cbbab12e992d84b66356502857d731d588c0e99e44f18b24fe59033242e53bc8f480fb2a8013731c2c84c176872f9d6e801601a596e043611abff08fbe2e20b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6a653aac88617df3e401b8d62c2e943d |
| SHA1 | dadcaa6005a8065aa4f025a21c2ce817a5d6da93 |
| SHA256 | 7390e2dcca0b9e477a83b9b537d59b0195b15636dd18f212b4c3b72ba7445fe9 |
| SHA512 | f576053dd10c34c4094aa31b3d8ef61aba1629fe460caa8e6d8de28495da664a457e1e4dcb4c4e0741bf45713432ed7e42e5534c3be2e6eb57dc1015553b124d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 745404e4d664c6f2519cec2bceb60948 |
| SHA1 | ebd099fa5297eb6814a48a999c374434af3d3555 |
| SHA256 | 157c860e695f421763c0b19fbb0880601b6adec52bed7e87aa87485d9aafe811 |
| SHA512 | 8da1a7dd0ebf0035d4d7c45efefe6bdc290d632266a13a444827bd2c6b694e42378e41ff6e2d37f838a1c01d0c3018f41aaf7ee15767dd79ea3ef51ae8122b8f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-04 21:21
Reported
2024-06-04 21:32
Platform
win10v2004-20240508-en
Max time kernel
647s
Max time network
648s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ccsetup575_pro.exe | N/A |
Loads dropped DLL
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\ccsetup575_pro.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\CCleaner\branding.dll | C:\Users\Admin\Desktop\Patch\Professional Edition\64bit Patch.exe | N/A |
| File opened for modification | C:\Program Files\CCleaner\Patch Uninstaller.exe | C:\Users\Admin\Desktop\Patch\Professional Edition\64bit Patch.exe | N/A |
| File created | C:\Program Files\CCleaner\Patch Uninstalle.ini | C:\Users\Admin\Desktop\Patch\Professional Edition\64bit Patch.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133620097555616398" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\osk.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\ed10ac2a-9476-4294-be3b-01e9de2282a2.jpg.url
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/1232807821410832475/1241838798636191864/ed10ac2a-9476-4294-be3b-01e9de2282a2.jpg?ex=664ba801&is=664a5681&hm=fc778874deea47af5c9513ad2e3e016bfcde7fc05c8d0b8f37a67950280fc990&
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffffab46f8,0x7fffffab4708,0x7fffffab4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6591867694217431115,10731106564191380969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffefbdab58,0x7fffefbdab68,0x7fffefbdab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2276 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3088 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3840 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4072 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4388 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\main.cpl,@1 ,
C:\Windows\system32\osk.exe
"C:\Windows\system32\osk.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x394 0x33c
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4972 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3520 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4656 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5228 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4728 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4724 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5484 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5520 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5480 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5892 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6024 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6032 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6204 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6220 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6712 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6604 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=1688 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2452 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7404 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7428 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7288 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7788 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8092 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8112 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5708 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8380 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7348 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8232 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8636 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8124 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8172 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Users\Admin\Desktop\ccsetup521pro.exe
"C:\Users\Admin\Desktop\ccsetup521pro.exe"
C:\Windows\system32\pcaui.exe
"C:\Windows\system32\pcaui.exe" -g {11111111-1111-1111-1111-111111111111} -x {d5ceeb93-9830-4406-a772-e167287b96c4} -a "CCleaner" -v "Piriform Ltd" -s "This app can't run because it causes security or performance issues on Windows. A new version may be available. Check with your software provider for an updated version that runs on this version of Windows." -n 2 -f 2021048 -k 0 -e "C:\Users\Admin\Desktop\ccsetup521pro.exe"
C:\Users\Admin\Desktop\Patch\Professional Edition\64bit Patch.exe
"C:\Users\Admin\Desktop\Patch\Professional Edition\64bit Patch.exe"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://crackingpatching.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffffab46f8,0x7fffffab4708,0x7fffffab4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6016 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:2
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\How to Install - Patch.txt
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17309283810050159999,5098813480711595416,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7396 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6100 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7992 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5880 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6948 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7016 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=2412 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8644 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8636 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=1680 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=5532 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=7568 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7272 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7628 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=2452 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=7620 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=7736 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=7544 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=3228 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=8884 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=6592 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9096 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9072 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=8976 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=6460 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=6688 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=5380 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=6572 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=8776 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=4624 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=7268 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=6828 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=5408 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=8560 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=6860 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=6300 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=6116 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=8716 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=7060 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=7812 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=8624 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=7520 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=6228 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=6224 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=7844 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=9068 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=8948 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=8380 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=1264 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=7676 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=9520 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=9468 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=10276 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=10268 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=9768 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=10352 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=10540 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=10680 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=9424 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=11044 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=10864 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=12024 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=12056 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=11988 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=11012 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=11636 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=11836 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=11156 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=11708 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=12220 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=12340 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=5364 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=5140 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=12224 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=12804 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=12196 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=9696 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=6808 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=8740 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=12008 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=5624 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=12820 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13128 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=12964 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=7656 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=12948 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=13392 --field-trial-handle=1884,i,16057293096004280971,6079171502214427746,131072 /prefetch:1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Downloaded from CracksHash.com.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Instructions! .txt
C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Setup\CCleanerBundle-575-Setup.exe
"C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Setup\CCleanerBundle-575-Setup.exe"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Users\Admin\AppData\Local\Temp\ccsetup575_pro.exe
C:\Users\Admin\AppData\Local\Temp\ccsetup575_pro.exe /L=1033
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc6c4c4f8hfaffh4de6ha011he8b597667787
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffffab46f8,0x7fffffab4708,0x7fffffab4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,7970764043175036448,177227518386092803,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,7970764043175036448,177227518386092803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_Keys.zip\Keys.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Downloaded from CracksHash.com.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\CCleaner Professional Plus v5.75 + Fix {CracksHash}\Instructions! .txt
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rentry.co | udp |
| US | 104.26.3.16:443 | rentry.co | tcp |
| US | 104.26.3.16:443 | rentry.co | tcp |
| US | 8.8.8.8:53 | cdn4.buysellads.net | udp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | static.vidazoo.com | udp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 3.165.118.121:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 104.18.33.178:443 | static.vidazoo.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 138.197.53.255:443 | exchange.cootlogix.com | tcp |
| US | 138.197.53.255:443 | exchange.cootlogix.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| IE | 34.255.151.166:443 | ads.servenobid.com | tcp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| FR | 91.134.110.128:443 | prg.smartadserver.com | tcp |
| FR | 91.134.110.128:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 16.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.211.65.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.118.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.150.42.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.151.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 3.165.118.121:443 | c.amazon-adsystem.com | tcp |
| DE | 18.245.31.92:443 | config.aps.amazon-adsystem.com | tcp |
| US | 13.33.173.196:443 | aax.amazon-adsystem.com | tcp |
| US | 138.197.53.255:443 | exchange.cootlogix.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| DE | 23.67.137.210:443 | secure.cdn.fastclick.net | tcp |
| DE | 65.9.66.104:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| IE | 34.253.110.95:443 | bcp.crwdcntrl.net | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 104.26.3.16:443 | rentry.co | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.173.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.53.197.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.66.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.137.67.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.110.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | static4.buysellads.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 3.165.113.74:443 | static4.buysellads.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| US | 8.8.8.8:53 | beacon-ams3.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| BE | 2.21.18.175:443 | eus.rubiconproject.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.18.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync-t1.taboola.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | r.casalemedia.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | matching.ivitrack.com | udp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | tcp |
| DK | 37.157.4.29:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| IE | 34.253.46.26:443 | ad.360yield.com | tcp |
| US | 34.117.157.22:443 | matching.ivitrack.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| NL | 141.226.228.48:443 | sync-t1.taboola.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 54.72.172.22:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | exchange.mediavine.com | udp |
| IE | 54.72.172.22:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| DE | 3.72.214.157:443 | exchange.mediavine.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| IE | 54.74.38.144:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 50.31.142.223:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | 74.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.157.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 26.46.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 25.16.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | criteo-sync.teads.tv | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 3.125.128.81:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | criteo-partners.tremorhub.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| BE | 104.90.25.54:443 | criteo-sync.teads.tv | tcp |
| US | 3.224.9.206:443 | criteo-partners.tremorhub.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ad.yieldlab.net | udp |
| US | 8.8.8.8:53 | sync-criteo.ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | e1.emxdgt.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 23.53.112.116:443 | ad.yieldlab.net | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| IE | 52.209.221.228:443 | sync-criteo.ads.yieldmo.com | tcp |
| DE | 52.57.190.200:443 | e1.emxdgt.com | tcp |
| DK | 37.157.3.20:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | 22.172.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.214.72.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.128.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.38.74.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.9.224.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.221.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.190.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | public.servenobid.com | udp |
| DE | 18.245.31.78:443 | public.servenobid.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | buysellads-d.openx.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 34.98.64.218:443 | buysellads-d.openx.net | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 146.190.220.217:443 | sync.cootlogix.com | tcp |
| US | 146.190.220.217:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| IE | 54.217.112.90:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | 78.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.220.190.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 81.17.55.123:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | cdn.dxkulture.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 54.208.222.196:443 | cs-server-s2s.yellowblue.io | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 172.64.145.29:443 | cdn.dxkulture.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| IE | 34.253.176.232:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| IE | 52.31.212.184:443 | ap.lijit.com | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 54.81.144.28:443 | ssp.disqus.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 23.220.112.27:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| DE | 18.245.31.19:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| IE | 34.242.189.1:443 | match.prod.bidr.io | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 54.175.113.230:443 | sync.srv.stackadapt.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| DE | 18.197.7.178:443 | rtb.mfadsrvr.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| US | 23.220.112.27:443 | hbx.media.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 54.175.113.230:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | 90.112.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.145.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.176.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.212.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.222.208.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.144.81.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.189.242.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.7.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.112.220.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| IE | 34.242.189.1:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ad4m.at | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 54.175.113.230:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| IE | 52.212.229.162:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 52.212.229.162:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 52.7.90.152:443 | sync.ipredictive.com | tcp |
| US | 52.22.134.84:443 | i.liadm.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| NL | 2.18.121.26:443 | player.aniview.com | tcp |
| US | 172.67.74.129:443 | ad4m.at | tcp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| FR | 18.164.52.4:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| FR | 18.164.52.4:443 | s.ad.smaato.net | tcp |
| US | 52.7.90.152:443 | sync.ipredictive.com | tcp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.169:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.229.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.113.175.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.134.22.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.90.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.45.91.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| JP | 124.146.153.169:443 | tg.socdm.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | ads.dxkulture.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 8.8.8.8:53 | u.ipw.metadsp.co.uk | udp |
| NL | 35.214.132.90:443 | u.ipw.metadsp.co.uk | tcp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.126.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.132.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| IE | 52.49.45.15:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.45.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crackingpatching.com | udp |
| US | 104.21.43.46:80 | crackingpatching.com | tcp |
| US | 104.21.43.46:80 | crackingpatching.com | tcp |
| US | 8.8.8.8:53 | 46.43.21.104.in-addr.arpa | udp |
| US | 104.21.43.46:443 | crackingpatching.com | tcp |
| US | 8.8.8.8:53 | c0.wp.com | udp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 8.8.8.8:53 | 2.gravatar.com | udp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| US | 8.8.8.8:53 | jetpack.wordpress.com | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | 37.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | public-api.wordpress.com | udp |
| US | 8.8.8.8:53 | s0.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | v0.wordpress.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | udp |
| US | 104.21.43.46:443 | crackingpatching.com | udp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| NL | 192.229.233.25:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.72:443 | syndication.twitter.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 8.167.79.40.in-addr.arpa | udp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 147.182.212.145:443 | exchange.cootlogix.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| IE | 54.76.139.215:443 | ads.servenobid.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 52.222.236.48:443 | hb.yellowblue.io | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 13.33.173.196:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| US | 52.72.204.13:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| IE | 63.33.74.9:443 | bcp.crwdcntrl.net | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 147.182.212.145:443 | exchange.cootlogix.com | tcp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.236.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.139.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 13.33.173.196:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | litter.catbox.moe | udp |
| US | 108.181.20.36:443 | litter.catbox.moe | tcp |
| US | 108.181.20.36:443 | litter.catbox.moe | tcp |
| US | 8.8.8.8:53 | 13.204.72.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.74.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 141.226.228.48:443 | sync-t1.taboola.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | r.casalemedia.com | udp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 52.30.232.89:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| IE | 54.246.29.14:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | exchange.mediavine.com | udp |
| DE | 3.72.214.157:443 | exchange.mediavine.com | tcp |
| IE | 54.74.38.144:443 | jadserve.postrelease.com | tcp |
| US | 50.31.142.223:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | 217.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.232.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.29.246.54.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 18.197.199.178:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | criteo-sync.teads.tv | udp |
| BE | 104.90.25.54:443 | criteo-sync.teads.tv | tcp |
| US | 8.8.8.8:53 | sync-criteo.ads.yieldmo.com | udp |
| IE | 54.194.118.67:443 | sync-criteo.ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | e1.emxdgt.com | udp |
| DE | 52.57.190.200:443 | e1.emxdgt.com | tcp |
| DK | 37.157.3.20:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | criteo-partners.tremorhub.com | udp |
| US | 18.213.128.185:443 | criteo-partners.tremorhub.com | tcp |
| US | 8.8.8.8:53 | 178.199.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | 185.128.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.118.194.54.in-addr.arpa | udp |
| US | 192.241.154.32:443 | sync.cootlogix.com | tcp |
| BE | 104.117.77.18:443 | csync.smartadserver.com | tcp |
| US | 192.241.154.32:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| IE | 52.51.177.247:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| FR | 164.132.25.180:443 | ssbsync.smartadserver.com | tcp |
| BE | 104.117.77.66:443 | ced-ns.sascdn.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | 18.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.154.241.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.177.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | u.ipw.metadsp.co.uk | udp |
| NL | 35.214.132.90:443 | u.ipw.metadsp.co.uk | udp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 52.86.219.200:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 18.202.254.222:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 18.208.70.78:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | udp |
| IE | 52.211.244.182:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.204.40.77:443 | sync.srv.stackadapt.com | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 172.67.74.129:443 | ad4m.at | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | 1.15.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.219.86.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.254.202.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.244.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.70.208.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.40.204.54.in-addr.arpa | udp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | d.adroll.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| IE | 54.75.1.53:443 | d.adroll.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| DE | 18.245.31.16:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| IE | 52.212.229.162:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| IE | 34.249.65.85:443 | match.prod.bidr.io | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 23.220.112.27:443 | hbx.media.net | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| DE | 18.197.7.178:443 | rtb.mfadsrvr.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.1.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.65.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 108.181.20.36:443 | litter.catbox.moe | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 147.182.212.145:443 | exchange.cootlogix.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 8.8.8.8:53 | static4.buysellads.net | udp |
| DE | 52.222.236.29:443 | static4.buysellads.net | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 151.101.1.108:443 | cdn.adnxs.com | tcp |
| US | 151.101.1.108:443 | cdn.adnxs.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| US | 50.31.142.223:443 | sync.outbrain.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 29.236.222.52.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | prod.tahoe-analytics.publishers.advertising.a2z.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.82.74.94:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.82.74.94:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | 160.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.74.82.35.in-addr.arpa | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | r.casalemedia.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| NL | 81.17.55.97:443 | rtb-csync.smartadserver.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| AR | 142.251.134.3:443 | beacons2.gvt2.com | tcp |
| AR | 142.251.134.3:443 | beacons2.gvt2.com | tcp |
| AR | 142.251.134.3:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.134.251.142.in-addr.arpa | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| NL | 81.17.55.97:443 | rtb-csync.smartadserver.com | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| NL | 81.17.55.97:443 | rtb-csync.smartadserver.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| BE | 2.21.16.25:443 | contextual.media.net | udp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | rentry.co | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| US | 8.8.8.8:53 | 120.186.224.13.in-addr.arpa | udp |
| US | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 34.246.197.125:443 | bcp.crwdcntrl.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | fastupload.io | udp |
| US | 172.67.216.122:443 | fastupload.io | tcp |
| US | 172.67.216.122:443 | fastupload.io | tcp |
| US | 8.8.8.8:53 | 116.139.86.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.197.246.34.in-addr.arpa | udp |
| US | 172.67.216.122:443 | fastupload.io | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.20.95.138:443 | www.statcounter.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| US | 8.8.8.8:53 | cdn.pubfuture-ad.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| US | 23.53.113.140:443 | widgets.outbrain.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.26.4.231:443 | cdn.pubfuture-ad.com | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | ip2geo.pubfuture-ad.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 104.26.4.231:443 | ip2geo.pubfuture-ad.com | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 8.8.8.8:53 | 122.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.113.53.23.in-addr.arpa | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 23.220.113.254:443 | tcheck.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| DE | 18.245.31.123:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | rock.defybrick.com | udp |
| US | 8.8.8.8:53 | cdnpf.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| DE | 18.245.31.111:443 | rock.defybrick.com | tcp |
| US | 104.21.36.54:443 | cdnpf.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| DE | 23.67.137.210:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| DE | 65.9.66.104:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 360playvid.info | udp |
| US | 8.8.8.8:53 | s3.pubfuture.com | udp |
| US | 104.21.50.50:443 | 360playvid.info | tcp |
| US | 172.67.74.59:443 | s3.pubfuture.com | tcp |
| US | 8.8.8.8:53 | 254.113.220.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.50.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.74.67.172.in-addr.arpa | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | flint.defybrick.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 35.172.245.152:443 | flint.defybrick.com | tcp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 151.101.190.132:443 | mv.outbrain.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | serve.360playvid.info | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| US | 54.227.55.193:443 | serve.360playvid.info | tcp |
| NL | 89.207.16.210:443 | proc.ad.cpe.dotomi.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 104.21.50.50:443 | 360playvid.info | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | cdn0.360playvid.com | udp |
| US | 8.8.8.8:53 | t.360playvid.info | udp |
| NL | 2.18.121.34:443 | cdn0.360playvid.com | tcp |
| US | 18.210.219.22:443 | t.360playvid.info | tcp |
| NL | 69.173.156.129:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 132.190.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.245.172.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.55.227.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.121.18.2.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 22.219.210.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| AU | 142.250.204.3:443 | csi.gstatic.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 104.22.4.69:443 | ids.ad.gt | tcp |
| US | 104.22.4.69:443 | ids.ad.gt | tcp |
| US | 104.22.4.69:443 | ids.ad.gt | tcp |
| US | 172.67.23.234:443 | ids.ad.gt | tcp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| AU | 142.250.204.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 18.66.102.31:443 | connectid.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 18.173.210.195:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 104.22.4.69:443 | ids.ad.gt | tcp |
| US | 172.67.23.234:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| DK | 37.157.6.254:443 | cm.adform.net | tcp |
| US | 172.67.23.234:443 | pixels.ad.gt | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| BE | 2.21.18.175:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cookies.nextmillmedia.com | udp |
| US | 54.196.96.93:443 | cookies.nextmillmedia.com | tcp |
| US | 8.8.8.8:53 | 116.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.102.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.210.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.204.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 9bd5bf01bbdd548a1670a9f763c36b21.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | 9bd5bf01bbdd548a1670a9f763c36b21.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 54.154.125.194:443 | ice.360yield.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 54.246.231.153:443 | rtb.gumgum.com | tcp |
| US | 192.241.154.32:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | 93.96.196.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.125.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.231.246.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| IE | 52.212.229.162:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 52.72.252.114:443 | sync.srv.stackadapt.com | tcp |
| US | 52.72.252.114:443 | sync.srv.stackadapt.com | tcp |
| US | 52.72.252.114:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | se.semasio.net | udp |
| DK | 77.243.51.121:443 | se.semasio.net | tcp |
| US | 8.8.8.8:53 | cpm.smoads.com | udp |
| NL | 77.245.57.72:443 | cpm.smoads.com | tcp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.252.72.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 89.149.193.84:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 89.149.193.84:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| AU | 142.250.204.3:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | 84.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.153.157.18.in-addr.arpa | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 54.78.77.149:443 | ap.lijit.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| IE | 54.72.64.29:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| FR | 5.196.111.69:443 | ssbsync.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | node.setupad.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 54.208.222.196:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 149.77.78.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.223.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.64.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.189.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 18.202.254.222:443 | ce.lijit.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | triplelift-match.dotomi.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | pbs.nextmillmedia.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| NL | 89.207.16.140:443 | triplelift-match.dotomi.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 54.163.32.160:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.165:443 | tg.socdm.com | tcp |
| DE | 13.32.99.104:443 | live.primis.tech | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 34.235.77.249:443 | i.liadm.com | tcp |
| US | 15.204.162.93:443 | pbs.nextmillmedia.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| DE | 13.32.27.23:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 69.173.146.5:443 | pixel-us-east.rubiconproject.com | tcp |
| JP | 124.146.153.165:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.162.204.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.32.163.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.99.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.27.32.13.in-addr.arpa | udp |
| US | 69.173.146.5:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 249.77.235.34.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | pxl.iqm.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 54.88.142.103:443 | pxl.iqm.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | cm.ctnsnet.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | gw-iad-bid.ymmobi.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 47.253.61.56:443 | gw-iad-bid.ymmobi.com | tcp |
| US | 8.8.8.8:53 | a.audrte.com | udp |
| IE | 52.18.177.157:443 | a.audrte.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 23.220.112.27:443 | hbx.media.net | udp |
| US | 8.8.8.8:53 | 165.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.142.88.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.177.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.61.253.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.146.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | pb-am.a-mo.net | udp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| US | 8.8.8.8:53 | euexchangesync.digitaleast.mobi | udp |
| NL | 64.158.223.137:443 | casale-match.dotomi.com | tcp |
| US | 34.95.81.168:443 | euexchangesync.digitaleast.mobi | tcp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| US | 8.8.8.8:53 | ads.avct.cloud | udp |
| DE | 57.129.18.111:443 | wt.rqtrk.eu | tcp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 8.8.8.8:53 | cookie-matching.mediarithmics.com | udp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| FR | 54.36.150.181:443 | cookie-matching.mediarithmics.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | fs4.fastupload.io | udp |
| FI | 65.108.228.18:443 | fs4.fastupload.io | tcp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.81.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.249.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.150.36.54.in-addr.arpa | udp |
| FI | 65.108.228.18:443 | fs4.fastupload.io | tcp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| DE | 3.123.72.32:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.228.108.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.72.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 104.21.36.54:443 | cdnpf.com | udp |
| DE | 3.127.178.105:443 | ps.eyeota.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| FR | 185.86.139.116:443 | prg.smartadserver.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 105.178.127.3.in-addr.arpa | udp |
| IE | 34.255.230.248:443 | sync.crwdcntrl.net | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 8.8.8.8:53 | 42c34436e2836e1acf39a1808217d45e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 8.8.8.8:53 | 248.230.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.63:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | amazon-tam-match.dotomi.com | udp |
| NL | 89.207.16.201:443 | amazon-tam-match.dotomi.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 8.8.8.8:53 | us.creativecdn.com | udp |
| US | 8.8.8.8:53 | rtb.adentifi.com | udp |
| US | 8.8.8.8:53 | pbs.yahoo.com | udp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | event.hgrtb.com | udp |
| US | 8.8.8.8:53 | pulsepoint-match.dotomi.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | udp |
| IE | 34.251.19.157:443 | pm.w55c.net | tcp |
| US | 3.236.40.48:443 | event.hgrtb.com | tcp |
| US | 54.210.223.235:443 | rtb.adentifi.com | tcp |
| US | 185.184.10.30:443 | us.creativecdn.com | tcp |
| GB | 87.248.114.12:443 | pbs.yahoo.com | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| NL | 89.149.193.120:443 | sync.smartadserver.com | tcp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| DE | 18.194.241.18:443 | aa.agkn.com | tcp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.19.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.40.236.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.223.210.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.10.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 35.208.249.213:443 | trace.mediago.io | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 23.220.112.27:443 | cs.media.net | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | cs.minutemedia-prebid.com | udp |
| US | 8.8.8.8:53 | s2s.t13.io | udp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| IE | 54.77.210.117:443 | cs.minutemedia-prebid.com | tcp |
| US | 34.107.140.113:443 | s2s.t13.io | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.50.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.210.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.90.171.54.in-addr.arpa | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| IE | 52.18.177.157:443 | a.audrte.com | tcp |
| DE | 3.127.178.105:443 | ps.eyeota.net | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | sasinator.realestate.com.au | udp |
| US | 8.8.8.8:53 | usersync.getpublica.com | udp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | sync.resetdigital.co | udp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| AU | 3.105.203.69:443 | sasinator.realestate.com.au | tcp |
| US | 3.227.32.183:443 | usersync.getpublica.com | tcp |
| US | 143.244.220.80:443 | sync.resetdigital.co | tcp |
| US | 8.8.8.8:53 | ads.travelaudience.com | udp |
| US | 35.190.0.66:443 | ads.travelaudience.com | tcp |
| US | 8.8.8.8:53 | 1f2e7.v.fwmrm.net | udp |
| GB | 18.134.84.21:443 | 1f2e7.v.fwmrm.net | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.0.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.32.227.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.220.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.203.105.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.84.134.18.in-addr.arpa | udp |
| DK | 77.243.51.121:443 | se.semasio.net | tcp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| FR | 141.94.171.215:443 | pixel.onaudience.com | tcp |
| US | 8.8.8.8:53 | 215.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cms.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| US | 8.8.8.8:53 | 223.223.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | service.piriform.com | udp |
| BE | 104.68.86.143:80 | service.piriform.com | tcp |
| US | 8.8.8.8:53 | license.piriform.com | udp |
| BE | 104.68.86.143:443 | license.piriform.com | tcp |
| US | 8.8.8.8:53 | 143.86.68.104.in-addr.arpa | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
\??\pipe\LOCAL\crashpad_2308_ZBMBJHAARPILRUOW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 865781bd8c0ab2b5033a6568ecd9110e |
| SHA1 | 05bd847c5dee11766f11f03597afd00b1903a32c |
| SHA256 | 18b4832ce93e645444f2828df843a63c9c46c5e5ac5863fb92f4e0076d37bd1a |
| SHA512 | 03aa30d38e04cc4968bf7fe303316908f866aa9dacec71a430e94c43e7d272d7f0d7ef0bdd490bc80f60f1d8ff139615e86600b2c1562021dbc33987c2961053 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 15b08797f5f36613b1773daa50c7e757 |
| SHA1 | 50aad094fc34f99bac1e4e76062349dc074acac9 |
| SHA256 | a7ca7dfb23c802d72de67fe26a40274de1adaadef42a3be36ca6e4d311d7c4d6 |
| SHA512 | 9972eaf0b588c6286c061d532d40bd0c2a305af206eee612b9f5ba2aba15186b7397ba59ea86f816f045262c2f23642a4546e4f8dbe99fc7bba481bf18ca499c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c777e4d7511a7cb8370565a27dd0b05b |
| SHA1 | a61a32828de4f9e9f595c9efeb2742099072751f |
| SHA256 | d5a4eea3d7c8fbb896bc696304a03522ef88be48a9f8987daf66c1ca31477cd1 |
| SHA512 | f6b45a8eaf7ea9ed1dcf39d5e91bfed5204cb35338d96f97774f092ce7084517556faeba5f54400bb10a1cf9cafe4adfba9abb71b6b417b2b3985de0539b9e4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b25dbc23-d337-400c-baa1-1df0e3d29266.tmp
| MD5 | f54975c913848617e13d2c09965afa19 |
| SHA1 | 03241300bc925a26820cacd784a98661bbd6ec6a |
| SHA256 | 10eaa3f6948e6f669e7c9dd9ad07968727f3f896e4a89f5b9ba832bc2f623526 |
| SHA512 | d16841bc7be8b03df6a2521437b228b6fbf0fba6c26ea960180a55bdb457d5d092715caf9f5db7845028c505ae4fc0736682b3ee926aceddbebc7ccdddf78d2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | df07ca76b4caf15cb142c680ac617397 |
| SHA1 | 2e607b3a2fc55e6356126f24447fa6a2ae8c6fa4 |
| SHA256 | 5697363d821b91188f8c5947361ef1ad5392e4cb257eec5bc2dac6b66c5de79f |
| SHA512 | 83b3269bfcfd9aae01a2562222c29723658af94be423a9bdbf06208906f3c662909684abc31195dc8c949a57d1ee424f1940d7b02d3834a28f3c8317aaf08402 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3be191232ba67ba36cea1a6f5e9a05e2 |
| SHA1 | 6cbe96d1cc3c3655016bf6d8fa4724a7ed8b4a97 |
| SHA256 | a6a4ebc999a0117d878cd9f004271a8edaf31253fe6a4267b9c80a49ccb655f5 |
| SHA512 | 853a0652b86a34de08f7c520ff4c3442b9787c124841656b6c811783ca2ad9585336772155a7ef0c8e4278e5e4cca35313f6a87e985c62de0d802a3c9a03297d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82da5292419d79ba07a1179fedb31ca2 |
| SHA1 | 33ca7eca7422216d487ae34bd92f51cbf787356d |
| SHA256 | 26e4e1a8b1c4d97cba4f3cc9c68d319ca078831d0865cb565b2ab10819c92c2e |
| SHA512 | 82b8be3882a6aaa48cfd53d978f988ca08477eb922742f7ceaf5c66e25ef88b1d8e354cc7b70e5956ec187169257b47c716ba8899a77cd7409ef546537373ff6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fcfd6d7a7ec249ad06f5fa09a069e7a3 |
| SHA1 | 50706d8ffdc9bbedf126009c9627f6a444171c8e |
| SHA256 | e2fbf890be6b75e0f886fa1acd436eb72efca23eef973b05afc4308199a21670 |
| SHA512 | 63db1b18d12e9d4f1059807cc245f78d768fababd7b25c59af601a72f905bb72dd5f8369f66d65063782a010d71e40cb8872082fb3c5fc1d791d136d76ae35cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 63e4bf5b9d8d9b666c512d05f03c9c52 |
| SHA1 | 929eaf255a3e29fcfe48070cec658ba777f667b4 |
| SHA256 | d19fd23bef5611ab2d57a3af7ed7a7654d3b90dd9e4cd57a79565178cb6620a9 |
| SHA512 | 7832ed319d7f51ee07d6614500b93c938dc4c1135e40125656d11ac6e55ac59f22a214a944a75a14283435c6e3ebd5c4ed3fb59805c2892da49e1aca57f8d20f |
C:\Users\Admin\Downloads\CCleaner_5.21.5700_with_Patch_Professional_Business__Technician_Edition.zip.crdownload
| MD5 | 1011cca6fe836e0a15bf33fdfbf4d7de |
| SHA1 | e8eec4bd6a42dd1d5843041fd58d2a28f13f3ea0 |
| SHA256 | f49b87ca1db9d340a01b808aae89bbc212d6e9df0f49eef51980031dd94a46c4 |
| SHA512 | 59aa494fae0e027920de37b7e997f3c8be37cc7b8034358b4096ecbfbad77fb8e636158a48d6c4c1b64d4e9dc5de630c2d4d27f508ee0f71822f0035c86ee8ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6dc15e25647d6f84d4ac0a0f764c973e |
| SHA1 | 0683b4e9287af1aa31ce686368930a9489f918ca |
| SHA256 | 1c0a464969f8ec2a07d2715db319b283e987f16f1aa48518e64828b7c719fa33 |
| SHA512 | 698ce5927c3141b032191fff9395f112bc3446fd98c228fb9dc8f5b9787a2a86efc3f7f734629341264e605b3f54f366c425ab2293ff260d3e1b756bc33f786e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e03a89d25f3f317a9c311f1e32ddc998 |
| SHA1 | 704de080c233f37b0f49aa281ea011550abc4017 |
| SHA256 | ed664b00f2c8ee89e223354e9ad0c48d5c4eaec20ff8dd2e4e5ab5d408a12299 |
| SHA512 | 132d16701fe941b141bb68fb4f28907bd8b15a2b6cf5b424026364552c8d2ccc4ee653bcd033a79ded16ba46dae48ddfba8369440ec6f3e8d49bddff3850f889 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a10058ba-fa78-4d32-a399-cbaefd8a43ff.tmp
| MD5 | 281cf8d2bf8169abb92c5479ac2407d4 |
| SHA1 | 06114617a1f82a698ef9e1067d1f0f315e548ee0 |
| SHA256 | c3b5a32bce07840755a850f222effcfe0aa784e5f9ad3fd2c20d7f76dcdf6342 |
| SHA512 | a062b907ae55ac5a4a11ced65701f39ae137fdc5d9e9d853c248edbad612cae90ca6ba070529ac8063ad776a50550726f875be296037bd2fc29983089033292c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6b178bbdcf256140dce86fc787f89c73 |
| SHA1 | 8c67bbf1b228ec0fc30f894f897e3b5e218516e1 |
| SHA256 | 00db5bbd09e3686651d45325836d484e7567eb5b01325ce5e604ff5cea738cd4 |
| SHA512 | ec0cb8889f7fa36a93209f808c4e4789d98ba43028f2792fc1243976db34d1b38d0d696229f8b2fcb64c30a87ce82b44045c2bc4b4fb9bf7ed925a25504675eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58b169.TMP
| MD5 | 5a5db65383f035ae8a5249fe84ba99d9 |
| SHA1 | e7f621fac23409dacb38f78e198b1b79cac75f2c |
| SHA256 | 129dc0a0944ac9f030d85501c33ffe5c7e61a0d0beeef9caf9998786de85fbbd |
| SHA512 | 517c25c25ae6eaa4fc4b9d5a28a00d4b75db6d752cbf518d70a7247e42516db6c9d39f28924d55cbc9faabb737aec1a91c932aad6e3cea5bc3e6dd4ba574e746 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e42d946ea7ef467f87dceb0df424470 |
| SHA1 | 1af8e650ae96e1946b10d99e1613898a2d3a67f3 |
| SHA256 | 31975fea5fb2ee16eb2ab1036a977ff936f67921952d792fcc0ade2f995deca4 |
| SHA512 | 8ee6e7860d467cdc63de96c284a7c76f2f38e727426e47d2bd8706a10644023f9397b70263f113e4d48b7c5dc0cecaa06e5682299262491175bbdd2b1fba08c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77c42a0ec760b809bb4e4981d492e2f7 |
| SHA1 | ac44bafd9cb330d807dd5b0c9eedfcda5b3d6fe1 |
| SHA256 | c26b0e1128086e1210caa31b47a4dd56e720a7e54d13073c531cdb09c6b3339b |
| SHA512 | 037266574cf1d793970bb143c7e5995a0821018f91d58a145800925b8d751300a3ab8c86f94a2275e346cd38cf409a6e71e6df2cbbbb0d38783aed728cf87937 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7ad009e5f99bc614faa3d51239a43f78 |
| SHA1 | 6fb6ba23b4fe5fc5b201c5568abd05aba70a017c |
| SHA256 | da2a6cb3d25fcd1811779c683b29e28eb112d5662eae1711e5f3db49afab3ef7 |
| SHA512 | 68877a9cb2d3e38f9df885cc732f3f34ccba5e30b29d1a65f4ec4eb24bb4b324d3a944f17658b65245d16fb9ba1af6e479ece8a3616214f66fb286f1ad629e0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | e642835ff91e90a839c676da0251c77f |
| SHA1 | 22e823bdc5727e604a79f7a8ac07540e0cd88b2a |
| SHA256 | a30440de001366894cfca5da16fff8961ab42909aae4b8e9151031c509e0cb33 |
| SHA512 | fa9aca11f469b81dbb51c10b65152f7351d74853c0829d5b0c5e2c4bae2692fc3695f9822b679332e88165961a762c302557fec0d88bac73449bcb369ae05a83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | ee1c117e8f0613bd8dd4bf9f2324f9be |
| SHA1 | c28cc3dbe73c6f11854d248900fe40919b2c08c2 |
| SHA256 | 56a652eaaf39e4bd89c6d7189eaad44eaabb38a13620f6c356e794eaf76583e8 |
| SHA512 | 4d833909c056b29d2c087ec69d3f8fb912bcc42904244df07eb8c9863bbe3202273cdb281fc57793c0f6cfc3a439b348e37da75ea7cb3f52a402e7cf92a5c574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | cfdcb86a7ad66116fe27e7ffc91de2c7 |
| SHA1 | 38f2e736371fa57b6d4ada239aab971e5ef378b6 |
| SHA256 | a86e941777afbaf20e778cc24df50145e8f6f8daf0281eb92bdcbd7696db9cc1 |
| SHA512 | 1aacdc75fc6d5dc9cc855e99fd4615ad15aa1113906dd5042679c24f07ca51ab692bff6f800bdd6e8da8426fef2ed03a44fd84c064551f88b64c7096b6b68698 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fbc2892b-2919-4b14-a7f5-e61b5d74b740.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362009704422572
| MD5 | 8452cee2c4969d1da801909d6404f3b3 |
| SHA1 | a9d85fd4baea6e473ca2170022f59c0c4269915d |
| SHA256 | 64b77b277a673adb1d09d89dc3ed8a388613ef1dab52ea2156748ecb7a19ede4 |
| SHA512 | 18b493ce17eeeeb2e744b1424391819896cf53cec920f9d5dbedd1c4206ad22b8df3c508076588de34c0fdfd8c42b0457817bd3d4f4f386ff29b7e29e34c8097 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | fc3ca1a64e56ca5aa4544058809cbfef |
| SHA1 | b534ea63cd4b488828389c4b4622b76a27bd711c |
| SHA256 | 415396ca5db6b4711f7f9106e5c0efceff9f7017dc6021d3269c22c2b7699e6a |
| SHA512 | 3048b0bd5f6458bf6c42d8d3e89ba5554dc05063334bbd3ae73e1f2ae0c92c35979dd7c8f3cd5b6dea6c2d85637c9a7a6e9fd2a1cfb896ab6ffd6f8d44d02304 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d04f89048108a89bc12f983020cf061b |
| SHA1 | 8fa780952bdf4f8b840175fe5ca6a57da8b55669 |
| SHA256 | 08b6101b3a83d7d557967fc06d464dba1e81ca167cd7011b8342bf7364b65bca |
| SHA512 | 4f396c5c1f46c0e9dcf068292e39c49e9d238829805b5d2ed27e827f258140b7ddd13cca6520d0fc29c6d6402362196896831d217764acec0f02129c388de444 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | a9851aa4c3c8af2d1bd8834201b2ba51 |
| SHA1 | fa95986f7ebfac4aab3b261d3ed0a21b142e91fc |
| SHA256 | e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191 |
| SHA512 | 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | f4f3a38c552633ac517a929f75a80f1d |
| SHA1 | 37cb9eeb9ccf0475fc283466d01205a6494fa325 |
| SHA256 | f15e64514c61e8658d44ec949d32043844061519e316567bdfb63ecd71db24d1 |
| SHA512 | 1911c6749d1a3151a03bed9995586b4d1eec1780bf120a33c846da23da0f73e64af3c8da1801061061a6f38c81df3ca0015242e57baded1709ffbb730b12db3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 95932a57d58a1c2b3e3bddff7b5bdee6 |
| SHA1 | 1f0a149e7e15561302bca767aa6c53076db4943c |
| SHA256 | 28bff81a6703cc476ba2ba1969e72fef320817739fbe6aa66637ecd81afa34bf |
| SHA512 | ae3280cda7ade2720ff716d47bdc90b4085827e0909de0635ac1d9d558a77d85d328c339c0f8309aff27a722461166f77e896e7364e5c2d17b2330c5275c007c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 48269f0fd18bd642aab85c09e86cd5e6 |
| SHA1 | f3f0989a0096b5a6c6bbf040b29883bb01ace0b3 |
| SHA256 | 21083700237a7595bc1b983bb81b1ddd19e8cc8c1a1b2565ed42935e8baf6b98 |
| SHA512 | 50ac3ad7dcc72ed83ecc9662f2905d8ec71d6f53533d358996c958504b0bc4ab4a1f3a02eb80a85f29faa76ecc94289fdb3be19e358e6efb28c8c0e703429e60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5a7c19d6611dc4a014bf126faac72738 |
| SHA1 | d4a3d2490deb7e9972db20f9ed3c29cacb0ab976 |
| SHA256 | 0e1d104bed9f0ca086b00a5dcdbebf1e46cd49a9c7a5fef05721f8d4628b15a1 |
| SHA512 | bc57769797803df0056f388e96ba5b8161b7a0420cfc51867ec9af9a0d63e7bf071aaf411706a4a8a075c56f12ca747b6b6034f13328c2c9941509603bb9789a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4feaf1e601277108e804471dcab0278b |
| SHA1 | 5571d02603566a61af77efd7364b4659e56d70cc |
| SHA256 | 2032ddf2b340f97f4a827e67fafe8a845f3916c474942e644069f061b17e50b0 |
| SHA512 | 32f04e683fda3d3a78e9918fdb4c3d56abb21fc503e6ef4d1ffd42f982c257613a4cfdc0031f16f8d21402d59420c5e64756b4ce0d7c07e52d6e70bf5a0eeba1 |
memory/6764-532-0x0000000000400000-0x0000000000478000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae29478e3f52b83523017bc9cfda39ac |
| SHA1 | 5de48b2f76477775192f802454b6053b3d4cccee |
| SHA256 | bc157aa53b8e7792e10080b7b79b880240838b28cddcfb75b51da2428cbf0065 |
| SHA512 | 30ca832b150398b82ecaae18e64da013ffabec429904354312eff840e379380951e701c5a0fa5ffd4f731de3aa7d9d8fa23108ba8b7efb98aa39ee017a6a89e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a765c7959f34438c603ffcd50b79938b |
| SHA1 | 82dacd499c1451d972753d966113ed90ece36269 |
| SHA256 | d1006b76a1f5cfe9fcc68ad77b6fc6cb6e0810a8b150fbcb6b89fd1318ac8f86 |
| SHA512 | 40ad63563367584738e69f4826e1c9fcfa0ed0929c20c11021a354b05e541a2fe6c8916df8f8c8546b2e07c5acf5959947ce69ddff9787c0429c7fe4f5d2269e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7386824f22a0df543e738042539926b1 |
| SHA1 | 1b5d36b2ab978aace5ce0beda5a4969908c870a9 |
| SHA256 | c231b02860e9e3684d13694fa937b792e324b1465ce221dacbe04cea945710c3 |
| SHA512 | b41b90a7b9e8e86779a41b12c03687aad20bc4daa3299551ee95ca326119d0c4a9c7ad6fb69a52ef7faf31e7bd86592b2d6d85ca8ed979fe11150e6ff658da01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b55190cd2040c076b99b83a5ace90511 |
| SHA1 | c2b8c4febf13ebc62cca6025a68be170a4b766ee |
| SHA256 | 9cc98a70ce8818990f2ae940cfd65876de419ac92452e675c693d799f69e78fc |
| SHA512 | 60bffa024792bf412f0dca512b68b9271a88815927ff65951f4e620a11df2a32c1011bc9700b1ffb4c5c31af64a5b1f0dd7863ff1f40b97e622d0c84bf1cb2f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 13418f8bb38fa839de6f346365cf8318 |
| SHA1 | 12c470ca7ce3f4b1c4e2af815ee1da2756108d51 |
| SHA256 | 59d8fd94abbb3e7fa3e61835ed79cba682f82731343ebbcd5975637370e1d8c0 |
| SHA512 | aaf2ccb6fccddc1cba18813315e7d61df672672431717ccec70750b276286667f9a7e4d14e802b5d0a6ae9b53c729f75d88da3bfd6d45936d4f7804f6b75d18b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/6764-695-0x0000000000400000-0x0000000000478000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ffd63f4a0255060d98e4b3286dd2e22d |
| SHA1 | ed6564ea31a2f18289361d87e888f53a7af3e855 |
| SHA256 | 5e74315b0eae0f2beb44ab140f275d2a5832f951907548f80a47c58ea7f8f08c |
| SHA512 | 374db99b422248a1b265620b20074c53ee2f1c27b25fca10c41b8df5340c3e41278fb2c1448ff4c83af495e1c77871f1f5f467a1f955c79974384786ff47ef4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3b9049eb55f0c85a26bdf5eb4fc2e116 |
| SHA1 | d6bf358becb372143e3b1fcf7a0dac6ae4f25014 |
| SHA256 | 80bc00b9e245a451d8d22ac0b016abdf866200cf45d255cbfd9f027033df6291 |
| SHA512 | 2e95e313aa953359ad53910f4b233362370e7ee43afe8d335daae901dcf712b2b8ba158e8fbfec86a5189c82e02ae690c3a1794ea189c522a955a7e0679423b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c987cab3095c17ff5e0d5b360d9a665f |
| SHA1 | 6c9fac8ef5ae38cd0bee02dcb0c5c7799677a276 |
| SHA256 | 5997807fdadd7969cc0861ccd097fdaf4c834fd129122bb09cd721570d405e84 |
| SHA512 | 45a2e2d7dbf9c81b698498ea98a22dfc6ed32b19a71214d86365bd74bd7660ec27d8c449a968c9d4d7fffd48b68d2d4f5f58f04f6f63940d42908041224454ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 60b7a6afa3e1ddfe01844acfd8cc6c97 |
| SHA1 | 709f0765a0c958fca3295a70c9ec4d17c9f4e5f5 |
| SHA256 | c86707c42f5b39c743e1200dd327f54e00fecc71e563cc9827a07db8a93debe5 |
| SHA512 | 069c065eee272aa57cfa94c0f634df5d741b815aefbec7b3ed40f3eeae5c02983fb6f119cd5291aa9a7329d77262ceeef1716a34f80dfa7e87a2c4bd676cb791 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0ffdfb2ab04ef240dcd64e2a724c19d3 |
| SHA1 | 86326eafac2b3be6043aae79ae5ab6cfc0fb5a9b |
| SHA256 | 10fe7bd4d779367eb34c091b851ea53208c28c8ab422bab3a7b1e2d6152ac909 |
| SHA512 | 3bf8909ebd7b80c6e3625de6c0b4a3e7788bcf7d0eff8097d88d17508adada7a5ce9b8a7b08699c558a9499944154e64a66fde72269eeca9ec995be22365de9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8c1d543dd863464c944b6591f949147c |
| SHA1 | 794ec4b57a3a4c24befaee412c5a28644ccdd47f |
| SHA256 | 095044e5750c4c0655722f09fd7ec4fac5e0c28acee81b3a3cfc21fac02bb112 |
| SHA512 | 6473deccf8e8752edc558e9758ca93b43cd46a2aca38e702da1e2213f613eae77bc26fc2767ce8c83c2c928291f8a98a310176f2767575a432421b02811dd4da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 99be8423f68e263e6da35450c7d8d93e |
| SHA1 | ab3882d51031b35cbae301267682c3d043a7447d |
| SHA256 | f87a42cd1a753188d08394de72a14f4d1ed44808c322b84e44089996912696bb |
| SHA512 | 577873b4aa423251e55c5926b299db10b22451ead8a74ace4bae34e7f38d4dc1b1ed7e34185692ce88552b05160c734298433106ae932798c303e188ee570d04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7c491f0fc62ff20155963b6b0239d4ed |
| SHA1 | c5bb7b3d152c6b1a46ab864f27d52efa4482386f |
| SHA256 | 0efb9e39624681d7438f71b1f7adbba8411883e42e00d370def34d4855e9c30b |
| SHA512 | dde69e4806e51cac5d96cab66d1ca41d0af42bfc98dff60b72302486f1875618bad8b33840fad879b6d44593a92d3720820d6880906850b6967fc378057d431d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c20d8bb761da9f989e8f62e90147d887 |
| SHA1 | 61950f7d9d05de4ee6f4afae83c50ac1b985374a |
| SHA256 | 9804cf1613317c6792c1533d3ee9f39bd8da7bfaac766b14749823eebcea2e47 |
| SHA512 | c895c3bf968d364e94e385774bfdbdb6a1e8c3d52f8710f063aa61d27d5b28eb94c8dfa0ccdd69ed83eb83f2d450f6df490f0afbfe97b9ef4fcf812fb36cdf2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e2341429894ced82d327a2e987fa628c |
| SHA1 | b9bc5bf2ffaab42b98230c6c0b30c16909f27ab4 |
| SHA256 | 23063d5878f7acbb289941abb078ece04e0f58eeb5d03b11af7fbd10733ea618 |
| SHA512 | e9b7400cae28be2c04658c58a82b6f63d4b59ab57c54a8cda2edf9d26b344bbdb502c1f03a5a7ba780ba4e38ef87f85b7c5e9e57e14beb88e7cbb68f48dd9dea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2334a45cf810f723b0671910ace6dd53 |
| SHA1 | 9884c6b6b8e8ecb85f73791b851cabbd64816791 |
| SHA256 | 65fce33a4afa721a08c4a3774c1d22775e2c9308632f9dcbacfa34da1f991004 |
| SHA512 | d97654ce0491ba8e2e8d59ac43f1550f4f98e5a12904633f310599483ffe8107e2cf5d4a06138d447a3b37a77e41fdde92836da71ab0fe362650b2055f347ae4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a9ab73311c6ac36_0
| MD5 | 9df3a9d8f6d9f80556efbc22d3c5cff3 |
| SHA1 | 7ab2f855a3bd2eaba035705bb675c10948161e6a |
| SHA256 | 4a93cae817e930a2882f7111cdad067063e1b4ec7bdd6d5ad4642d6744db63b7 |
| SHA512 | c3f2abcdf8ee1a4e0d953531be1f087385ace6815fb7c3fbdc772084dc70b3cca3a838a554e3f9d4289b4e99a7c53e447485c0794bb4ab720d20534e8c597406 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e513c5a702e5aa5_0
| MD5 | f64ad7d7986fe04babea252866af997e |
| SHA1 | 512675de0b5ec00351e9b699d4980e90778c5bbf |
| SHA256 | 7bf80ca9c5381bb557f0235b1db04246529b82a0eccdb35ce6d4315134a2c562 |
| SHA512 | 20da2f557ae9809759875a30fa0ce84bbbc0fea3a16dd5bb98881d5fa06737cedb6f08d7cfe5bd5ff6c3771804ee23dac8008df419c3b24b959456b8e4fb2b71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 64c776abe31f690cae1e7496afd615aa |
| SHA1 | e22c7dab7cdbad121a4cc3e6b800cf97f6f5b2f2 |
| SHA256 | befa7bcc20052f0a5ef39e942e5bf158e334f0707ed8543ed7fd54b3ab46d6c9 |
| SHA512 | c1cfc1f5237d3b9fb1fcf988c9b5569cda8d3aa6f036167b4df6bd0da214cbab37de11897568258680e6f496b893e53548f36dcd81e4d0d40fba0c6b6bc39d8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ef9aafa46292c44076bfd54e1a44c8f8 |
| SHA1 | 782963de9e94cf74643919c156399d867d93f7af |
| SHA256 | ff8164d8617a1589cc86d2a556cbc8cdf3d2bd1515133a05eec961ba7df927f4 |
| SHA512 | ec290ec82c70583d3d9f5757ae4b7a8967aa5d4749b9713a8dc306b8eff758ccd02e82075ce39ac712e91575cffa63cdb4a3d4a66a9053a960d03b24938668ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4b8ab0c5e47c812148423e52a5efe43e |
| SHA1 | 74791f25d0ad6a78ee8d3e40f638ad68a589bd22 |
| SHA256 | 1cd108df4687daa6637bba2b9c0ff2fa4b94bab379ce2140d1bb7f2905896015 |
| SHA512 | 3444ec37ab9a21ce7b5498ffed05f33a3e14138e90c25d01098c7efb5905e69b0fcab28dc245ebcd8c03c89f2bc237e0b00054af80bcc3658f99543f448d0aeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 406f47e02c0d51445aa92b9ff9924e42 |
| SHA1 | a4077251ef2d82710dbae3e196a3585639e26576 |
| SHA256 | e7d956b080c21728e936c26cda415597a4b343937c4efb677f20b53f85a22bc2 |
| SHA512 | d9aded33be997b9a9dda874415ceb2afb50a6a40d83ec973bc96417a33481e616308a40ed34c83c08ce8faa64e94c4357d99fba34f8c6594acffedf8c20c8a07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 1f639214f5701b9864654035802ef715 |
| SHA1 | 1694b757f3beaf790b1e40ce4bc98b8b0b63de40 |
| SHA256 | 95d6193832810e60dec02e067387f3b8e62f4257423a1bbc97984ddbf24ba020 |
| SHA512 | 25548a0a2e2a27ccab4ac4b8e5ce652504f4d7b1240342fa47a1b80d0e43f43d70fe43dfe20d31e4d6fc35885b77dc44c18d2cf472594f5730ef306b7e567619 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 0f0aa0956dd2209c861f607b65f62934 |
| SHA1 | 42be1d4163f0ac4488a421f53972614dfd81ada7 |
| SHA256 | 6e30ac878465d4a824f400583989f420daa084abc74c78dd174d69bd86509c32 |
| SHA512 | 9fed4bb0f1f8d76d3be5ed389b09d2d9c628e41568c222578ea842c763a657c38d2043a8687ce34723e3f1cc00b4f8eaf484c0810adba2ba664cc907dbd98e3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032
| MD5 | 41886720294aabcb93e4a62fa17ea6c7 |
| SHA1 | f23681b80b1ce9d4aa3b1b5227438ad9bea33015 |
| SHA256 | 528a7f5a6eb526d5a6012f78d050b6b37e25ad1c8135bb66490be32497d44da8 |
| SHA512 | bb1ac50c971bb3d81a021147256ac61b7c2763586b72681d79370c2f60bde794345c7f6e012447305eab1240fc10b74249860bb569d5dad92037ffdc97b307ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 1f3a64f930cf54f584d6d5a0eef09030 |
| SHA1 | 84fe3e6d58b364709ed390cdff1207c55cda1be9 |
| SHA256 | 62ea52e65a54f9869e7a2ef332cb70079b5ecb6d0f58e7df106d01235a2e4f33 |
| SHA512 | bdf41dc572741087fd8fb4b9fa7ba7e48379050114839234b1291b5926c9ff92e339cdbe15b38739906800980f2091ff1e4c6be3162bd6da76f28ff1890eb607 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | a40eb8848a0d4030c013bec49a6018ef |
| SHA1 | b6139d46800dda0c4f99764869855fa95b69839c |
| SHA256 | 2bf93c129f890999b6cd91ff7f9938d8939bec0873ccf3ced43ca42ca3ac923d |
| SHA512 | 6426dd29cc4544c43c7929d118507441087c69787774511474574260e46a9488c0c1eacfb29d3cbbaf4b89ef66812494bd259d99c46058bbc1007e30d1e3f645 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | c41a28763db7c298fb0f56582b0236b8 |
| SHA1 | 006a5fa38cf81e841681ded41b8a405ff522d074 |
| SHA256 | f825ee4c5e32f849f9831e43eb185e9f04d699dd14c08f13038a524ef35fd992 |
| SHA512 | e0183efdc0f11b07b2ed3070183a6259d9c819d0a03e128ff1185c0b4e221fc3c0fd4b54bfcf82e6c59eb78254d1580cae09282d6d497759c4945771b37ad421 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 7dc9131ce9fac23dbc0b548f1469984c |
| SHA1 | 2e1aab9c7508ba7f61039d245632920735fa5656 |
| SHA256 | b689e35ce912af97827b4d77b3f9890c0185b03d9dbb8f7ca3a237fa3667af72 |
| SHA512 | 0b50bb304cfddcd8bd39552e65d931564189655043498ebd1835647a63a08f91f65edc22ceca502df1e6f5372268d9e78099cb9eb5c39f5b9b2c7e583f4581b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 26088c06661d1fb4a002e2609404851b |
| SHA1 | 31293824e0579bc790426930cf73e9a0c71c0aa8 |
| SHA256 | 8e9b4a4680b498db825ef610e4e7c68bf3dbfe95383031c7531f1e6dbad454a8 |
| SHA512 | 3527d553940a6c91b5cef149df40bd5537e46d16442b5bce1e593e743014d3f25250ca8008d912b87b41745006e03e1c942be94a1590b36c1db72bd8ba23e12c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | c984007d060766e41c7822ba1429658b |
| SHA1 | b016cc7dd0f8243422b7bd3636c6f45426edc234 |
| SHA256 | 1a5ce05e4a177d78ac9565c1104e1fd113c41aa5deb202442e48c102d22955d9 |
| SHA512 | 7720ac3ab724bafaaaadd5892fafe526fef0d4cf9618453a5df6dfcebc35173a980aaa52f7ccff7afea99cdc39fe81ab7fed4cd2baa5dca89d07b8befa3480ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | 8514070c52e1dc6e842476253e4db12f |
| SHA1 | f4add580d5863124a376a6418c93233cfd172fcb |
| SHA256 | a715e2eb11da34576edf029649f51a86bd11457994d55788d1fa283a5464849b |
| SHA512 | b5c2092606846d715e17f43b770fe4fe43fffd625a454be6bf28246628e7aa6cb9e22e29b5e7fc042cc42dc293609526a902e3103936616d4ee173c1aff6b81c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d
| MD5 | 60186dedb9b59a21c096774765d9eb7b |
| SHA1 | 992ea3adb2f1660892fb1b94e93314310cdb1449 |
| SHA256 | 555d506e1652098dc07c0ccf398ec9276b0e6ac08eecfa8ed23f02f610723624 |
| SHA512 | 119abd28f1310efdd22421d5207395ce0acfafc6d94710792b505803ec8d304032fba82ee2f14e7f62568307b37be8ccc917f659851f0d1253c6fa22414a1eb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058
| MD5 | 856a3daa268de8801e7cfd5b727b6de2 |
| SHA1 | 8e099b433518980e657c7541c49b498e6b83430d |
| SHA256 | b870ae3c5216311e1dd7b8662e01d1fa3326edc85a98a58247cd37b8cfca0be5 |
| SHA512 | 2f191ea906a3551576ab14e607fdde9930fcb15f15ffb40a8c5999ba07224bbb8ea69918db11d1cd719a3d57510edd466ad2b9199c6a45a48463b0020a2e6eba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3dc08e1323fb2f97a75caefe6e780b7b |
| SHA1 | 97eeff3fdc9c4f8de17c941a35800da36117190c |
| SHA256 | 368034d34011a25f2fd5f2436eff564fe9fed7c0c1e95e45816872cf90a31f96 |
| SHA512 | 1ff7f857ffa9c65fd149cb2bb9d5f7195cbdbe0be5084533ba1e55732f11c4c4ce97e7f63db71d7125bb1f5db52efdd8052dfb097b5d445adc9cb13346303470 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74f10acfe1b79644b03d89c306ff439e |
| SHA1 | 76c98f9efaa511d8705578b23e5be4bcab3de207 |
| SHA256 | b31ba774488ff67a3da77956e8e34f8c9cb13ece5d08590c0697fa8d7f01f434 |
| SHA512 | 95617ef003eca3846600dbaa5b07634d738abc7a0be43802f7d469520e2c7517fa8e58efe515b2624f2374fe7a864dfb9eff1d79e021a27a5201684fef4fef3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056
| MD5 | d453eca18d366c4054d2efd57717cf9d |
| SHA1 | c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4 |
| SHA256 | be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc |
| SHA512 | a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | edf92e6633b5c3660121f7a344e1810d |
| SHA1 | 5ae731508bd4121c6db52964a09dced68266fe94 |
| SHA256 | acd966dac7861a941fd4534bee774b45b8c602f558af2b890c678b8a20113bff |
| SHA512 | 967fbad529721b1dfd92e5bb877671c1ee84a42dc85d89b34c8edfec093ffb96e0f8f4d053ee00c267bcdf866c3b80903c326f2cbddfd9e4773abb55cb4e51e9 |
C:\Users\Admin\Downloads\yhhkqa.zip
| MD5 | 497f3a5a15be86c2c9ca780013e757c5 |
| SHA1 | dc016fd727bddc290a27cb767b573cca78b29716 |
| SHA256 | e72ffc899a5f9242de964e0570c646780512e2b432635b6ced2a81dab65ae83a |
| SHA512 | b1be2ca0e62e76f82b76546b5745cd52ccf8f5213205c4955774a9e4bade971d98922a7372ca63560697e4f55c59aa62da1a22ffe488d50436b405a061fd35ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 075650f8f5c88ecb9759e404d5e2fcb5 |
| SHA1 | 5834efdc2f4a34de657a44fd5c98551f2bbf9bd4 |
| SHA256 | 5d44e4e6a5101751878d04d58c746e75e094a7d652f72bbad3d013a58e1bbd9f |
| SHA512 | f88a0b147a2ede7ae4b2af0be8f52f397d079c9717bc025471dc21d284696e19ca26afe3c69c713e840a00f7f56a69270b2436c25e00882b0ce0537935ac8d30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3beb701954ad90fc14997a801afa38e1 |
| SHA1 | 7cfeecf9b7e1b9855e3dedb19739d293efc5e788 |
| SHA256 | 5b2516c3c1efe9d4d68f2ee5365a63c6aad8bb52184de8eff435af407dcea6bc |
| SHA512 | 9accc92e5d6e997d1c0aca4d28a3d4c9401e325808dcc2a5fc7166e1b2ac72142664b21e3d49903ee958c0a27260a46128fe862a36cd17d57b52a3d2212a34e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d2bef74aed02407f656dcf4b1d9febd5 |
| SHA1 | 04d9d50dc266c2106390c661d86cc92fb7dcdd08 |
| SHA256 | 880b4f67bef925b3ab1549fb824ffa49926c18bec1556deab6c5982111a6784e |
| SHA512 | 4c30c4c65afdc7651e1c7ec694b9d222d6454458573e8e5fabda7346ddff2796d111189a9ab48b02ca0e4098e37cb1e0060aeee539c879e51a08bf52dac76aeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31056ce348a89a2332ffcd5dcdf91a45 |
| SHA1 | 0b95608624e59de17a619946f8bafec3b7e0e9fe |
| SHA256 | 448580d0bbf331e9c5fcd0a9f144236a5511874f70984d38edc8c97a0c73f892 |
| SHA512 | db9baa2de2f78b70b4f51743595a4d8a2c508b65634979b54a07ea2d4cdb6a59f510185d404c2f6d31d11e6976d41f8e70093893c9121ad22feb593a8bf2e743 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | acf64f017d373ce82bd353ff439a9272 |
| SHA1 | 6d8103158319cf5f2b7a241f7a1b5c1ad1737775 |
| SHA256 | 0e2207515ecf642b940af591202372ef4921e9e67b5c4956a8e065ab2b47b3d8 |
| SHA512 | 90fe1b2e3d3eca336673e168914185b63b1371b35375aa8a4bcec5d92e575fc867d8beb5dfeee1e8babf2f2e8288236f3f9242b9abe268c9c6baafabfd10a8fa |
C:\Users\Admin\AppData\Local\Temp\nszCC72.tmp\System.dll
| MD5 | 41a3c964232edd2d7d5edea53e8245cd |
| SHA1 | 76d7e1fbf15cc3da4dd63a063d6ab2f0868a2206 |
| SHA256 | 8b65fec615c7b371c23f8f7f344b12dc5085e40a556f96db318ed757494d62d5 |
| SHA512 | fa16bd9d020602e3065afd5c0638bc37775b40eb18bfa33b4ca5babcc3e6f112ae7d43457a6e9685ddbe6e94b954a1dc43d1da7af9ca7464019a3f110af549c1 |
C:\Users\Admin\AppData\Local\Temp\nszCC72.tmp\nsDialogs.dll
| MD5 | 2aba8f16eca82517460013a3de7cbf67 |
| SHA1 | 3812192fa7b873f426c4b0d0d822b3c9d51aa164 |
| SHA256 | 60b85fad2477b8c0138067be3697290b280b9334cf408cb57894e3baae615d0d |
| SHA512 | 4e059f70ef420c22d69199557ff3eab9e51fcefc75d220b057f1508f9566cd6251f9e06a8fe3695bf7d913ebabd2519ce52f485f2de9a5e4ab3ebc553b877fb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a3edb01f8a68185cc100d2a61c7e96fb |
| SHA1 | d3e4ade7437df0bad6610ebe9634e422b7c2726a |
| SHA256 | 3b59d07e5bf574f6435787783e7e3164e9ac71a9e1b5f5094ccd4238831d3c18 |
| SHA512 | 6ed4ceab3f53d422280a2cd1e3309975c0e3dcc2ec9cd254cf890f1e2fe278c5cbe7090281761ee0700d4a86a02cafd9788fdca0b6df05a79bd81dfc63764702 |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\UserInfo.dll
| MD5 | c1f778a6d65178d34bde4206161a98e0 |
| SHA1 | 29719fffef1ab6fe2df47e5ed258a5e3b3a11cfc |
| SHA256 | 9caf7a78f750713180cf64d18967a2b803b5580e636e59279dcaaf18ba0daa87 |
| SHA512 | 9c3cf25cf43f85a5f9c9ed555f12f3626ef9daeeedd4d366ada58748ead1f6e279fea977c76ae8bae1dc49bfd852e899cb137c4a006c13e9fcebf6e5e2926a4d |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\p\pfBL.dll
| MD5 | 3b09b6e92e96a709713c432b8ff5500e |
| SHA1 | 68e1fde0702966cd14e8ab270d17c21a3ece5fbc |
| SHA256 | 4c5df798f61ef0fdf745ae5c03281c18c0a0b472b31a1598785d22d67c13b54a |
| SHA512 | 29f5f30ce2741e2b99fdd9307301f98d00a316744f74cec9ab0f17ead22a49129af7de0cd16f83acdac3c96e64b3c4646a9d36a6f09ea83343c0a55566f0d22e |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\modern-header.bmp
| MD5 | 6412e0b095da5095b321d376eb912ca5 |
| SHA1 | e93a95c724ba969c656f1cca47595a178176b238 |
| SHA256 | f2d07a76ad7d89e64ee261c81039205e44cd0f496193a25de08eac488874e1e0 |
| SHA512 | f1a32da61b3d219d72256c2fcc5e01923052832b88c86a8ed3efb369e7575c7e54af77fdaa690c03317a64be04c3bfd6b2e16095dfed2e9c6b6ed9af59e57b2e |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\modern-wizard.bmp
| MD5 | bf670074262a7e29da8c0ff2d94c1438 |
| SHA1 | 5d608a1cb519e5751a4736a6b8e9f3e80477f3e3 |
| SHA256 | 1ea1d0a8b0302840b2ba4743fdef788c93517ac083b7a9da7dd25640251ce061 |
| SHA512 | 6c974589ba1e2939e86216078b5ec8bf750346fa77ee81e85a7842aee42cd33f858de9fd2d6837e264f73ab18c1b1d26c4a29336da4e4b41e83c465371c94ca8 |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\inetc.dll
| MD5 | 7760daf1b6a7f13f06b25b5a09137ca1 |
| SHA1 | cc5a98ea3aa582de5428c819731e1faeccfcf33a |
| SHA256 | 5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079 |
| SHA512 | d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5 |
C:\Users\Admin\AppData\Local\Temp\nsrEC4F.tmp\ButtonEvent.dll
| MD5 | c24568a3b0d7c8d7761e684eb77252b5 |
| SHA1 | 66db7f147cbc2309d8d78fdce54660041acbc60d |
| SHA256 | e2da6d8b73b5954d58baa89a949aacece0527dfb940ca130ac6d3fd992d0909d |
| SHA512 | 5d43e4c838fd7f4c6a4ab6cc6d63e0f81d765d9ca33d9278d082c4f75f9416907df10b003e10edc1b5ef39535f722d8dbfab114775ac67da7f9390dcc2b4b443 |
memory/3556-1786-0x0000000002DC0000-0x0000000002DCA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nszCC72.tmp\FindProcDLL.dll
| MD5 | 6f73b00aef6c49eac62128ef3eca677e |
| SHA1 | 1b6aff67d570e5ee61af2376247590eb49b728a1 |
| SHA256 | 6eb09ce25c7fc62e44dc2f71761c6d60dd4b2d0c7d15e9651980525103aac0a9 |
| SHA512 | 678fc4bf7d345eeb99a3420ec7d0071eaba302845e93b48527d9a2a9c406709cc44ec74d6a889e25a8351a463803f8713a833df3a1707a5ad50db05240a32938 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | abd36fa7860aaa851fd0d8fda719255f |
| SHA1 | bb0f078e43f52a8bbdde2dfafd1ec418e006dc7f |
| SHA256 | 8094daf3df84befc058d0588a25cb597957cbd20f8704a723e7b334631bb1943 |
| SHA512 | b310eec25d8283062361028a93932f55cb39282b43f1c9cd31096f8359cf0183659b0c1ca52fc775098390684f4dfed23016487c8dc338bd060d55ef67045d34 |