Analysis Overview
Threat Level: Likely benign
The file https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1 was found to be: Likely benign.
Malicious Activity Summary
Resource Forking
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 19:19
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 19:19
Reported
2024-06-11 19:25
Platform
win10v2004-20240426-en
Max time kernel
300s
Max time network
302s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe344246f8,0x7ffe34424708,0x7ffe34424718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7652 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x38c 0x490
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,1853640270879344952,18372017299582516176,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6316 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | it-takes-two.en.softonic.com | udp |
| US | 151.101.1.91:443 | it-takes-two.en.softonic.com | tcp |
| US | 151.101.1.91:443 | it-takes-two.en.softonic.com | tcp |
| US | 8.8.8.8:53 | 130.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 3.161.82.117:443 | sdk.privacy-center.org | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 91.209.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.82.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.82.161.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.186.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.82.161.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| US | 13.33.218.24:443 | www.datadoghq-browser-agent.com | tcp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| GB | 142.250.178.2:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.169.59:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| DE | 18.245.31.65:443 | config.aps.amazon-adsystem.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.91:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 24.218.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.197.45.139.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| IE | 54.72.245.162:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 162.245.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8acd2e12feb118285372c275081353f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ad.360yield-basic.com | udp |
| GB | 172.217.169.65:443 | 8acd2e12feb118285372c275081353f2.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| DE | 18.245.86.11:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| IE | 63.33.236.25:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs-simple.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 18.202.142.39:443 | ad.360yield-basic.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| DE | 108.138.8.164:443 | aax.amazon-adsystem.com | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.86.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.236.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.202.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.8.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| GB | 216.58.212.206:443 | ampcid.google.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | udp |
| FR | 185.235.86.187:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.65:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 52.18.223.218:443 | ce.lijit.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.223.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 224.236.55.162.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0b4ab6a525956fe27fdecad3a3c1f78c.safeframe.googlesyndication.com | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| IE | 54.228.201.209:443 | ad.360yield.com | tcp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| IE | 52.95.125.22:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 209.201.228.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.125.95.52.in-addr.arpa | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | it-takes-two.en.softonic.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 23.200.188.27:443 | contextual.media.net | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 2.20.12.106:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| FR | 5.196.111.68:443 | ssbsync.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DE | 18.245.31.19:443 | api-2-0.spot.im | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 52.71.51.230:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.212.235.85:443 | match.prod.bidr.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 107.22.175.139:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| IE | 34.255.106.93:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| DE | 18.197.7.178:443 | rtb.mfadsrvr.com | tcp |
| US | 64.38.119.42:443 | bttrack.com | tcp |
| NL | 89.149.193.85:443 | ssbsync-global.smartadserver.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| FR | 164.132.25.185:443 | rtb-csync.smartadserver.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.188.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.235.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.51.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.106.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.175.22.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.7.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.25.132.164.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 18.194.142.248:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 23.200.189.62:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.119.38.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.142.194.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.189.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 23.200.189.125:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 211dc9ada1f01d550d3347964d0fa52f.safeframe.googlesyndication.com | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | 125.189.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.65:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.187:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | js.adscale.de | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 18.173.205.48:443 | js.adscale.de | tcp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| DE | 18.193.251.59:443 | ih.adscale.de | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.136:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 63.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.205.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.251.193.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clan.akamai.steamstatic.com | udp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.232:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.210:443 | clan.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 210.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| PL | 104.81.96.166:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cd.connatix.com | udp |
| PL | 104.81.96.166:443 | api.steampowered.com | tcp |
| US | 172.64.146.152:443 | cd.connatix.com | tcp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:27060 | tcp | |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 8.8.8.8:53 | prs.sftcdn.net | udp |
| US | 8.8.8.8:53 | 166.96.81.104.in-addr.arpa | udp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| FR | 5.196.111.68:443 | ssbsync.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 147.61.62.23.in-addr.arpa | udp |
| DE | 18.197.7.178:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| FR | 164.132.25.185:443 | rtb-csync.smartadserver.com | tcp |
| FR | 164.132.25.185:443 | rtb-csync.smartadserver.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ins.connatix.com | udp |
| US | 8.8.8.8:53 | vid.connatix.com | udp |
| US | 8.8.8.8:53 | pl.connatix.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| IE | 52.212.235.85:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 13.32.27.23:443 | s.ad.smaato.net | tcp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | img.connatix.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.27.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.248.63.178.in-addr.arpa | udp |
| US | 52.71.51.230:443 | sync.srv.stackadapt.com | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 64.38.119.42:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IN | 142.250.193.227:443 | csi.gstatic.com | tcp |
| IN | 142.250.193.227:443 | csi.gstatic.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| IN | 142.250.193.227:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| IN | 142.250.193.227:443 | csi.gstatic.com | tcp |
| IN | 142.250.193.227:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 227.193.250.142.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 89.16.208.104.in-addr.arpa | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| IE | 34.246.138.179:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | 179.138.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| GB | 172.217.169.59:443 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | 8proof.com | udp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 8.8.8.8:53 | 150.53.116.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.248:443 | shared.akamai.steamstatic.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8b167567021ccb1a9fdf073fa9112ef0 |
| SHA1 | 3baf293fbfaa7c1e7cdacb5f2975737f4ef69898 |
| SHA256 | 26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513 |
| SHA512 | 726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54 |
\??\pipe\LOCAL\crashpad_4916_QQZTEBYHDONIAYKW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 537815e7cc5c694912ac0308147852e4 |
| SHA1 | 2ccdd9d9dc637db5462fe8119c0df261146c363c |
| SHA256 | b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f |
| SHA512 | 63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a21dcbca8451824790ec7a1331882419 |
| SHA1 | 5c6e65002688481c3b3e7a412a17fdc28bd1b428 |
| SHA256 | cddd5e7bdd1799994eda10c840aee866ca45cb0cc38a8f60049def4a123f9c59 |
| SHA512 | 13c6e668b9940bb4a299f2503255801e9cc281fcfe138cad0bcadf1c290993f9f868f83bfffdb5ab8e4de9dff944d099d6a05127a6f8219a38d9c020c640d672 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8b2ea51b285aa7002f56360435de9fe3 |
| SHA1 | c5f046c36ce797c509b58c4c0f3bc6de990a444b |
| SHA256 | f79ba8d6a4457cb6220505290b16f839695091fa7dcbc5bf176e58683b90e0a6 |
| SHA512 | d51272d3681d28c8eb91c695221caf7b62bd6d44177e9b5bd47297c564dd612f0ba7a3a4ed0376195f6503fa711a3d9c57ab4e0bd4af0237a9a52fe0ef4d86b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5d47662f2a72c9d6888fec33536ff437 |
| SHA1 | 1de493bae725eaeeb13e3bd9cc0840b4b3378455 |
| SHA256 | 801f834555ae49ef8338f712d157ac262a3df7400580c2fed581a67852a70e27 |
| SHA512 | a2d291b8dd3df1dfa62244a2e853834a63703ec370221ff33bc77cd7664e358f0d4deb7910cd54d7c7c7e1bf82d9f62d11bf36139f6307f2ed1c223e672649f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 155ee90eb16602b2ea09ff7da1b188e1 |
| SHA1 | e78de285b19e3d0153f833e7a31c7c57be0f032d |
| SHA256 | 0f9f56613c367c0f50dfc998949e5fc3d48e5edfaef8424b21ef460c1608e68d |
| SHA512 | ff1938dce01815f774cd48a7b2c63e3e374ed3dfc8d2abd95800db244080dfccb2a79bd8b7516ad913bf48439f0baf58e7af438a17cbd5728fe9a68ab1fe0efb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 08c9c2594f535607602cd427ca3ec69c |
| SHA1 | a2c046ef14e5c6a9bebec218d9b0616b19a0a467 |
| SHA256 | 85343093a7a7595b20270c1f40a7335b0508f43f8d0e8d39cde714851a6925c2 |
| SHA512 | e5ffc92923a3d3b1cfd828f3125d418bda2cdc888a54cd91b1a9f4936f3fdff3892acadad6b29c767fa841445d7519fe18868051dcd26f55c468be868e24e5f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 953baba0b8b312b0d8d6f9a8045a58ab |
| SHA1 | 343583661a2b9a6b24c7482251fe59a99ceb70b6 |
| SHA256 | bbb47040f2f04af8fee71f80f16a2a1656ee507271f5566f295bbaa65aceb497 |
| SHA512 | f95c08f939326980419f380c6bab435f78edc4f330efca8bfd08973711659be6ab4264d0ac93f96416f3975f3e2f8ecf01e8fa69612960fb7bf757a11486c43e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57deb7.TMP
| MD5 | 50706b6b26e2705aa0e133e292f49c13 |
| SHA1 | 04a173bb137bdaa2f965c08e5fdc75df5feeffcc |
| SHA256 | 3dcc3c48b0bb959818e0276fbc0c788077046d884b950122ebef6ac55ce6fc96 |
| SHA512 | 98eb3e9d52dc6ecd6810c7e4c1b1e6002c89e485322d664fd2f461da3e0180cca41150c3e44ad364e69cfa36e90a01120a61f4c04e958253a14914b8f93e0f2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1b3cf2ae835c5e088a624598cc1a472 |
| SHA1 | cde08de7b53229b911339883845a87534ca5f1df |
| SHA256 | 701c7eaf3db1a3005e6d3c73768459b4948383d60b9472a04a75c1b07cfed3f5 |
| SHA512 | 84baae2ec61f76cc04554b345ae77bd2750bdc68415f51b3a3d49854e564abe2d40930cad2c55e615909861159f77f904b0c752d54c429a3283cc878b762a72a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 96b8310eb5f44d241b664bab4536d536 |
| SHA1 | a7091f6f9c8df8adc3f0ba00e44f07032728a5f9 |
| SHA256 | 7f9f26ffc587fae9c2e84d7669d1b1bd44099cdfaf6fc500c143fba396cd1a30 |
| SHA512 | 8b01ef95b5a66ce1897a417036ccfc33da6ef636dbab0d1dbc63b6a95b74a289488eeceb7e1ab04cc3d7b1c7f53144ffbe06c0ef767ab0644c493a5ae6005da9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | ce1093c800c0933d7c9674eda75790d8 |
| SHA1 | 371c2dcde092f51b18852e2617bc6c0c176f5873 |
| SHA256 | 57781a723db9a2483067bcbc89d1f30f7e2f22ae2d18aab1e45ad894d8cdab89 |
| SHA512 | fdbb31c607cc9a4bd75c42cbc552fb40d82e53804d156244ed2daa124c75e1680b908589f7a3ad8888b9b03ebfd1f4b3e83e19f84e3a746cf210d0b8a1678533 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | e9d809a1d7fd30047317fbd43fae61e9 |
| SHA1 | f787ab2f19856948bd9ea7aae25f45b2a8d08d8e |
| SHA256 | 0ba8c1a3ea7999dc49680abfe030219c514214972d20197ccf7def509471b72d |
| SHA512 | e91109af437dfb88f8f97df5795a25e4efaf1a2fcf9ffff8410f19a815bcf80f62e21fe9d5de7e5b6df5e983eef8393c806e5df48353547a02b81c0780fefc50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c6380920644e04e7216e1c66a145f0f5 |
| SHA1 | 7d6688ca0a49282993f3c57b2d05ee03eb091e15 |
| SHA256 | 37e56765729f6865b75cfc741ba72dd0987904d732fa7d28365dbb937a9b17c5 |
| SHA512 | 7f9d001bae6101bc2aced3b8663515440f023bab716bd9669a6d0224166da23c52624ef6f663f2af45cf9f43841dcd9adba9313f83fd11246e43ca439403019f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3a3f88978a2c90838b397d5de371eff4 |
| SHA1 | 3664972ea3d044ad009d78b70b2439d721dc0dcc |
| SHA256 | da4fdd16fd3b08c6e4d588f522d1de2a5c152d5c09f81aa1de58926d1cb37aab |
| SHA512 | f78e8d78cc2f8d1a29647ed351e985d69b633f7245239bdd3a1f73455ec1cda748c0d587e211a1ff300f5b666c3e581a8918e3ea93f43df694751cd1ab7b6598 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d8859ada7aa4c4cea9b1a11207345a0d |
| SHA1 | 17d9f420d1f32d0338a2fb0b2d01c30790f47959 |
| SHA256 | 89d596c305dc3125095b22030655199e7b1be5efa14e02e047897f7186e4490e |
| SHA512 | b38648d8907839bfccdc3a20e2ef0c9838fcb0e23b614668477109163108f134da589cd85c7a82d4a71b6cb29983812636db2ef1e8d4a46cbbe30d117b91429e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | fa2a59b856008fd8ff43376e23cf71f2 |
| SHA1 | 4b0129abf7fc6e616ec391de578fe8f93fe6ebbc |
| SHA256 | 41190fbf4dad54590828ee55b35030c9f935af04f8eec3be4d7d6a9cb97e8413 |
| SHA512 | dac3407ae617bb6a9d591b631a1a0568fdb22d4dbc04a94e925004e3e8d79cb7b047127fadedefde9b929ac9b699dcc0294e2718da1185cbb19be73877cbcf1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 3b296b6f9308570d77d5854a13af6ce5 |
| SHA1 | 075f2a4cc2cd276bc8ef9455e0e6c13f0b49e387 |
| SHA256 | 16541b2fb61bd2745fc9f32449fc5da8c04b3b1608078ccf2622e12669b61f67 |
| SHA512 | de2c7825c94c4a01f79890d226b4dfca0e6fe52b2dc0017a264924422943dc9c9f236e19f700fd7110a895d5e991e21edc205c51ad9bf9089e08d876969728da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 67e30bbc30fa4e58ef6c33781b4e835c |
| SHA1 | 18125beb2b3f1a747f39ed999ff0edd5a52980ee |
| SHA256 | 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba |
| SHA512 | 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 2155f385101771026a23f3dc2808c97e |
| SHA1 | 550ba8b46e714011059de97b0f672f0349dcf8de |
| SHA256 | 4641db11da9224b6da70ab3719915060084de315ad9037ca51c566d7d161dcd1 |
| SHA512 | 653fa69902507e82f884910143a60305e2b3c6e4d7ef411273c4ca2a67cb144ef9a367963bdefb1f45e21af4193393bfcc16ea599289b6f45c923884b3fe39f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 7c8a4f5974f7d674797986fb3f01ebae |
| SHA1 | 0f8ec880a27199d5aa378de285b31eabc210fc8e |
| SHA256 | e187a9def96fee64c33a99a6a1ac422240819c47d6ef431a3461d76f47867cde |
| SHA512 | 1dc90f4ca9e43b858d6a234635bd015b78315ea940d3edb2a904b46807d5d97b59ce662dec3d6e0509b3af529de74c6014d394133fcbb3707357586266c7f9d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | cf14e0fe8edff1b16d2c37677b891122 |
| SHA1 | 7ee8038a41af877a3d0af90188a43e6d6d9c1cb0 |
| SHA256 | 7ca880c4c6f4f06a73f2486d0f1e00f1208d6c0a278565b4a09f0ba6058717b4 |
| SHA512 | 54eb81e9f2dfe83330bebeee4afbc0eeaea54c7c293191f1ec3c31b3c610bd2fbaa6fc3cb5027e1a6be78cb7bae89d391817d04c6df71d1adfcae9c86d3dd6e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 7651b1187bb58ac4c7be625337b35e5b |
| SHA1 | 307d969ef4137a66fe2793737dc1c546587c7f43 |
| SHA256 | 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968 |
| SHA512 | a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 400f788439d9c05ecfe5d1a1019701aa |
| SHA1 | 4aec161af1e984d72ec6f27d58b5bf068a352e88 |
| SHA256 | e95d56c376b2c2364329ce942dfff912f89f2e2564ceb0f8c165139f17c4ca80 |
| SHA512 | 6657f818371c15011961609cdcc15c32c73dfc4cd1c299fc788599550b7e9b1bd7ff5c5e98f980040e9809070f668281da303e26bb9bb0ef9a270ee4a271a407 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | df2e1c48828159a8911f2afb36ceb5db |
| SHA1 | 19880497a1047327448de9be1772f69a206a7622 |
| SHA256 | 4859e7f20daed6d194f558e387b8cdbfe0375c8172bc9085c3c8829cb645f190 |
| SHA512 | 9f252aabb0648ce88099b1b3c2cd862cb7a9c87fad667244c1772e10ae93a0934dda83adf58d46fb88a7c333e9c9eb6e381cadf940d44d3903ea7c59494c689d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | e38f173dc1c8f42e5d8048aebdd16edf |
| SHA1 | 3983f49ad858a624fa64e4e90d47506c357208c9 |
| SHA256 | 1a8d1ed6d98b3084fb129f9d530aa0aaa21c9240fc12dbfac921eadd25b60a79 |
| SHA512 | f4ad2a6041a729692d937e9d58453cab56b432ea60934f3598eab601318cdc315620cc8265db6692cd9e9fe7e5eb50ca5ba392f82b90373f6ec8e17a633b67dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 86900ee831d4b8287328fa2beaa975bb |
| SHA1 | 15d2e4b51bcc5b3073210bb890e412c31403d91b |
| SHA256 | e999591661124ee5bad502061f8966525bb8ba104b5d37b010ea376f496fb90b |
| SHA512 | 684825c132c05c64778ada12c80f5d6cf2a00900774eb06989053e6aef954567399057a17e669336bfb87fbd7a96ad8561141dc11d5014b6acbbd740228de45a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | e7b4b6575dbeb89de07675b1aeae824f |
| SHA1 | 092488dec618c0f712e959691d9e7bedae897e0e |
| SHA256 | 8e7e1465bd76c07b62706e8e5c8beccf940a488abf00923c95f0d939b8a06552 |
| SHA512 | 9a20ad3ec8df4768cf5d03cd3eb32cd3d3295f303d05040de2b4c76aa3f945b00d0dd5d8f40854f55e315e809222d1fe61d7734a6df154a594a2c0ee1b01f8e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | bbe3a9e17ca2f4552310b596d5be1068 |
| SHA1 | 84bb7ae77f788ed87f508890666970c475f0e36b |
| SHA256 | d6079987d76a9c0ca0899c0186795b86b3bd4659fd4d927eeee99c29162248d6 |
| SHA512 | a0514a47ba7f3be517af8a136e6bba68f3cf0eff735c324ee281322464cc856bfa52fbe16a9577eb2b9c9061490cdc2b775ce1f2020d0136bd88ea79b5eb267d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 2ea3efbd365a32a703b8741a2c2c2cb4 |
| SHA1 | 40149f4af1af0978e86737d22552668424090a27 |
| SHA256 | f9401654947b2e2f20ff2134b2f25378e876d67ab9438328bb459a6a8fa8e40d |
| SHA512 | 3a9c20bddfcf7df3a11770e70c7874324e13a494f1e6c067fd503c02bc9bb0943a1d53007d6a8e9f63094f46c09254462169beab1e0762e4996c9714d619eb4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 0b63c1132870a72d36e8bf87fad354f2 |
| SHA1 | 8f92fc171e4f86dae784d9324c3d35b93f75ec84 |
| SHA256 | 8d037e317f6ff628f06d04139f5bebd8d5c0607f7a756c38c15813a2af1d2ead |
| SHA512 | 3498331109c061b3565be5c1e0c89d0f2593c16bc3a1ccf6efa4a5e0835e48d7a4fe2712ed1249ccfe99b3a23e861a5f3478425b5346ebb482813ac03a946954 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | b60a19de20b83f4498340a5c32a6e74f |
| SHA1 | f1db6c7fef21ac433a356afd9105d1a3fa668592 |
| SHA256 | 61cac4ef86c0aca5d5fa5af54c934ce0311f1271d96739d28d533d53d7340fc8 |
| SHA512 | b8d3225a397d1fa00817d328e0e68cb1ac517099e19f070de2e8e5950b0c4babe6bbf1b93c7cddec82b96625d077bc8803da92d7af62330e4c56c774a3fe3f02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d45b57fb1620209e_0
| MD5 | fca45b5c373f6df874fab862aa847c38 |
| SHA1 | caf1515aad58d93fa384ff5ecae735968ea52f5d |
| SHA256 | 9afd5aa7634b557f80b3b9f7d19a09d8cbf7277c732e7a315db64f0ce8bf0838 |
| SHA512 | dbe06a612401f2b22a3d4915c70c8d1f516a60cb205d18d5fa79931f92bfe28b4e23a36a7f9231e02afc55879acc4d07916b87e7929fb22b21098b1170000958 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc5b98bd48413acebcd47ed8b1d637fd |
| SHA1 | 1b47a34b05697827ddf612c257c9fd6ef83eacf4 |
| SHA256 | e8b39d98ba0e37507f9765bd6ae8eb41a4358db89d5c19b8eb9fd29305765b8c |
| SHA512 | 0f862e76182dc1f084228734a65c23a2dda8ee6f75d5df11c137666abaf971f7b49f61321f294b60838635f4c701deb193854340e44973c7cf3d94a5476812ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 694399fb3e1a1a43a4769e5506145a82 |
| SHA1 | 40d389cb731983e4508d669292f87deb5239b4fe |
| SHA256 | 216fc674b0e54c0e724e1ec5b9f218ca04baf874310dc7bd4a9264a784b1535a |
| SHA512 | bfb648505926c19bfe5431b0c46b82cf687822c83b42d5bf2fd114acb3f127c50ea3b612accfeaf4971724da30cad3ff5fd79ac9266993736e17bdebfab64bd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8eb96e2ef821aa5050038ada886a0e86 |
| SHA1 | 062d5d6fda7e72e423b004ad5bde889a560fe400 |
| SHA256 | f4a0d826a3916beb072a7bc45ac58833af070f705f2a3a5d69d2a6eafd1d95f9 |
| SHA512 | 321862032ec023edbdd8cb3baec4713d23cb283b2de4afaacc49200bf65b9f9c0fb6f46a24d176f0728e0a7658b76080ff688f6f002df1caa03a23d4012e75f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2c7c55664c40a246af42e83dc6ad6749 |
| SHA1 | 171476d9b19f44fe4391a5435e448787a54e22ef |
| SHA256 | e3f2027082c839927ca97237f6900f0986b34c3a5eb0ebbf13a5474fdfc6931d |
| SHA512 | 21d300ab42feaafdc27f0ec6eba4eb9852be7255a611db52c354efe8a309f78d4253d53594a7ed53684b8722108110e2b8ac0b6a07e6ba76aab42bc30601836c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\132d9526479726f3_0
| MD5 | 9b8f25700e0f761ce141749edce4e1c6 |
| SHA1 | 8a1e57ca14f988e7f92d0d77e8882045334251af |
| SHA256 | 38ddbfda61e6baeb54fab653f325c91507a2bde0d18afce87f33fddefb871bf2 |
| SHA512 | ac4fe3bc7ee3786957a67828e90d0811d1c053727337d7f8c041d0b1f5656971d2d2f23f0272861e0ab289d5d6a59bad544ed82ced9749654bb99be5cf3d79b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9580a80c6f0c2b69ad8f137acb9bebe3 |
| SHA1 | 9724f1f5cca768af4cabeded815e88193d8ce0f4 |
| SHA256 | dd312150ed86878d8183ab201f9da973eee91161eb5355ded0d3b4aeb1d32e17 |
| SHA512 | 5fc69cb6f79aa22104f1686674bd797abeec2e9991508714e67fa957a02377edb63c4acdca842d5238c02490d64f2d91d85e4b321fd179f0d4f975c711102792 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 30c4649a01853ee7d9dd32fad5bf70a4 |
| SHA1 | 5cb0b7e511a273a40a13812c2730a6c6ba41254b |
| SHA256 | fdda6bfd869618d4d0bfa9ee612b0aec6b8ae20b6951ca1f20f3c2fc9ca3a61c |
| SHA512 | df7919c577da1b7ae70c9b57b6050611dcbe472296240363927ec196062afc4bdd0b461552246566312a32b053b89428de7ff15c2f6291e77a84a0613f6d5693 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 19:19
Reported
2024-06-11 19:25
Platform
macos-20240611-en
Max time kernel
259s
Max time network
295s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1"]
/usr/bin/sudo
[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1]
/bin/zsh
[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://www.bing.com/ck/a?!&&p=5e7d392c24e7c45aJmltdHM9MTcxODA2NDAwMCZpZ3VpZD0wNjg4MTA3NC1hNjk0LTZhMTAtMDk2NC0wNDJhYTdjZTZiOWYmaW5zaWQ9NTE5Ng&ptn=3&ver=2&hsh=3&fclid=06881074-a694-6a10-0964-042aa7ce6b9f&psq=it+takes+two+free+download&u=a1aHR0cHM6Ly9pdC10YWtlcy10d28uZW4uc29mdG9uaWMuY29tLw&ntb=1]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterBCBF2C69/OneDrive.app]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app]
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nfcd]
/usr/libexec/nfcd
[/usr/libexec/nfcd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.studentd]
/usr/libexec/studentd
[/usr/libexec/studentd]
/bin/launchctl
[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon]
/bin/launchctl
[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Photos.1876]
/System/Applications/Photos.app/Contents/MacOS/Photos
[/System/Applications/Photos.app/Contents/MacOS/Photos]
/usr/libexec/xpcproxy
[xpcproxy com.apple.colorsync.useragent]
/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent
[/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.2028]
/Applications/Safari.app/Contents/MacOS/Safari
[/Applications/Safari.app/Contents/MacOS/Safari]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Safari.History]
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
[/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.BADD390A-8FC0-4D6F-9582-CABB7AFB0D18 567]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.WebKit.WebContent.970BEB5A-4C34-4B58-806E-40349F7CF269 567]
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
[/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.Terminal.2100]
/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal
[/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal]
/usr/bin/login
[login -pf run]
/bin/zsh
[-zsh]
/usr/libexec/path_helper
[/usr/libexec/path_helper -s]
/usr/bin/locale
[locale LC_CTYPE]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | h3.apis.apple.map.fastly.net | udp |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.42.65.93:443 | tcp | |
| US | 8.8.8.8:53 | api.apple-cloudkit.fe2.apple-dns.net | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| BE | 23.55.96.225:443 | e6858.dscx.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | api-glb-aeuw3b.smoot.apple.com | udp |
| US | 8.8.8.8:53 | cds.apple.com | udp |
| GB | 184.85.51.234:443 | cds.apple.com | tcp |
| US | 8.8.8.8:53 | help.apple.com | udp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
| US | 23.220.113.166:443 | help.apple.com | tcp |
Files
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.colorsync.profiles.502
| MD5 | bca846b10984926473caedb5bd5bced8 |
| SHA1 | 7e1bac099573d0ea4812338b48a9efdf9b40ff57 |
| SHA256 | 5d0e7e6b46720ad9dd83593b410a7e920ae66f2a44b114045fbc9a00f8543c3d |
| SHA512 | 51b4ccd0042f78375c9835c2571053023883f6d42d50f54d5a9b2b9d968824320d48c705d38c50d177ffaab58d8047a24d65af8fa00cd89525d15510c8dcb17b |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Photos//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Photos//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/dev/ttys000
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |