Analysis Overview
SHA256
70bd92e383e9bb26f22eb5acd6bafbbda7e46272c7e4b524076c6131c5c1d555
Threat Level: Likely malicious
The file . was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 18:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 18:16
Reported
2024-06-13 18:17
Platform
win7-20240221-en
Max time kernel
80s
Max time network
77s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0B0CDFB1-29B1-11EF-995F-5A791E92BC44} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2292 wrote to memory of 2128 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2292 wrote to memory of 2128 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2292 wrote to memory of 2128 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2292 wrote to memory of 2128 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 108.157.52.110:443 | sdk.privacy-center.org | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 108.157.52.110:443 | sdk.privacy-center.org | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 108.157.60.88:443 | api.privacy-center.org | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab2A0F.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\Local\Temp\Tar2A60.tmp
| MD5 | 9c0c641c06238516f27941aa1166d427 |
| SHA1 | 64cd549fb8cf014fcd9312aa7a5b023847b6c977 |
| SHA256 | 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f |
| SHA512 | 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06 |
C:\Users\Admin\AppData\Local\Temp\Cab2F31.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar3139.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | aee21e6908624d41b50b5b61f8020ee5 |
| SHA1 | a10e90fb8ecf45029ee66cf1086b3eae4c3dc8b9 |
| SHA256 | fa127ca1ffd89315723c799f3abdf4b46407084383460bd82be0a872c66481b0 |
| SHA512 | 1dc6bc06adccf080fc2f5513615acd3a7e94150de4d43524b79ab874b3a9cf8aa9344034f3710c65513036d8d139a49df2fa56b3a3c4b95bbfd4f3c175fc2011 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d22eb40e82dbfb850ef6be08b9604cc0 |
| SHA1 | 94a809959bb11d630f2f9751c90a3ba0884fcdf0 |
| SHA256 | 318ccecd5d4d0d86ea73d49a2836131129d7be6b70255b728f2ba43ab0029387 |
| SHA512 | 4e76e0f4ee10b8e9f59c2bebe5770c82b77199f914df88df3e05f7c41e5acb39d0720a9b588d51ce01559366bf342a75cc903b3b51daeb4ed8b6fa352396f291 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6bfe5784e8b8df9c0ae55234454d809d |
| SHA1 | 5e3535c294867ad5e6199ae212d96f01cf5a3601 |
| SHA256 | 341c8923744c7329ea5794e74bb6648633fd3a87595f18283935f058055186f3 |
| SHA512 | a657b3d6190612ae594fe2c16b561c9ac52118f396cc76402a3d3e6bd6ba28afea3e21ddf86465b59fb222b03c8cb34b8e47d8cf212ca5934d7323558d247687 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea18dd406b5d8429431116c06ff9f268 |
| SHA1 | b32b9048de14293241c93f596e95878926c36d05 |
| SHA256 | 4b1589c709cebfb4f8a5e11321f5d7d068eba43d0ac3c01df6cfba6384efb39d |
| SHA512 | 4b731df43a15dcb6e87f7e4be96edc4fe1cb329cfd69e48cd1e859aa0b803c584eeded5ef682b86f93d37796263a0213c373b1b84d8c48725898ff813ca2955a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c4a6037e6818cc5fa32155aefacd08c |
| SHA1 | d3a1049fa247356eef6809fd95611b44e24552ad |
| SHA256 | f0cd1f4dea41909e8baa37e4e806c3e25ceb72d7b3d181a0ff1d0dfa855f1cf2 |
| SHA512 | 6a041d8be6eb6e1d2d677a4f768f6338ec2aeb2c92b869b2a36c6b2739404aa9afa3dd49762a960f93462245f0d8a5edf167f2839599261e512a38051695ec87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | cd6b4f6618285086bf13a295eb3e67ca |
| SHA1 | 55ad3940a35b870700aeba0ed6dbd1d6fc83bbb1 |
| SHA256 | 8092ba19ea40776bcfe3b4cb7ffde4c987ecd02e5824c276265ae20705819ac3 |
| SHA512 | 3f827453b36978f55d0e30b7552fc90b18419a875e81e0f84889d0c034239241b60f80b554fc652b62cb6388523da20b06ee66d5db6aa076a4e8c3251bb64153 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e55ed7e1131e69d83e72673ef3481d2a |
| SHA1 | d984409224265527505e9829c199de4c7bfdc486 |
| SHA256 | 2a728b47dec65f7b781be2e9552b03a7088650846ddb0cceeac074e6f8117b25 |
| SHA512 | 09bc538fb718b8439170defadd94730e69fa2a3decb2d357390f12de9045977a650b76aad5875c0914f240abb05ed8bcc7e95736d1945789e7f69ac9cf6027ae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4e4bb43cf1641de231c4cda88f0d5a9e |
| SHA1 | 29113d4b082f28d5297e27f3dc39cfce3fb1f937 |
| SHA256 | e64f5e44dcba31d7d0d9e8c30ef9ab694bdc3e638b1ac633d8adc1fa12737b7e |
| SHA512 | b9a0cff1c014ea1f9f4055808d664d45bde5d42e977c103d0ca0d6643732a0263492f043cd2708001325281188efa178f9de3e00909d0b67d6e390f096f161e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d84edc4a27b96c82d512ed4942bc49d7 |
| SHA1 | 65d122d48913f3d46972dbb074f298a3db6c2a47 |
| SHA256 | 443dc2eb2ceb72d93af8c7cb54ca6703e5b1eff044eac515c964e3cdfa800411 |
| SHA512 | 0e3759d5dbd2b82d330cb542d035153abde60b85aacf2e82b0bf6986a7afe91d03f421abdf6b91a20ecc0b049158a43f810c1731b199991c02f812b9bbba4190 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | ab8622ac03ed81cebeaff85072a41af4 |
| SHA1 | ae9917b1991274f07f184c9fc643e36e14e55aed |
| SHA256 | e1e7411612a0c29a22b5665b9aea37fe7d0844e402fd4113969f88843682386d |
| SHA512 | 62b76fa3b3d0f25be2bc26d480dba6328c6d92a05c628b8081270e79cb2714dfd6b34cb27c3e0ec9f2e94a8d162f8d02da28c4a9a3275565a0bb276a5fdbf05a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f157cb135a01ed63b21480990b01015 |
| SHA1 | d1dacab9e170e896f9ca1b73474264ca8ecfed1f |
| SHA256 | de1c6d1009d7ff5f287d37efc6830f6b9304e7f881366079e81102efc0b4f6fd |
| SHA512 | 17a846da81787ddd381db5c13b1e069d611a789a58e82b1c833b0563d79d738074350f8ad710978f53bcde6f942760bc4b02003090e5d0fd5104d0f9761e5071 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8e8f8bb2f611b315ffe7bd608edaa09d |
| SHA1 | 685aaf08db4599814d2c0c3e163162e3349aa136 |
| SHA256 | 18d5ebc83747b0ef706ca5b5db865a502e8d63a81627c1069a1d6a38a9d90c78 |
| SHA512 | 5b98fae0d857ff7f1bcf5c94525f684037e6139f6c6515f8eb0c28b7d00f69457d75f8e58fe74f3e5e02da0fe91ca588a506b55e12e40dfaaf1d0fd21ccdccf8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff3215cc527803b8969eb46443991441 |
| SHA1 | 2c0d68a54530eaaac3a9fb91055cc0b98dd43c3a |
| SHA256 | 2f3a126da7641e3d1c99951cbe53af635f4ea51360fc0e12471e9fe3fa703f49 |
| SHA512 | a87fa8554a77226d5a53d69169c8cac8f3525fe5c059f1eb22b88b65d150e4ee37fef29d8b0c514a4f851c1f2286ba8b17d46bdf5cb5e51441830616cc285bdc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 570ec9227e3bf30028ae1d1ef04340d3 |
| SHA1 | de3464686d8d6527e5cbe5dd51f8d7d700e08282 |
| SHA256 | 3c8299a03ed57f635526ace1009e9286807c31c6a410ea985d9add282fa810cf |
| SHA512 | 308d16f33357761edb5c8523e071525c1b4aa6477662a7c9602130baf96c7c3c9f6ce62f8a122a69be0adfe3ba97cad0e164539a4135b07fb189714837d62aaa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4c01098b89cae13788e25a791995fa59 |
| SHA1 | 331b27a305a2434e4018d5b9f26d46c0bb067120 |
| SHA256 | 2ea5ea933a83cef89d0cc097b512b572f78e58af2bae16df8ccd7e316e3629ea |
| SHA512 | ebeebcd9e51103b5a4e7934ed522ff97697b285b3d064388b700f0975725884b81127942b31e4d85e4d26c7d39454ac144018958575b86b97919cd17010895ac |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6dfdce12290b7f62a1553136a888c031 |
| SHA1 | 05612e7509187343d264152abbff319c15d19770 |
| SHA256 | f5a850930a145d57f0997580563e383eb0d4d6872762f96237e431afb29e9f23 |
| SHA512 | c19bf82ca6b40f96164184e022702e7304da8979de97fc9e5e8007109e621f28151612f3a191b689045924c5e20229082340d6d7f06c0dd0a8699f9e5f400ba6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 034e76353d2ab8267a8bdf169b5b34db |
| SHA1 | 01f2eac9f22568188c81ae8f78393292fa047209 |
| SHA256 | 690ec20e2aa607308dcefcc2bf793c3c4c9258c7b33a224655ff12fc2af7f147 |
| SHA512 | 12a1b5a9f1385763f9bfae6b8c16b6e3b03cf14cd73b88cbc7af215c7407d712f39623dfb6ad1462c4058123a4fb43a534fa5fee593f2b8d14d0e077565954d7 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 18:16
Reported
2024-06-13 18:17
Platform
win10v2004-20240611-en
Max time kernel
65s
Max time network
68s
Command Line
Signatures
Downloads MZ/PE file
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 367493.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeea1f46f8,0x7ffeea1f4708,0x7ffeea1f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9200 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8972 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x494 0x310
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1128 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 204.79.197.237:445 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 108.157.52.57:443 | sdk.privacy-center.org | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 93.82.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.52.157.108.in-addr.arpa | udp |
| US | 13.107.21.237:445 | g.bing.com | tcp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 98.52.157.108.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| GB | 142.250.187.238:443 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 108.157.60.88:443 | api.privacy-center.org | tcp |
| GB | 216.58.212.206:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | 88.60.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | desktop-goose.en.softonic.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 108.157.65.124:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 151.101.1.91:443 | desktop-goose.en.softonic.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.65.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| US | 108.157.65.124:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 108.157.43.23:443 | www.datadoghq-browser-agent.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.169.91:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 108.157.52.96:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.43.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 96.52.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | e2d889349b636ab7488a89d835d22b16.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| GB | 172.217.169.65:443 | e2d889349b636ab7488a89d835d22b16.safeframe.googlesyndication.com | tcp |
| IE | 52.16.203.89:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| IE | 79.125.42.87:443 | ad.360yield.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 108.157.43.155:443 | aax.amazon-adsystem.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| IE | 52.213.38.247:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.212.206:443 | ampcid.google.com | udp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | tcp |
| IE | 52.213.38.247:443 | id.crwdcntrl.net | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.203.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.42.125.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.43.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.38.213.52.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.157:443 | stats.g.doubleclick.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.235.86.144:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.72:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 144.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 199.232.194.49:445 | a.disquscdn.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 23.200.188.27:443 | contextual.media.net | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 162.55.233.29:443 | sync.richaudience.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| DE | 162.55.233.29:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.188.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 199.232.198.49:445 | a.disquscdn.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 2.17.251.11:443 | player.aniview.com | tcp |
| US | 54.162.33.171:443 | sync.srv.stackadapt.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| NL | 81.17.55.122:443 | ssbsync.smartadserver.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| US | 108.157.52.50:443 | api-2-0.spot.im | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| IE | 54.171.168.223:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 54.161.232.244:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.197.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.52.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.33.162.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.168.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.232.161.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 108.157.52.23:443 | s.ad.smaato.net | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cdn-download.avgbrowser.com | udp |
| US | 2.17.251.12:443 | cdn-download.avgbrowser.com | tcp |
| US | 2.17.251.12:443 | cdn-download.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.52.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.153.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.251.17.2.in-addr.arpa | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 23.200.189.62:443 | eus.rubiconproject.com | tcp |
| US | 23.200.189.62:443 | eus.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.189.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | www.patreon.com | udp |
| US | 104.16.24.14:443 | www.patreon.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | c5.patreon.com | udp |
| US | 8.8.8.8:53 | c13.patreon.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 172.66.40.196:443 | transcend-cdn.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| BE | 104.68.84.171:443 | appleid.cdn-apple.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 104.16.24.14:443 | c13.patreon.com | tcp |
| US | 8.8.8.8:53 | c10.patreonusercontent.com | udp |
| US | 8.8.8.8:53 | 14.24.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3be0c8061dc7921617dbf9e9fdcb7e9f.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| US | 108.157.52.26:443 | b-code.liadm.com | tcp |
| US | 172.66.40.196:443 | transcend-cdn.com | tcp |
| US | 8.8.8.8:53 | cdn.sprig.com | udp |
| US | 8.8.8.8:53 | 8876029.fls.doubleclick.net | udp |
| GB | 216.58.204.70:443 | 8876029.fls.doubleclick.net | tcp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 12325200.fls.doubleclick.net | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 216.58.204.70:443 | 12325200.fls.doubleclick.net | tcp |
| GB | 216.58.204.70:443 | 12325200.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.84.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.52.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| GB | 216.58.204.70:443 | 12325200.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | js.adscale.de | udp |
| GB | 216.58.204.70:443 | 12325200.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | o83571.ingest.sentry.io | udp |
| US | 108.157.60.69:443 | js.adscale.de | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.120.195.249:443 | o83571.ingest.sentry.io | tcp |
| US | 108.157.60.69:443 | js.adscale.de | tcp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 108.157.60.128:443 | cdn.sprig.com | tcp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| DE | 3.120.11.225:443 | ih.adscale.de | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.60.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.60.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.11.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.235.86.144:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.72:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | cd.connatix.com | udp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| US | 172.64.146.152:443 | cd.connatix.com | tcp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 104.18.69.106:443 | c10.patreonusercontent.com | tcp |
| US | 104.18.69.106:443 | c10.patreonusercontent.com | tcp |
| US | 104.18.69.106:443 | c10.patreonusercontent.com | tcp |
| US | 104.18.69.106:443 | c10.patreonusercontent.com | tcp |
| US | 104.18.69.106:443 | c10.patreonusercontent.com | tcp |
| US | 8.8.8.8:53 | 106.69.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | ins.connatix.com | udp |
| US | 8.8.8.8:53 | vid.connatix.com | udp |
| US | 8.8.8.8:53 | lit.connatix.com | udp |
| US | 8.8.8.8:53 | prs.sftcdn.net | udp |
| US | 8.8.8.8:53 | 32.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.siftscience.com | udp |
| US | 34.96.67.224:443 | cdn.siftscience.com | tcp |
| US | 52.86.181.185:443 | api.sprig.com | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.147:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | hexagon-analytics.com | udp |
| US | 34.102.232.42:443 | hexagon-analytics.com | tcp |
| US | 8.8.8.8:53 | 224.67.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.181.86.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.61.62.23.in-addr.arpa | udp |
| DE | 162.55.233.29:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | 42.232.102.34.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 81.17.55.122:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 89.149.192.245:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 157.90.33.72:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | 245.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| US | 54.162.33.171:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | telemetry.transcend.io | udp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 123.8.88.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 108.157.52.111:443 | telemetry.transcend.io | tcp |
| US | 8.8.8.8:53 | 111.52.157.108.in-addr.arpa | udp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | tcp |
| US | 173.194.204.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 120.204.194.173.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 81fd23ded0bee7e369f5a3ad2c1177f8.safeframe.googlesyndication.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.55.233.29:443 | sync.richaudience.com | tcp |
| DE | 162.55.233.29:443 | sync.richaudience.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| NL | 81.17.55.122:443 | ssbsync-global.smartadserver.com | tcp |
| US | 54.162.33.171:443 | sync.srv.stackadapt.com | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 35.214.233.248:443 | csync.loopme.me | tcp |
| DE | 18.158.126.136:443 | match.sharethrough.com | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.233.248:443 | csync.loopme.me | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 136.126.158.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.233.214.35.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
\??\pipe\LOCAL\crashpad_4700_HIAZNNXANUUDFDWP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d21c22a6d5dc7335c0245fa119e20a9b |
| SHA1 | a0d2a3e9bcfa13acdaf9211748b540726742d14d |
| SHA256 | f0bad64d0806624f4d6e22ff74c940afc70f3f454ce853b7a3325b4139e904dc |
| SHA512 | cbc491b408ca6fdf7f0fa95bdfeaf1540770330a78a23cc9f679b60931b63c654b166b4b285cecbf9280095d782096091801dee76a744e009ee0dd39d7a1fa34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f2561afc763564f9adb408d62fa9ca78 |
| SHA1 | b157595f4df1c75be0e4a0ed8f61be366a38662d |
| SHA256 | 3cb98b9b08f87a248df1d3d28b349e0f0e4b8f5982771bbf88c6364f63a8f623 |
| SHA512 | 1ce8bd2ae5b31f75bf15bcc22223c61d578edbd4213d9c59963a491f97ffeb40302b0accd0d82a3b5739aab133d68887a6afebd7d1cff0a53f257e92cbbc1594 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 58d8619c72a98019e7f445151bf655d2 |
| SHA1 | 5b19790b871c31ba80c9bbb5950bd47b6c22261d |
| SHA256 | 7679ae2fe1533c87d928f2df3a5e5b89eb6af4f927b869f2a45e23bbd235b686 |
| SHA512 | 0b74228acfe5cac8f4b050eb0e1c7158c2549e8a635ac7d4e5d90577c11db909bb7eff5614aa0af81cbcae5344b738561bc878e677a2043ae20a8d803d3928e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4c5bda8b44a7b3170966bf71449d5f7 |
| SHA1 | f0d2a6a606098b8749ce4ea5271e6ea000dd67b5 |
| SHA256 | 26e69911ef0ca6a403a30b4c36708ad9611b005beb5b44d6e107874cee20028b |
| SHA512 | 5d0e8bac679da0527f6eae49128ef7179d31f95758b9a0e28cc8ad1f9af2d986bb933276ef637e2b3f688012b2b5073af029f3e91f4500b55edcb8bde55ede1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b55f5b6926636b013759a1a9b78abdd7 |
| SHA1 | 2461c9ef94cd0d5f46fd3e43ab2fc30c7c7e8764 |
| SHA256 | 74fa022cb8f9ea98def40e87ec17995cb5640bd3f6be26f1253259663096c112 |
| SHA512 | e3cde87eca66cf7d17f59fa63e37f7b4cd2ca7153289a42d07eddcf4a25245676425f319d38836f9b191df8de5dcb8c87e5a87adf07aea4b91f4dc7c20dcaa1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579376.TMP
| MD5 | e57c81a0ed47ccef516736cc14589dc0 |
| SHA1 | bbd29be04b92c2761bec15036674ddb02fdd52cc |
| SHA256 | ea6e6a8006be733c3127396ca04542048e7f5a73c99f195d48e14d976108aa20 |
| SHA512 | 8035ab7ebb3441304ef7c553baf8163f4737bf5250547b2bf60b85de30320ed484b28bee4f33d4b0122bc34ab36f365c2760354906be9f13b20290deb5017752 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\Downloads\Unconfirmed 367493.crdownload
| MD5 | e126e85516c400f91c7faec6de177490 |
| SHA1 | 364d5712f99012549c4c0425bebc0c6cd6bba218 |
| SHA256 | 9742eb6f940a9bdc5a2f4323a0407ed7fc0903620a2fa3a3999a803b208ffd07 |
| SHA512 | 028e8b84b732750739a9eae771ea8706006377bf184c333ebae26ad9244e00aac769c6cde077bfe63b5e53ea7ef7fce4390e930982dc50b9cd049c0989c11f5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f9f79789748874bd1ab4b27fc819b909 |
| SHA1 | f814fb76d7e8b6e6abb653ebbce0349f0d21724d |
| SHA256 | a7ab1293f3017afb389d04057e469423b1c86750113c088950668d8c840a4be4 |
| SHA512 | e6a1ef7676822908433da05f1bb5f27c3aa304ce9d1074418a8d561c56851a3f41c23041ae346dff3089a3a995ad3dfa1406e43df0fadcb0c1b161e0fb899a2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | bd17d16b6e95e4eb8911300c70d546f7 |
| SHA1 | 847036a00e4e390b67f5c22bf7b531179be344d7 |
| SHA256 | 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352 |
| SHA512 | f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 19c73397068ded824edd2c5b13d0a9da |
| SHA1 | 7f0f149b66309aaba41974d524ca69390a34e4f2 |
| SHA256 | 8c93e33fb098c30a82d774c6a9db9aa92ea0e34586e907ed7d9d2935582c6100 |
| SHA512 | 8795cd26570fe65181d49676dd9cc9a8012bc22c3e505ac8ed8c1bea68ac7db7f77d6bade360a403a8d79cc4126ac18c2c10e3b83a163e3b42f2e3f60c32426e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 2155f385101771026a23f3dc2808c97e |
| SHA1 | 550ba8b46e714011059de97b0f672f0349dcf8de |
| SHA256 | 4641db11da9224b6da70ab3719915060084de315ad9037ca51c566d7d161dcd1 |
| SHA512 | 653fa69902507e82f884910143a60305e2b3c6e4d7ef411273c4ca2a67cb144ef9a367963bdefb1f45e21af4193393bfcc16ea599289b6f45c923884b3fe39f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 67e30bbc30fa4e58ef6c33781b4e835c |
| SHA1 | 18125beb2b3f1a747f39ed999ff0edd5a52980ee |
| SHA256 | 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba |
| SHA512 | 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | f18d4246fc5423e9031f844d080da486 |
| SHA1 | 74cece4848c3bbd8713725d352fcf9539958e636 |
| SHA256 | 955ea2967b4b2e13a1877aaa86aeac46b3471b34ba482fc9d901731524399226 |
| SHA512 | df615f5bae69cb0b1364b7d2d93553c45760da6fbac10bc86d479cacf8a7bf4a99b3a9b6b419508d437837024c0f3bdc39026a5b04badf24fee82143671e044c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 5990217fae1c446bb6bd6946fdd52a0b |
| SHA1 | 8cf2b3e3ac051185d7306c253a1b4e80ed7e0a52 |
| SHA256 | 5378ba25fb8919f2c019ce5ed2f815d40b150329f85dca1c7aade2a824a08a8b |
| SHA512 | d273eeaee674df43397f2805a1d51b25fdf0b3ff9be4dcf2e04f8135f120d0da643bdeb83659b49ffebe30b7883c0011436aeb8c628d859912451d13db0d3e77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 46c32c378c6f9acf8aa4287389e25b8a |
| SHA1 | 589025b6aeaf674e57025484f6e1c730efab22b1 |
| SHA256 | c0465d1a1a38789ad088b9f64d23cef95e7a61c84bfdec770053b419f4509ede |
| SHA512 | 37f6e682cb4f5eda791d9ff0c4967a5ef373fd60bdab4853b6b26b59e2a2b36b8b9ff557d3f8579c2682422217b6328275f06c30f5e6f7c39fcc04f28e0d673f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 92356d0513ca1b8d064a32ed5c03f331 |
| SHA1 | 9d115a0eef9a38663c9df6c8f3fae605edb37114 |
| SHA256 | 0033a94154e5b25943ce930a90d066f29c49e174e1feaf241d56c1be3514514a |
| SHA512 | 631d8da4b0df3143a2910ea82355718fb8c926600b3bdabaf19953f5209ec26df7710bb5cb64d420a40a635f93fdc90ae7c9e8b00f80bbeae4eaa9a620526013 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 42d9fcc7172456834d9e05605cfb999f |
| SHA1 | d1df0982a953011482b7cc5e97803a5fae290ba7 |
| SHA256 | 5029f1471e648ecdf5518199b5d7a6fdcf2dab7b9ba8367331b0836de3064575 |
| SHA512 | 5fc471dfd6cf0516739b40db211b4f1e0d3e27e7b53eb1e0c8d34f7ddf5d09ff520bd4c3b7baca993857fd462f184621391fed363a548bc7b50eee3b7ef6ade8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 60140bc834da90837a9a4d1530484677 |
| SHA1 | d99868b0693b332681b4db7927f3f11b3ed37607 |
| SHA256 | 29c0ba2fb11f5bbedff938e0d0a97da59f725cd153bc0c04f052419e779f134e |
| SHA512 | 448ddc49ab5128dfc0dc91ebe388d447e748848cd2f7dc15fe1fd0380a5436cc9872c32606d9d161d3648b20bff5eda0e48e8fb77c9293f3c0924ae89589eb37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | c52f3521639f61d058b371c90f7340a0 |
| SHA1 | 26cda00aa74d363215fe8e5de80878cf767d9747 |
| SHA256 | 98dadb40ba05b9079b6c7cfdcdce83a11764b15cee748e1d6b06ef13e94f1736 |
| SHA512 | ead5c9d264cb85f32a1e4e7ca84df51b2d8fcad89abe35b8a9e461cab914224e5ee9c3b0cbcaf720ffaf43566b9d9c958667024e0e6988f948640fd782ff3f23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | 30ff74ce0c649d32c9bbbd04237f0346 |
| SHA1 | e81456771bac1d93ef96e2f762632e5e29df0c97 |
| SHA256 | a6de697319623e1c287bdf0cb4360bf8533733be7b9cf3a4b4dd7a7ed79dc9da |
| SHA512 | 06dfd40b28e2ad5041036afdf3316cfac6abed367f5282fd3534ddd8b0b7a58bbc9f0f466111ae5e3e3d6d106a6c39a9382f952ff8ab3c1cb71763c6ee3c9583 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | 99916ce0720ed460e59d3fbd24d55be2 |
| SHA1 | d6bb9106eb65e3b84bfe03d872c931fb27f5a3db |
| SHA256 | 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf |
| SHA512 | 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | b6bccb44eee52c305e15fc4ffd07f25c |
| SHA1 | 42253c60ddfbd6a2042c67ab33669d8f71ca53f7 |
| SHA256 | f6600fa5a55813db44f67fca9454794b9cad4350e3df34046d8f26fcfdc71558 |
| SHA512 | c9e1b9c1c2357f7624e78af8c27631c02fd67a2f744126d6a5f1cada9cb74f2020eb633cbb81897736af1f1b676b26fd2174eea9ee1526e9971d4255d2257213 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f36e5532d785f9605ef541b976163a69 |
| SHA1 | abb7183085811d43faa1b04a77d6ea1759ad704b |
| SHA256 | a125951ea2180e45df66d9c7932c5140b6420a7f9c6edc58cf8b3e797d129b44 |
| SHA512 | 1369f8b5cfb8b6192808026ee4bf434447e8d6bbd300d7fee6c000f1d29f2da8e1b9f896d6649bf1eb8878dc0abb505e2ced4eacd60ede4ca44d38b0c1cbe722 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 94bb459e4870682c0d6e753d8c78be2a |
| SHA1 | 99d96cd4d0164d7ff49a73505eb3a6896a9874ce |
| SHA256 | c6eb424d7bcca76a75dfcf59be35c1eb28b660359ec582709348bcfc476a6ec2 |
| SHA512 | 6f8544cfc142e14548811e96e2ec5b8af32d84f7012c1c6e716a76a4785447352ef847037fd19baac64e2214e7127273408c4f70e4c7bb0fad295184dd8c1e0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.patreon.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 7651b1187bb58ac4c7be625337b35e5b |
| SHA1 | 307d969ef4137a66fe2793737dc1c546587c7f43 |
| SHA256 | 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968 |
| SHA512 | a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | dace61eaaa55a7d9d27b8932bf1cc986 |
| SHA1 | 8fb9a5d09f6977d5793a6c90b8314c96a23b374a |
| SHA256 | 1f3f5cb67bdc77cae9cbf2cf8643df1898723bc32f9508278ae0247069464bce |
| SHA512 | 2ccc57c3fe32b274d3cc102221310089e33ea798d0330208e71bc127f2282bf332c2fb32b535ce8bacf963a0e628194b1dc41897b94d6b46226f9e83d6b4229b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 1bb95f13058c4777fd67eda0391db26e |
| SHA1 | 741ead07b0a544972865db72f5fbe3dffd47f630 |
| SHA256 | 526eb3bc623675ebf2484aeb597d3b4da9ce3d3aa7adddb7f60607f85d557b38 |
| SHA512 | ada0704437a965adc5fb2530fefc53be57ccba25a3b480e1ac1751c02855c3d91a1c651c3b96a471b263ebcbc78a6283d7440d253db26636320cf365d8ff7a51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7ac6aa68a7082f585d7bba27e8a90c04 |
| SHA1 | f88ec5055795e6021774a1e17e1a4cb77f8a4906 |
| SHA256 | 444b1a5839349f69151bd25b5a81b4c8e1b120d55bc101750a6633ad17b1cd4c |
| SHA512 | cf94c83d2509b500237d5d192991607915f9a83e3667dcad490d5faf7f997fc94a0565ac931176b96e4d42230118632a2e66e4e36fd9bd8bd1961b262eedf046 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e2b72cebf04404409142a0097654d211 |
| SHA1 | eac31162b958e9da01cba70a2ae7f7c94b5d5a7e |
| SHA256 | 55a682f9a167891f106fa65506f4dc1694f8962fc441c5d2118c181d2acc1b7e |
| SHA512 | fd9f4eca1375dec5db0163b17d74d0af640497d23be8bde3069d4aaadf5b550eeb838532a89545bebd2d21b878a4e5fe43c04cfd3a84236819c2d7df22b55759 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | f3a88ccf0ed09bce753f2165d6185415 |
| SHA1 | 262a7c8dfbfb47c95019295f96f64e5e5d265e68 |
| SHA256 | b4c82b5ee32e24af3ee0fd5591b385a4523de67d960f061d0e3986b87cdfb1fc |
| SHA512 | 46a411171e3f1da9230e0508281ffce342977c28b4ae1b170c8241b649f7453231306f89c399ac9e1007f9ce2e8b764fcd2a47647fef20b79c1690121fc0916c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | ec9c7b59e7eef86599f33d632b58978e |
| SHA1 | f35003ce7b7cecd4043443010a9ef8a594510d08 |
| SHA256 | 2408da66dc7f2f50c1b5a8617239c4a313ccfaccef54a17996f9196d70882e10 |
| SHA512 | a254f4253f4e30445f11b206741e238ec5973708e4bba2435f8f09f8c0ef513240f1ba2fd082082a389e74b789fc40bfe523c9ee58647270f0141e5ab0481f0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 50b1f14f193f35811ec58f91f5c4f7da |
| SHA1 | 1e6e1b7e2deb3ab4ef7860b874a8961d3b1b6035 |
| SHA256 | 2fdc887f54eef402d7da4c93776e26802bacc86bc1bff54a10ec2b0bb1decf76 |
| SHA512 | bf47d250c61f66a3a3e91d3b1629eda25058e4e2adf341e410b75c3121ab9cd3455cadc991248afebbed56ddf18e5483db7f089823c780e05ad5f8624e54792b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | a3e87450db1309155a4d830bb7095f1e |
| SHA1 | eeb9e7f2c991847c371ca6caa661ddf911fe6ad4 |
| SHA256 | 9d956815ed5d48df74721d374c7c22197fbe58d595e51104d8fdd35d280cadeb |
| SHA512 | 3b57e900cc9fcabdac2fae6aafa9d34f8d6c5e914c7ab7800c586c6f9f82f29a9896bc90a8bf900ce20747ba30fdfeaea9bbb577075a7b4a4c1d3848f7bfabd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | b49acf5d39985984fc16e0eb85c7d8ef |
| SHA1 | 3388d723f151cf5a3ec918ce83d425d3e1e77b55 |
| SHA256 | 122e5b62a149725711295d81dfe5d549fdfc295f3fbec7aaeca8808b7a8d4347 |
| SHA512 | eb8500e313e0b8637128f3bcbeffccd458bf624a539721fb8e8831d4ce36f536be3e4073a68e1840858dabec9f7711193aecdb3c7f81eef069a3e58f398ad7bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | b20aa323cc40714a5c7f6c136ed7e6d5 |
| SHA1 | 338423d25893565290866c3f8f79bbfbc0b7f7df |
| SHA256 | 73189d896573869befb24659e53ca2cf9171d2600dc1ead051f59a9acbd18dae |
| SHA512 | 0ffd6b31ff5740064786ffe6a2be12834d621971df806def5b0684b757a9d994530078209a8ad222c780febde9172a7d451012ce9d171a30dd44c214878ca3f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 9519cff03f3481635ee3eea90c2eb56a |
| SHA1 | c9d9e82a8aa9864cf76bcfaff770582b8c7f9fff |
| SHA256 | 32415d1c70e7a363ddfdffdf57dec75bebebdd76b359edd1667815b5530d67a2 |
| SHA512 | 93cf77d41440e857a32fcccb929a1bc972b08fb40deb5b7b85825011ac977fb7b708348a2480da9a2a8198e31059e80c18983070792292239ff44b0ebfce8a02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 23dcc3773915438f381674692b8f328c |
| SHA1 | b9de92da2b7f1a79c289a620ff5efd91bd6e39a6 |
| SHA256 | 2ed7de2f938f78b7467dfee6287921ca9977542a0181506180b2cac931b905df |
| SHA512 | 28aa713501b43b23586601bfd51a9b569f1014acaae1800a0103de5e26ab5ad721aabc197a15811a92157dc2f709bde8265c4e83bf596ff4fd68c0b9a6df8a75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f0021e6c1f19b93_0
| MD5 | 14d3aac3dbe58cba14df373d8ac8dec9 |
| SHA1 | 176e8643cea0038f7a2d94648977d04809edb06a |
| SHA256 | 9534a3a1bd5173d979f74d2097f7cfa09cf9f64816d86c46302ed02977dd813a |
| SHA512 | a703b247f3b9dff1c00ce7b28cc3c90aa33c64a6c0d7ae049123c749373e48dddf3216555aebc92ecebed8bbfe90334021de1d0a3f4137d133cc9908e5cef725 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b6e7d76e3b07b95_0
| MD5 | a80485415c9672907c7fa5b73487fb2d |
| SHA1 | 9a38239e1acca433f0c9598e1631710bf107b58c |
| SHA256 | 851d5b7d6f744cbf34cb93b4b94b391559be6d4e03e2a1ac0e3017909bd4e5a8 |
| SHA512 | 3401216fa258e96c8264e9d108d097a5fd3f1867a430e2aef7bddb1d7ebd6b3df9973e6967914fd08272a000596e1e3a2d6ccaa82e1552e06a4f0346e387a302 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bde96c0685c92d67_0
| MD5 | 1aa5ca8733e1b50282ffb3b53dd0745f |
| SHA1 | 346aa66242dff125478940862b502f7617b7f22d |
| SHA256 | 62dee4607662727ce1dc110e20992fbf4d12875833eab9c5367b241fb149cbbe |
| SHA512 | dd2e04e7b67b320a01280c79d87aa2742bec40ce4cfa268782062c370e786d71e4c38d54ad33780b46317e0419afe247159883a34e7c3c07705bc82e865d6f9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca2410793d2f35d26ca4cd258ee6c800 |
| SHA1 | 0bb68fd54bb22cdd60200cb7fc6e191d17cf2497 |
| SHA256 | ef7b436bfa109976d334e3ab9a643852b888e34743db1096833546b009ac5f34 |
| SHA512 | 7707ceae9db835de04c278c0a576d199a0f166d7edd5bb2355cc5920987d11d59a1e423dedb5bb8f09f82845737dde86b55416e8adae704b0d2afc23f78da8e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3611c87f7760026ccd44f51a752b5063 |
| SHA1 | 48fdb568a08474b45a61969b4156ed20b3f7b5e4 |
| SHA256 | bba7bac6c1dfe006a2176e00122b25572ebe9d06b122252fd494f708b8cc6b55 |
| SHA512 | d27e6ba843d187d470672450c332bc77d3d5415d29e84b845aca6e81339bdc44baa120c8db13166b8b8ed1e4aa4054646d8ee2eb15cf103727fb04c63d416ebd |