Analysis Overview
Threat Level: Known bad
The file https://file.io/D9WhMOGyRMZW was found to be: Known bad.
Malicious Activity Summary
AsyncRat
Async RAT payload
Downloads MZ/PE file
Drops file in Windows directory
NTFS ADS
Uses Task Scheduler COM API
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: MapViewOfSection
Checks processor information in registry
Modifies Internet Explorer settings
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-14 08:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 08:22
Reported
2024-06-14 08:25
Platform
win10-20240404-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
AsyncRat
Async RAT payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = d0861f0534beda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "641" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-087602 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 4 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\FileVersion = "2016061511" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1b6bd70a34beda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "540" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "233" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 69bf580534beda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Telligent | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = bcebe30434beda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Discuz! | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B72164 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory\NextBrowserDataLogTime = 005bb56b66beda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\NextUpdateDate = "425166918" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-873560699-1074803302-2326074425-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\XanaxC2_Client.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://file.io/D9WhMOGyRMZW"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.0.1831042537\968479150" -parentBuildID 20221007134813 -prefsHandle 1696 -prefMapHandle 1688 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd6e350c-4fea-4e68-9150-0371c992678b} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 1776 184a7ebce58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.1.719318916\1639385484" -parentBuildID 20221007134813 -prefsHandle 2120 -prefMapHandle 2116 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fab212fe-ca33-4253-a869-229d48e8335c} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 2132 184a7a30b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.2.1198999058\740630464" -childID 1 -isForBrowser -prefsHandle 3056 -prefMapHandle 3052 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {34bd7518-6126-4a4d-aa91-6257a1ab05f3} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 2664 184ac1b7658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.3.1846037014\1592847535" -childID 2 -isForBrowser -prefsHandle 3492 -prefMapHandle 3488 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f05999d-37e5-466e-82b6-966d27bdebd1} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 3504 184aaae2358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.4.664819868\1149369258" -childID 3 -isForBrowser -prefsHandle 3708 -prefMapHandle 3704 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6fb9411-b382-4756-88e2-98e2c17384be} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 3688 184ad4c3858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.5.215649204\1258364430" -childID 4 -isForBrowser -prefsHandle 2712 -prefMapHandle 4516 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a613bbf7-693a-4876-adc2-3b37e859caef} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 4752 184ae4e4a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.6.2083493442\632074037" -childID 5 -isForBrowser -prefsHandle 4952 -prefMapHandle 4940 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {306bef9f-599f-4d71-ba3e-b20525e57811} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 4944 184ae4e5658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.7.579877\1109983408" -childID 6 -isForBrowser -prefsHandle 5136 -prefMapHandle 5140 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {12903855-5ffe-4dbb-9979-4a914ddf5a95} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 5124 184ae4e4758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.8.1257791011\28913599" -childID 7 -isForBrowser -prefsHandle 4572 -prefMapHandle 5504 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2bd88d83-d15d-438d-8ff1-53448d5884c0} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 5316 184af93b758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.9.406438050\2023567859" -childID 8 -isForBrowser -prefsHandle 2852 -prefMapHandle 2688 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d6dd3673-b382-4c90-9325-5a103f66c2aa} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 2872 184a8190958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.10.1919019194\450550011" -parentBuildID 20221007134813 -prefsHandle 2576 -prefMapHandle 2596 -prefsLen 26424 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {23c8ff6a-aca7-4729-bf0d-394862eb27ac} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9552 1849ce64458 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.11.457726099\1574263230" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 4264 -prefMapHandle 4244 -prefsLen 26424 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c008093f-9c89-4903-9b1c-f87800a5e008} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9560 184af9d1558 utility
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.12.1776096037\2832388" -childID 9 -isForBrowser -prefsHandle 9364 -prefMapHandle 9360 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a530d64d-6d58-4c55-a960-027dc73b2c77} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9352 184b1efdb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.13.189902490\1145753764" -childID 10 -isForBrowser -prefsHandle 9204 -prefMapHandle 9200 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c5b6cc86-5d09-4883-88f3-120d6f8ac5a2} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9212 184b1efde58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.14.2120774110\670722086" -childID 11 -isForBrowser -prefsHandle 9008 -prefMapHandle 9004 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {17f42684-7e07-4360-9001-676c08c283da} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8920 184b21ca858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.15.18212573\158055637" -childID 12 -isForBrowser -prefsHandle 8628 -prefMapHandle 8740 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d31561c-f722-46ed-abd4-6f5252a77c76} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 4992 184b2742858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.16.183492210\531238558" -childID 13 -isForBrowser -prefsHandle 8708 -prefMapHandle 8716 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4870a5ec-c29b-4525-9d52-806a688dd718} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8656 184b2743a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.17.390224349\698108459" -childID 14 -isForBrowser -prefsHandle 8216 -prefMapHandle 8232 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a791c614-4203-4c53-b4f3-4cb0474c91f7} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8204 184b2af8558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.18.117752749\1426715150" -childID 15 -isForBrowser -prefsHandle 8060 -prefMapHandle 8056 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c196b735-68be-45ec-9b4f-d34accb10f41} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8072 184b2eb7f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.19.1755382416\1647834265" -childID 16 -isForBrowser -prefsHandle 7920 -prefMapHandle 7892 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {72c04e25-7db8-45e7-b2bc-f1848eda2345} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8548 184b0bf9558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.20.1136095614\527821979" -childID 17 -isForBrowser -prefsHandle 8548 -prefMapHandle 4396 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a36ca22-0e07-474e-88f8-eb924444b8a4} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8528 184b331e058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.21.1800375272\1786175395" -childID 18 -isForBrowser -prefsHandle 7920 -prefMapHandle 8932 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4098d4c9-1404-4deb-8871-02e0105a7a6d} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9228 184b3395a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.22.232660865\684183972" -childID 19 -isForBrowser -prefsHandle 5352 -prefMapHandle 7756 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {80b7c573-6a4e-45e4-9912-d97643807ab4} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 4596 184b1c60a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.23.1885649276\1376028586" -childID 20 -isForBrowser -prefsHandle 2808 -prefMapHandle 4180 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {31c24c1c-3248-4652-a6ba-ea0552109bc4} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7816 184b1c61358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.24.1872160884\1386769653" -childID 21 -isForBrowser -prefsHandle 8808 -prefMapHandle 7816 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {65844639-8a76-4d9a-86d9-37ae9f711fa8} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8892 184b1c61f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.25.856725843\685219275" -childID 22 -isForBrowser -prefsHandle 2644 -prefMapHandle 4972 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d27fd7ad-a262-4bed-b35b-cb8088fd0c11} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 6456 184a9991b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.26.1654464477\746296339" -childID 23 -isForBrowser -prefsHandle 5660 -prefMapHandle 4964 -prefsLen 26464 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d735085a-029f-49c0-b671-8249378ef4c7} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 5248 184b2256a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.27.1491198591\1788803678" -childID 24 -isForBrowser -prefsHandle 7568 -prefMapHandle 7564 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa0d1d43-a26a-43f2-aaea-5a0ee07fc77f} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9632 184b2592758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.28.1132902127\1659103104" -childID 25 -isForBrowser -prefsHandle 7396 -prefMapHandle 9616 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a3189aa-f307-4a7a-ab3a-2cb08d25105f} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7408 184b2eb8258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.29.357578349\2093690286" -childID 26 -isForBrowser -prefsHandle 7772 -prefMapHandle 7776 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd775bec-225f-4f8c-be45-b9c9e3dae437} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9332 184b351ec58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.30.1348767865\1755696847" -childID 27 -isForBrowser -prefsHandle 7200 -prefMapHandle 7196 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7fd38cc5-75f3-41d2-b25b-6a28d854130c} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7208 184b351fb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.31.1239922097\341501155" -childID 28 -isForBrowser -prefsHandle 7684 -prefMapHandle 8948 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {838acf1e-e3bd-4c77-9470-9d57f8ef7e76} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7052 184b3c58758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.32.579390148\2133043357" -childID 29 -isForBrowser -prefsHandle 8416 -prefMapHandle 8420 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e511a110-5473-497d-b8c8-d1dd056bbda3} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8408 184b3518c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.33.357879991\694309852" -childID 30 -isForBrowser -prefsHandle 5248 -prefMapHandle 3820 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7167cd14-51eb-41cb-b18a-6f3eb6f19de7} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7436 184afc72758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.34.1405566857\1454135331" -childID 31 -isForBrowser -prefsHandle 3896 -prefMapHandle 3884 -prefsLen 26729 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f612197b-7ead-45ec-94ff-4818e6eedaae} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 9808 184b1c5fb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.35.360091319\1168904025" -childID 32 -isForBrowser -prefsHandle 7208 -prefMapHandle 8336 -prefsLen 27499 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a9da42a-d538-4aaa-9483-742d1b5b806d} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 7972 184ae4e4758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5408.36.113679451\1743848430" -childID 33 -isForBrowser -prefsHandle 1588 -prefMapHandle 8552 -prefsLen 27499 -prefMapSize 233444 -jsInitHandle 1224 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aba87265-4b3a-404a-8269-1560ac4e5e22} 5408 "\\.\pipe\gecko-crash-server-pipe.5408" 8664 184b0c44058 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| BE | 2.17.107.153:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | ocsp.r2m02.amazontrust.com | udp |
| GB | 143.204.67.183:80 | ocsp.r2m02.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 29.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.178.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.216.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.67.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| GB | 143.244.38.136:443 | hb.vntsm.com | tcp |
| GB | 143.244.38.136:443 | hb.vntsm.com | tcp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | polyfill.io | udp |
| US | 104.18.52.27:443 | polyfill.io | tcp |
| US | 104.18.52.27:443 | polyfill.io | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.52.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 151.101.1.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 151.101.1.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 108.177.15.154:443 | stats.g.doubleclick.net | tcp |
| BE | 108.177.15.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.47.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.15.177.108.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 178.83.221.88.in-addr.arpa | udp |
| N/A | 127.0.0.1:50646 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 44.232.194.163:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.194.232.44.in-addr.arpa | udp |
| GB | 18.245.218.29:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| N/A | 127.0.0.1:50652 | tcp | |
| GB | 143.244.38.136:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | vmhb.b-cdn.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | vmhb.b-cdn.net | udp |
| GB | 143.244.38.136:443 | vmhb.b-cdn.net | tcp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | hb.vntsm.io.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | hb.vntsm.io.cdn.cloudflare.net | udp |
| US | 151.101.129.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 108.177.15.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| BE | 108.177.15.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 194.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| BE | 108.177.15.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.exelator.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| GB | 143.204.176.125:443 | cdn.exelator.com | tcp |
| US | 8.8.8.8:53 | dfh8hwrwbxm35.cloudfront.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | dfh8hwrwbxm35.cloudfront.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | mydmp.exelator.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| US | 8.8.8.8:53 | load-euw1.exelator.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | load-euw1.exelator.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | load77.exelator.com | udp |
| US | 8.8.8.8:53 | onsite-tag-logs.apps.nielsen.com | udp |
| GB | 108.156.39.61:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.53.174.156:443 | e4536.g.akamaiedge.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| GB | 23.53.174.156:443 | e4536.g.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | nmcapps-onsite-tag-external-alb-315845598.us-east-1.elb.amazonaws.com | udp |
| GB | 195.181.164.21:443 | load77.exelator.com | tcp |
| US | 8.8.8.8:53 | 1605158521.rsc.cdn77.org | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | nmcapps-onsite-tag-external-alb-315845598.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 1605158521.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 3.222.86.168:443 | nmcapps-onsite-tag-external-alb-315845598.us-east-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | convex-rr.global.dual.dotomi.weighted.com.akadns.net | udp |
| NL | 63.215.202.146:443 | convex-rr.global.dual.dotomi.weighted.com.akadns.net | tcp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | convex-rr.global.dual.dotomi.weighted.com.akadns.net | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.86.222.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| GB | 18.154.87.148:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| IE | 52.17.245.47:443 | track.venatusmedia.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.87.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.111.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.245.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| US | 172.64.144.78:443 | elb.the-ozone-project.com | tcp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | hb-api-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 34.120.111.33:443 | cdn.edkt.io | udp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | hb-api-fra02.omnitagjs.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 69.166.1.64:443 | iad-2-apex.go.sonobi.com | tcp |
| FR | 185.255.84.150:443 | hb-api-fra02.omnitagjs.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| DE | 3.124.64.248:443 | eu-tlx.3lift.com | tcp |
| DE | 18.184.231.156:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.231.156:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.231.156:443 | btlr.sharethrough.com | tcp |
| DE | 18.184.231.156:443 | btlr.sharethrough.com | tcp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid-lhrc.pubmnet.com | tcp |
| US | 8.8.8.8:53 | 78.144.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.231.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2b30cc5ea7dc7aa09ed89b20768635bc.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| GB | 172.217.169.65:443 | 2b30cc5ea7dc7aa09ed89b20768635bc.safeframe.googlesyndication.com | tcp |
| SE | 23.34.233.243:443 | tg1.aniview.com | tcp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| GB | 172.217.169.65:443 | 2b30cc5ea7dc7aa09ed89b20768635bc.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | track4.aniview.com | udp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 96.46.186.186:443 | track4.aniview.com | tcp |
| US | 8.8.8.8:53 | track-sc-was.aniview.com | udp |
| US | 8.8.8.8:53 | e16009.dscd.akamaiedge.net | udp |
| SE | 2.21.96.67:443 | e16009.dscd.akamaiedge.net | tcp |
| SE | 184.31.15.24:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | a1970.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | track-sc-was.aniview.com | udp |
| US | 8.8.8.8:53 | e16009.dscd.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a1970.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.96.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.186.46.96.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| SE | 23.34.233.243:443 | play.aniview.com | tcp |
| SE | 184.31.15.75:443 | content1.avplayer.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| SE | 184.31.15.75:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| SE | 184.31.15.75:443 | player.aniview.com | udp |
| FR | 185.93.2.251:443 | cdn1.vntsm.com | tcp |
| US | 8.8.8.8:53 | cdn1-vntsm.b-cdn.net | udp |
| US | 8.8.8.8:53 | cdn1-vntsm.b-cdn.net | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | go1.aniview.com | udp |
| US | 173.0.146.6:443 | go1.aniview.com | tcp |
| US | 8.8.8.8:53 | go1sc.aniview.com | udp |
| US | 8.8.8.8:53 | go1sc.aniview.com | udp |
| US | 8.8.8.8:53 | 6.146.0.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| NL | 89.149.193.100:443 | ssbsync-euw1.smartadserver.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| IE | 52.214.238.79:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | 100.193.149.89.in-addr.arpa | udp |
| US | 52.206.62.85:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | 79.238.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | zeta-ssp-385516103.us-east-1.elb.amazonaws.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | zeta-ssp-385516103.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| IE | 34.242.124.109:443 | delivery.redpineapplemedia.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync-sc.aniview.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | sync-sc.aniview.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| SE | 23.34.232.182:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.62.206.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| NL | 145.40.97.66:443 | am6-prebid.a-mx.net | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| SE | 23.34.233.229:443 | eus.rubiconproject.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | e6115.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a-emea.rfihub.com.akadns.net | udp |
| NL | 35.214.149.91:443 | user-data-eu.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | user-data-eu.bidswitch.net | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 35.214.149.91:443 | user-data-eu.bidswitch.net | tcp |
| US | 52.71.174.196:443 | sync.srv.stackadapt.com | tcp |
| US | 74.121.140.211:443 | pixel-origin.mathtag.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | e6115.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | 109.124.242.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.174.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| GB | 108.138.217.66:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 96.46.186.15:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | track-sc.avplayer.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | track-sc.avplayer.com | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | load-euw1.exelator.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 69.166.1.64:443 | iad-2-apex.go.sonobi.com | tcp |
| DE | 18.184.231.156:443 | btlr.sharethrough.com | tcp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| US | 8.8.8.8:53 | c0344134de68d251060bf30d01a7d88e.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | c0344134de68d251060bf30d01a7d88e.safeframe.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | c0344134de68d251060bf30d01a7d88e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 108.138.217.66:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 52.71.174.196:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 69.166.1.34:443 | iad-2-sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 34.206.62.224:443 | qvdt3feo.com | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | 1.cpm.ak-is2.net | udp |
| US | 8.8.8.8:53 | 1.cpm.ak-is2.net | udp |
| US | 8.8.8.8:53 | 34.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.62.206.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| GB | 18.164.68.59:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| NL | 89.149.193.100:443 | ssbsync-euw1.smartadserver.com | tcp |
| US | 54.161.232.244:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | imgsync-amsfpairbc.pubmnet.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.232.161.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | udp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.9:443 | widget.nl3.vip.prod.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.251.183.115:443 | match.prod.bidr.io | tcp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.18:443 | imgsync-amsfpairbc.pubmnet.com | tcp |
| IE | 34.255.106.93:443 | jadserve.postrelease.com.akadns.net | tcp |
| DE | 18.197.7.178:443 | rtb.mfadsrvr.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| SE | 23.34.233.229:443 | e8960.b.akamaiedge.net | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.183.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.106.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.7.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 89.149.192.244:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.5.132:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.nl3.vip.prod.criteo.com | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| TW | 172.217.163.35:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| SE | 23.34.232.19:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| TW | 172.217.163.35:443 | csi.gstatic.com | udp |
| SE | 23.34.232.19:443 | hbx.media.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | 35.163.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 19.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 88.221.83.208:443 | www.bing.com | tcp |
| BE | 88.221.83.208:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | prod.balrog.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| NL | 2.18.121.73:80 | a19.dscg10.akamai.net | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1---sn-aigl6ney.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | 73.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| FR | 51.178.195.209:443 | euw2.smartadserver.com | tcp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 200.79.70.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | e11385.dscd.akamaiedge.net | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
Files
memory/2900-16-0x0000018C03320000-0x0000018C03330000-memory.dmp
memory/2900-0-0x0000018C03220000-0x0000018C03230000-memory.dmp
memory/2900-35-0x0000018C02510000-0x0000018C02512000-memory.dmp
memory/924-44-0x00000218C1640000-0x00000218C1740000-memory.dmp
memory/1452-79-0x000001A0567E0000-0x000001A0567E2000-memory.dmp
memory/1452-77-0x000001A056720000-0x000001A056722000-memory.dmp
memory/1452-74-0x000001A0462F0000-0x000001A0462F2000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
| MD5 | 86075c6fb7717f5dab9b7ad453715734 |
| SHA1 | c3d1af76e76d8d200145334b187aa07abf902938 |
| SHA256 | fe7e5c5999c62d6115ce9eb006c3c5012118e13950094e98a11500c5587cc31f |
| SHA512 | 8be2958870b23732d458517697d1b53f73deab563e60b1affe7b02e237c908b3ba5feae78cd6fd655e052737b090db1f696e2b6ecc3a5f61ac2cc11cdedc4326 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
| MD5 | 822467b728b7a66b081c91795373789a |
| SHA1 | d8f2f02e1eef62485a9feffd59ce837511749865 |
| SHA256 | af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9 |
| SHA512 | bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6 |
memory/1452-86-0x000001A056B00000-0x000001A056C00000-memory.dmp
memory/2900-173-0x0000018C099B0000-0x0000018C099B1000-memory.dmp
memory/2900-172-0x0000018C099A0000-0x0000018C099A1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\TGFYS00V\favicon[1].ico
| MD5 | ed885416386e5d652b8a740a39d83190 |
| SHA1 | 21566c30c29f5bb3f3c837ff85220fd0cc90952e |
| SHA256 | 3f536bef77664cfc9422814bc241691947ea3a91fac3d62b0ccdaa086a8a5d6d |
| SHA512 | 7eb82e6a0d72afadb92148d0747c590b0cc3d959bba326ebc686f4652d4dd7e4699ec8e8a4152dc763a9d3a1efe933fb461ea3637058ec03e073f6caf5ea5d97 |
memory/1452-282-0x000001A057780000-0x000001A0577A0000-memory.dmp
memory/1452-334-0x000001A046400000-0x000001A046500000-memory.dmp
memory/1452-364-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-361-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-382-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-381-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-380-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-379-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-378-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-377-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-376-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-375-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-374-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-373-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-372-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-371-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-370-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-369-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-368-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-367-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-360-0x000001A056700000-0x000001A056710000-memory.dmp
memory/1452-362-0x000001A056700000-0x000001A056710000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3ETVNPW\ad-manager.min[1].js
| MD5 | 040738271af08e180449d09eee5ffa7a |
| SHA1 | b3b53599c61f927e44c5c2b184559ff6441afb40 |
| SHA256 | d662d943d609cbb91b9b3c80a45d7aca1b8db65200245608d67b8bbb7b3c85e3 |
| SHA512 | 46b4951653f75187f292b388574880b50212ce3a728ba28d1a55280a2e81d93f08f4868f9a96dc882e875ba2eb66c0082b8360827859fb04d8f574da201a5a98 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\31H7MM5A\polyfill-63fd3a7531a392260f25[1].js
| MD5 | f23b09327d4b80c6636930bf043c71d7 |
| SHA1 | c2d41f4954848174e11545bf93a2ea05b1fa5db4 |
| SHA256 | 613dae54af07f872c215baad14c9d9ef74f70193506a71a4029112fcec403822 |
| SHA512 | 3b521532e015774d071babc37e1dcf304302c12b946e194d1c52f1ce5d1e2e76799131c5c2860d92363c84008f3892278aaae4d74d65cc8402cea91f0960d76d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3ETVNPW\js[1].js
| MD5 | ec4b1282936db966420782d5987bad19 |
| SHA1 | 50f8343e393903aea965e4abed4e6972e780168a |
| SHA256 | 8a0366ecd508d88e70085c64f085c69bd09465cd8524cd2080b71a61bcde544d |
| SHA512 | 0f1cedde41d96f5e633a6b383943f29adacf065b8a6f087da396e94bd10874d3aa25ab29bf9525ac87c38773b63c75a8e4b01f3cd77daa6a4162041a29958c4e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3ETVNPW\app-ce1c3df6a1080a0c9f36[1].js
| MD5 | ee554025a765570fd938eaf7853e81ad |
| SHA1 | dc72c37f842ee0990f021d601dbcbeae48f4917c |
| SHA256 | 26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871 |
| SHA512 | 26cd87d3fb1b2d07438ac4f4b319325f646222a5ce33e703a2c2f9c8748fa6ce7f7b3dde7ce10c23ebe3d093899f166d7c4c9dd0a1f9e346183af6909241908c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N9WG7OID\polyfill.min[1].js
| MD5 | 6179699a89265079ccd2e130921b2ce4 |
| SHA1 | 0643176ac16aa8f5f3f6ecef81af3a3da943a31e |
| SHA256 | 402cbbc842d662333e872eb9df9200a62a47019592df29848e7169007a3ebf9d |
| SHA512 | ca6b34b75c97c947073baff43bf8add28b2c788cfd920ca33c66228ec954cae975fc7e6954366269691a2142b9dd45462581de0528fe2b84e89765a58c396ef7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3ETVNPW\webpack-runtime-71df933e5e48a5ef88ea[1].js
| MD5 | 7cfe5fe97ffcc13e6e9a15122f587d3e |
| SHA1 | 58bd49d3980fbb83c5085fbee74b37e4d0c7e8ca |
| SHA256 | d37e09a9d86650a49b5dc628252f6d2f8cdde7aaf663a360a26ab64dc8d3e5cf |
| SHA512 | 15bae3d71afe0ad97b971ffdf3394d0249a73b1daa8bac7c0c29ceef3b86d839875d51ea5c140649f4e486a65aac0e83d02fb37b407b3223cfe874425d85d53c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\31H7MM5A\0eceb729-3d23d92b83ca9772b679[1].js
| MD5 | 0a3f35f6211feffe573a08f983c2a35a |
| SHA1 | e13c6d866dd1ef940d9fc7e951afd9af9b58fd85 |
| SHA256 | 618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0 |
| SHA512 | e64f4ac618a5d853a2cec18a138eee278ce32a2ea6d4c0d93d4a82edd2847870c735506b7dd6e4f76c45202f50a088407fc1061e8cdbb7f7900bf7437a9b6a92 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N9WG7OID\d6a9949e-c7fb26743b3df7c3d4f3[1].js
| MD5 | 8be798e491d64c90fb2668c241136d27 |
| SHA1 | ea37edaa1afb0a04fc01834416d46b4dfcf9c1bc |
| SHA256 | c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f |
| SHA512 | 8c5834d65d7b9220476fb11ffe5830472753b4fe7a848a5421418e6c3ffb80260170c98440f8a81da7fcd3018485dcddb490ed71ece648c2086ddd9ae44c6648 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\31H7MM5A\framework-2e81d87b28ccd7c06c04[1].js
| MD5 | d57e42a527da656114d580605cefa13e |
| SHA1 | 445bd66c246e344d68535c39d15befbf7c128e8d |
| SHA256 | 57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de |
| SHA512 | 2dd1cdf6b52457f94dbadfdf906ad280ba978c43fc2f1b62eadc85b44271ee822d16118cf8510c813e3e9f90e075abbede6a635b5812981ad821441d023b4ef6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N9WG7OID\e82996df-418a0be62c8cbbb8c8af[1].js
| MD5 | 41f1589b5b330e89885e93dcec06328c |
| SHA1 | e0f21cb584e0f8af5a3016e7794de8d9c0d365c9 |
| SHA256 | d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66 |
| SHA512 | f496c7d8b79a5b24ed614f7a1e4352759dab5c55e406ddd30d9c0333f520d95b1584a37c2b54b92123516eb0108bd04b0443e7d287aaac1afc25726e50d4c112 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PYRKP9ZN\js[2].js
| MD5 | a1de99131059b1fd3754b60bbac063f0 |
| SHA1 | fd706364bca9c4511935292386b484ab6c0569c4 |
| SHA256 | 04db9f9df4fc7a9561bf7ea81c38f5640c2cd9f2a9b5633b01aba275417d5d7e |
| SHA512 | 1fd819bfc886ffc8c538cefc7b40600708d3caad42ea305ee49d66760096d2847b92ac6f5d279233d3951ff0bf6448f474061b7f389c7947be9d620ec5e64292 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3ETVNPW\analytics[1].js
| MD5 | 575b5480531da4d14e7453e2016fe0bc |
| SHA1 | e5c5f3134fe29e60b591c87ea85951f0aea36ee1 |
| SHA256 | de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd |
| SHA512 | 174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\31H7MM5A\ad-manager-bundle.min[1].js
| MD5 | 78fdf4ba62e1b767deeb661ffb5df287 |
| SHA1 | 5cf5b0dff535cd63ec7597dc4f05436ecddd21c8 |
| SHA256 | 60e7ea4aeb10660de46e790c7ed5a323ba4b6e8190e2f5f2ce2e5fca846763c0 |
| SHA512 | a5b4bcbbe790ca8901717918ae31ae2a49c512a76b3136d0bd46c209bd1f640618c729d5fb5a70b8a24e4c80efd28bf5851847a674a30aed135856ae086aaba4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PYRKP9ZN\Inter.var-c2fe3cb2b7c746f7966a973d869d21c3[1].woff2
| MD5 | 8dd26c3dd0125fb16ce19b8f5e8273fb |
| SHA1 | f919da7384706d6924f10d56ce258129ed498845 |
| SHA256 | 85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8 |
| SHA512 | 600aed792990a913df1dbef8de20fdb818f6c422a8b01d319b7bfdacfe53186bc05709d844d07c354ebd740bd62ceb50efc3293333da84de8e21a4c11645cce0 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\HGHG2HQX\www.bing[1].xml
| MD5 | 9ef0bf81044696db6e988df402c8f833 |
| SHA1 | 43b7694880cc719ad4e8e9a3f45f1abce9068cc6 |
| SHA256 | 72099e84dbeac79ab863206c7968b95bda9e91d06dc56c8f5af6068f1e562447 |
| SHA512 | c8e95a043e95071938dba906be5b394d2431f5c7a95429ed5c666dc65e78f71a19863458272e50ceadb2e8988f603aaac7ed52d8f32e7595f953e2e0867c3f92 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\26260efe-4bb4-4dd2-a4c4-b647b0419dca
| MD5 | f5a207e6aa4080b7a77ff5d88b52ffab |
| SHA1 | aa70ace9b782d0a4e70063a0287b8d394b34f804 |
| SHA256 | d9f8b13802b799d89ba91b8e9b4bdfcb15161dbee49306d165a88a9965d27886 |
| SHA512 | e55c1c79576f331601350fde866b0557d05094eb192dda7ab3a97cf9c16bf3d77101180ed44bccf04146f13fb33ea62c410041b7b54e10f0051a5a0b67c73f48 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\944fbde6-3f50-48cb-9399-7b2433cd8c11
| MD5 | ff374bd1ab08cd2d1784b58476f1c8ab |
| SHA1 | bc1171a31bbedadee8247930fa515bfaa88a6d27 |
| SHA256 | 3b15b3fdb8dfa26717a2b468f53e7df105dbe602645a6d2f7b2c87e01529b5f9 |
| SHA512 | 80258b16d5bfcc61a764aa7d67d4bb6b1c75dd0eb863d8367caf11943a6313ca60b452f2d136ca905a16ef690ed1eea422b959e27338136f2164945d0e7fd624 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
| MD5 | b0816de2b57247f74d8bbe5fc7f4a312 |
| SHA1 | f3caf7f356d47bdfbe504de07db41f87251b2aa0 |
| SHA256 | f529ffd781246822263173f783ce18557949985278d1c5862fa2d0539869698f |
| SHA512 | a82a0833881ef1131ad4d07ef6a366bfa8533be65e7c7881e41f9f979226acc8bb415b5c5b60f66c7f27a95945769ce30bf9d2dcc8878450ac92576b8bf6e79d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 0ea448b31957c43ddd1de5d083061379 |
| SHA1 | 27c2b511bc39d02d52e3b4897cc3c4cb2bd7f118 |
| SHA256 | e2dc356e6a16126eded07963c7a461998cc6eeab46124a259fe217b744db2cd5 |
| SHA512 | 2fc567c9738aa0315201e5f1a6895be67e96d4d902d643f57eb498249b51d87dfba32363bb43f60c974b7e78db524503dba82b9b42ba1c8e3432b8265c7444fb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\L5P12AEX\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 0d0013d9708d9fef539adc917f5b87f6 |
| SHA1 | 5e071e6b4d8abf007c8bb78ee948caf5bb0439e1 |
| SHA256 | f416d29cdbaa66b7d04483831d2a593a735316fafb643414a12df78da0ab054b |
| SHA512 | 851e9965a0fed9e0f5195ce655635cf13687d18678e4a9df807ab22cbc53c02cd2006fd65d93cd80b2a06d709e59122ea9933ba5cec551c6d51f5e9b4c175388 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a77a0c771637724385d3e4c32cc1ab91 |
| SHA1 | 4ac86c5d3634abc427e7a9b99b902056f7a4ed2b |
| SHA256 | c21e5a274b286e88c4908a836185f990878bbd655dfb8a2dd77d31f334b1d02c |
| SHA512 | 2df4896672eb9709aee6d01f32a52cab11bf50426c7fcd02d5e6331cad6337a129976842524adc7a4aff9c4610bafdbadea7ffb6d1d60164db82ed5385229b09 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | db01c7db72f29d65f9849b432847f83f |
| SHA1 | f325a7e3d435601119b474c2154ce5a783d59b2f |
| SHA256 | 0e99c53e685d250c07ebb80ea3484af4830de06db9f8c1a3eb7509df866fffd1 |
| SHA512 | ecba1e87c0e074ce0eb3f4e4df2480815d29936bf06be7a855c2173ea185a7ff2cc3d11ffc2aa08afe4fa552b69b9a82ec5390d7cdf0396d32463d3a955e0b57 |
C:\Users\Admin\Downloads\XanaxC2_Client.exe
| MD5 | 803b150910ea7a8f0d5cc26464993544 |
| SHA1 | a85c68c35e0e92a9211ee4b6702e0f1682405ccd |
| SHA256 | 83fa25250bf621410004b5c0ae0cac82aa6083427a866c3a5ff51d2f63593268 |
| SHA512 | 92069adca331d833e9be2de8441cab434bee3627ca9fa9c4223692d61976591a21ab1e3128f962fde3623feb3a7762f53e7e5cbe1094c218cb2d930b8facba3b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | 68d8836a4e85227dc2872a4edf494f4b |
| SHA1 | 60e81c6fbc5ed762254a79dd7e131e0443de423c |
| SHA256 | 80ab8149eaa0802aa227bdc5cf2d20a5edb0ef5c74f9a889176da6f8f586e9bc |
| SHA512 | e6005164c04b04ff62b2e67e118571ca8ca58618c2712cb3e01d986baa593f52dae32e174e684265347d6deb18f9b8799a8c962e25a3636d6a9dc02512fd11ce |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e58232c27360c42d1d0a848be5a06327 |
| SHA1 | 22579b14c6d1a91d624ea02d7a7ced41d19a8c22 |
| SHA256 | 3570d8c00f7eb1ffd547ad165845b560fa1f56801c52aa8b46da87c9541f2cff |
| SHA512 | 746edb57675c4605054c12ddb2391ff68a346c72676ed082b7a703e04594c0b822a825860613e7afc62616b0598d0cb32e3bae5a45d73a7c03406b45fa7491e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\13528
| MD5 | d4b6813ba9ef2f3a7f3922a96ef12137 |
| SHA1 | 969f29d70bb9a1c122a75ed84e753e241a51cdcc |
| SHA256 | 9598eefc82b4b6c38aa715ab39b5b314645f0b169adc56932032e5940c6d5ff0 |
| SHA512 | 3c128083689794431e8dc03cfd941dfe53e7c64591caa3aeae21219974809b3b3c92eb106df7cbbf50c6d554555c0b456c914a902aa47f20947f4af1a827653d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\24450
| MD5 | e35b5be04ab1cfb486aa6f5e9373c1de |
| SHA1 | d4dbb30585995ce49ba824b68571bd025fd41190 |
| SHA256 | f7fc44703adabc37955fbe6eebde6ad4be047d9de909362213d6b3b8e0bd5ae2 |
| SHA512 | 582268f66b2697405db74f1856323104350e573323b97c3c59e3a50cff167a01bbb472f6bcc569999ba53d40b20ed211c8f50bf85e517bed3d3232373bc2b19a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\14104
| MD5 | 48dded1bbadf6c70831f628338d32442 |
| SHA1 | 8850f193587d4c7596ce853a6529dd02875994ea |
| SHA256 | 128ff3cc3ea655a539b1cae12472df2d738923237191185d78fc4b50d3728162 |
| SHA512 | 99de8e5c4b027b1dadfc6bfc011cbf81a6f5618c7aa569611f8c19d3af85de88bbe6ea7f3f7dee44323d8df89fb76f52303bf159afe959af6dcada7d68ef2ba0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\19973
| MD5 | f36ffd96d41f0e733cc6fc26e7ac3e4e |
| SHA1 | 0434849af25fb674ea28f9c314129affd8e4db68 |
| SHA256 | fe3886504b25067c628c15f31461a63739a956b1bc13c05583ecc1ad64a6a332 |
| SHA512 | 8063d7a2912c5db7592da5414c040d2ba20d3d89c520f4e14b6ff26af0ff2e97ab9e9a1517952ab503eacf644ded03b0228bb936bd7d33b33f09895cb4846f60 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\doomed\26976
| MD5 | 4b467eac4277c34ec24734edc610395f |
| SHA1 | 675e93cb13a0900a6cbd60b166e4eb6d5042f5f5 |
| SHA256 | 97e2ac9dc775b60308aa24684c7cc8a0203a047dd7b249aa450eb17a6da352b5 |
| SHA512 | 0df520bf4bfa4a602eb3752ca7ea046ef30efda04789a0219e02b58368e2922c26965e46d9d92063648c293343ed13a39d8c73913dc1df62c268217438d249b0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\113729D4DDD53367FEA74888533D1298B2EB9873
| MD5 | 056513724d88cef6bf77d576cfd0cf8a |
| SHA1 | 78de39dbecb92c531ab9e66382fbd116efa1f461 |
| SHA256 | 16c46888f0f7c33fbcb677a850fd48e59a98c98071bcae7f9413e81c18b2f98e |
| SHA512 | 04e64c67ff6300c9d7bc02b043042389d06723dec290e2050a1eede3f178b82c0b3e52c3e80eb0f93b26dbf1845964bc7fe7437a6e7c1f6acdc86c58cd0e5230 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
| MD5 | e2dca9275259c19e03c3cc9bcbe1bf01 |
| SHA1 | 6c8dce1bbc54585d68a11af0114ef6ba46a600f8 |
| SHA256 | 5f81b3fe20b1fed96f6a4c61cd95fb52710e4ab2ab0c9a04f8438f151b1bb13a |
| SHA512 | 70989be4ec7decf28fb3077ce251a7de11b2e99a86cf41e8b37c345fbc3258098bee4c8afb33d61c6d7b27ddcfc5703f7194325b7845e73d915574a70b20e79a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\FA2083489969D30038DCF1A73D2A1DE76CE5D9FC
| MD5 | b9704c1f9305392dd128ac67522aeb76 |
| SHA1 | 69200a497f4cb4861c5c797bb1ff6309150e633f |
| SHA256 | 5c6496e31319f2e92196e8b73606d7d2c8b2489e2b7fa2a945abee3fad65bfff |
| SHA512 | b3a9dbb93b806e83aa0e0e06def9e2033c3de64cea7c3fafebcc83c63d2db7b30a68b59bd816efb6a512ae8abd9798c18c20ab5bd744e7bf042d4574b302aacf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\C4B4B42BCB4DA663C4602824D78C87C313F5FD6E
| MD5 | e1b6282e3f773fd11a639e6c4580a458 |
| SHA1 | d5afa29871510e08b259f03cb4e3ed72f7b2fc1b |
| SHA256 | 41207450363ba09e66ae8a3df1f13507b44f701c1786b9f9bdcf929399d06d66 |
| SHA512 | a1baa800d154fd7041d86927b418c3ab7394357b5e96ba88783b19f9e74391f0d37306ca5b792e5671125aba4a2edef59177e92cac9aee81cd5035d7a2906431 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KEI2JOVN\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 1aa145350d4ed7f23540a4d79d934b59 |
| SHA1 | 773959c60d60e279742467e4c38b345fcae4e006 |
| SHA256 | 8713e7122d6c83a0349ddfd9f78ff60bd027868bd6f8c8ed286a6fece339bc55 |
| SHA512 | d011e58cc03ccef600a2d73c7e0eb5d814c4554ed95a59c355b3129d58ce11c99d6b3f4c34bb93f0b16ef7de42b10bc9bd7021de876f107f1c1b436b63c74183 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\3B70E2EFB81879F97EDB21F7DE68248950D0EAEF
| MD5 | 4f41abc492c40ce79bc5819e2dae2ef8 |
| SHA1 | fc3ae34df32ad7087c036c18801e925061bb3d43 |
| SHA256 | 6c97f1cf4854fe17803831f2d8935468fd9a2a967b80ce3a0225f9d2c6e5c450 |
| SHA512 | 48f8dc97b971bd3f59dcb5a0d1b88b90d29a8e93db8db837da84891fcaea6d6f377d7bdb10de8f5e123b8c42156724e0d7679f04d01489f5cee85e0ccb7ea36c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 00a044e1ecda98c8883b8e9c21dde1d5 |
| SHA1 | 010829d1ba57aa42137b2e13ddfb587d29ec931b |
| SHA256 | 919e05d3d531d47c0658a171b31a45707c5be5932fba428575470478d853e386 |
| SHA512 | 76cddba767a0224151ff6a28a3a5347c27650de96bfc6064b15a4992653f648721cfbfd9cb61d80bd23e8aba932b16df57d82cfe5a7162187e19f3879c9a0848 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\default\https+++www.file.io\ls\usage
| MD5 | c662f3970c80cc7143ebd1434037653f |
| SHA1 | 86c2f7dba38462f49f9e898c69ecefe8d059e360 |
| SHA256 | 4fdde75dcdf6fab0c2a086d41ecaa113d09c3bb7e28fd94d4b55758a0b823b9d |
| SHA512 | 1c4f3599cb7aae54dad4917ad0ef8aeb58c4559621d93326418fde8ea1fc55cd62d3b759f210396c928bd66b979b538813b39db0f8c60fece2fd6b715316e46e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 435c6a0ef8ec8f9eefc576e325524f05 |
| SHA1 | 600ef7bca73fa4d2c67cc3c7c780b3204ee8ba68 |
| SHA256 | d3ceaf5a10226ee4fad4a1e753de8cf0c059e3b0bdfb77ed6e7286917efdf62d |
| SHA512 | f8fdc3bebb4c69dbf5f10e1c57219bd1de2841ce6c117c3759ff8a099ef3989d237b421bb3391367da9135217dd0201962b87e25b3e6898ac823226a7ce9712a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\cache2\entries\456CF38F6F57CA239F23BD3D877C01FFCC21B273
| MD5 | c76b757dea313280043a05323982c47d |
| SHA1 | f54cf745427854e811c88bb8a85147ca1be602e6 |
| SHA256 | 267c6f2c2cddc3e109618392fde703b3db84dc35fe65ed9d667eb710bfea6e99 |
| SHA512 | 324fe555db3ff29d429cbd06dc6cef0ba11e948e68e9b77e4768cabea049964f0ddd8ba92262034acd5c249506cece63e71323a77b41af07db44f4e963f43345 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
| MD5 | 5136ddc64b744b36bde5ed06ec69077e |
| SHA1 | 732295613f2894d21090f21c34c7361f1e80803b |
| SHA256 | 6d336e1123f7053caeea2fcd03cb823743852fb5f7fe30604c32a5c066487897 |
| SHA512 | 9718d0b4cdac009018cdb957322cdb1623565e038052cd770e9128108e7aad6a7d9045d062878c23c94d531942b782050a957d82314d3fc3c4b63c29fd8738b6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b8ea9bbe0c2fe6f1578ff130a2f1ceff |
| SHA1 | f0848b2e17c7388f8f62e40211b88f6c753cef7b |
| SHA256 | 9d27f6291c090a965002a5ffa3b95885b2136df433e1c3a92f276151cf68c948 |
| SHA512 | f437331760482b330ac16cbaf108114a3e8ed62a6c1cb1ce305bac7c4d19994979eac45996eb58a463f1ff97874a17b429ad155277217bbe822d0ceadaa7d648 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e4fbbf9fa549ae567aa15cc51a00da9d |
| SHA1 | 39d104e968b6ccbdb629068bfc1c3ac8e8bb4047 |
| SHA256 | d40d28ec4c6a45db971aa05b1b9f75bfe1e29197bf6a86a6261c50b564bd71e1 |
| SHA512 | 6d7bb9bebb6b752383f98ef4b6ebeb463f095b84d69f654cae0b1db583946af15229e8aebf129221976a213ed0886a060705077444acb6072d25c5c9bd08bd12 |