Analysis Overview
Threat Level: Likely malicious
The file https://buxmessy.com was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Writes to the Master Boot Record (MBR)
Checks for any installed AV software in registry
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Checks processor information in registry
Suspicious use of SendNotifyMessage
Modifies registry class
Checks SCSI registry key(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-14 16:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 16:02
Reported
2024-06-14 16:07
Platform
win10v2004-20240226-en
Max time kernel
270s
Max time network
277s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Users\Public\Documents\aswOfferTool.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Users\Public\Documents\aswOfferTool.exe | N/A |
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\Instup_IgnoredDownloadTypes | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CertificateFile | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\Instup_IgnoredDownloadTypes | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CertificateFile | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\MovedFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\settings | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\AVAST Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry = "1" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\Avira\Antivirus | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\FwDataFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ReportFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ChestFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ProgramFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LogFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\SetupLog = "C:\\ProgramData\\Avast Software\\Persistent Data\\Avast\\Logs\\Setup.log" | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\AVAST Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\JournalFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LicenseFile | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\JournalFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LogFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ShepherdDebug | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ShepherdDebug | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\AVAST Software\Avast | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ReportFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ChestFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\DataFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CrashGuardProcessWatcherExclusions | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\burger_client | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\FwDataFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \Registry\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ProgramFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\settings | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CrashGuardProcessWatcherExclusions | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\TempFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\SetupLog = "C:\\ProgramData\\Avast Software\\Persistent Data\\Avast\\Logs\\Setup.log" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\DataFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\TempFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LicenseFile | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\MovedFolder | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Software\Avira\Antivirus | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Checking install conditions" | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Main = "25" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: instcont_x64_ais" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "98" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "35" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "40" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "33" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "8" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "62" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "0" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "14" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "72" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "37" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Main = "100" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "50" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "30" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "44" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "60" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "61" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: instup_x64_ais" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "21" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "92" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "18" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: setgui_x64_ais" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "81" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: offertool_x64_ais" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "24" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: aswOfferTool.exe" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "95" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "97" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Checking install conditions" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "3" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "42" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "90" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "92" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: HTMLayout.dll" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "42" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "64" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "22" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "4" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "56" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "21" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Main = "62" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "46" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "70" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "88" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: avdump_x86_ais-a3d.vpx" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: offertool_x64_ais-a3d.vpx" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: AvDump.exe" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "100" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: prod-pgm.vpx" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: instup.dll" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "10" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "17" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "83" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "84" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "89" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "25" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "71" | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "7" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "27" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: avdump_x86_ais" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "58" | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: 32 | N/A | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Token: 32 | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| Token: 32 | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://buxmessy.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3436 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5108 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5340 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=3564 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5308 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=5428 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6012 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=5908 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6248 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4020 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5888 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=4112 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=6636 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=6780 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=6944 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=7128 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --mojo-platform-channel-handle=7284 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --mojo-platform-channel-handle=7292 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --mojo-platform-channel-handle=7084 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6916 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --mojo-platform-channel-handle=6932 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --mojo-platform-channel-handle=7144 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --no-appcompat-clear --mojo-platform-channel-handle=7904 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=7488 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --mojo-platform-channel-handle=7208 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec 0x304
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --mojo-platform-channel-handle=7880 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=6464 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --mojo-platform-channel-handle=6580 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --mojo-platform-channel-handle=6508 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --mojo-platform-channel-handle=6792 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --mojo-platform-channel-handle=6736 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=7676 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --mojo-platform-channel-handle=6804 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --mojo-platform-channel-handle=7104 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --mojo-platform-channel-handle=7340 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --mojo-platform-channel-handle=8316 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --mojo-platform-channel-handle=8464 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --mojo-platform-channel-handle=8488 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --mojo-platform-channel-handle=8604 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --mojo-platform-channel-handle=4580 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --mojo-platform-channel-handle=9276 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --mojo-platform-channel-handle=8720 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --mojo-platform-channel-handle=9560 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --mojo-platform-channel-handle=9692 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --mojo-platform-channel-handle=9900 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --mojo-platform-channel-handle=9868 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --mojo-platform-channel-handle=8504 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --mojo-platform-channel-handle=8004 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=8208 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --mojo-platform-channel-handle=9200 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --mojo-platform-channel-handle=8576 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6868 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --mojo-platform-channel-handle=9308 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe
"C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe"
C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe
"C:\Users\Admin\Downloads\avast_free_antivirus_setup_online (1).exe"
C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe
"C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe" /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /ga_clientid:4ca4c408-edb7-4f51-b794-82e8b4a2efae /edat_dir:C:\Windows\Temp\asw.dcbf065b12dba651
C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.1c39e711436bc4e7 /edition:1 /prod:ais /stub_context:e8d173aa-d153-4c3a-9b48-d016a10a4c28:9897680 /guid:b1c45082-ebb0-4a54-987b-7b4d79890247 /ga_clientid:4ca4c408-edb7-4f51-b794-82e8b4a2efae /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /ga_clientid:4ca4c408-edb7-4f51-b794-82e8b4a2efae /edat_dir:C:\Windows\Temp\asw.dcbf065b12dba651
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --mojo-platform-channel-handle=6784 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --mojo-platform-channel-handle=10156 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --mojo-platform-channel-handle=10004 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --mojo-platform-channel-handle=10128 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --mojo-platform-channel-handle=10096 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --mojo-platform-channel-handle=9160 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --mojo-platform-channel-handle=9400 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --mojo-platform-channel-handle=9628 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --mojo-platform-channel-handle=9608 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --mojo-platform-channel-handle=10504 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --mojo-platform-channel-handle=10580 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --mojo-platform-channel-handle=8824 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --mojo-platform-channel-handle=9956 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --mojo-platform-channel-handle=8104 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --mojo-platform-channel-handle=10744 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.1c39e711436bc4e7 /edition:1 /prod:ais /stub_context:e8d173aa-d153-4c3a-9b48-d016a10a4c28:9897680 /guid:b1c45082-ebb0-4a54-987b-7b4d79890247 /ga_clientid:4ca4c408-edb7-4f51-b794-82e8b4a2efae /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /edat_dir:C:\Windows\Temp\asw.dcbf065b12dba651 /online_installer
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --mojo-platform-channel-handle=9464 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --mojo-platform-channel-handle=9280 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --mojo-platform-channel-handle=10212 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe" -checkGToolbar -elevated
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe" /check_secure_browser
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe" -checkChrome -elevated
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe
"C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AVFC
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --mojo-platform-channel-handle=7692 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=90 --mojo-platform-channel-handle=7240 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --mojo-platform-channel-handle=8356 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Users\Public\Documents\aswOfferTool.exe
"C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AVFC
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --mojo-platform-channel-handle=11096 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --mojo-platform-channel-handle=5796 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --mojo-platform-channel-handle=11148 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=95 --mojo-platform-channel-handle=11444 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=96 --mojo-platform-channel-handle=11716 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --mojo-platform-channel-handle=12020 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --mojo-platform-channel-handle=12028 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --mojo-platform-channel-handle=11180 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --mojo-platform-channel-handle=12380 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --mojo-platform-channel-handle=12520 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=102 --mojo-platform-channel-handle=10272 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | buxmessy.com | udp |
| US | 8.8.8.8:53 | buxmessy.com | udp |
| US | 8.8.8.8:53 | buxmessy.com | udp |
| US | 172.67.213.222:443 | buxmessy.com | udp |
| US | 172.67.213.222:443 | buxmessy.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 222.213.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | d3qborf6vf5lth.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3qborf6vf5lth.cloudfront.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 151.101.66.217:443 | browser.sentry-cdn.com | tcp |
| DE | 108.138.24.117:443 | d3qborf6vf5lth.cloudfront.net | tcp |
| NL | 2.18.121.23:443 | bzib.nelreports.net | tcp |
| US | 23.200.189.225:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | o425163.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | o425163.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o425163.ingest.sentry.io | tcp |
| US | 34.120.195.249:443 | o425163.ingest.sentry.io | tcp |
| US | 34.120.195.249:443 | o425163.ingest.sentry.io | tcp |
| US | 172.67.213.222:443 | buxmessy.com | tcp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| US | 8.8.8.8:53 | d266key948fg17.cloudfront.net | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 13.224.194.115:443 | d266key948fg17.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| DE | 18.245.62.220:443 | dst36t2kjn7gi.cloudfront.net | tcp |
| DE | 18.245.62.220:443 | dst36t2kjn7gi.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 217.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.24.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.189.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.194.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.62.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 13.107.253.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 142.250.200.42:443 | tcp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.42.65.92:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 13.107.246.64:443 | tcp | |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.129:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.72:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:443 | tcp | |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | udp |
| NL | 23.62.61.129:443 | www.bing.com | udp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:8443 | tcp | |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | rbx.how | udp |
| US | 8.8.8.8:53 | rbx.how | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | udp |
| US | 172.67.218.34:443 | rbx.how | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| NL | 2.18.121.34:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | c.pubguru.net | udp |
| US | 8.8.8.8:53 | c.pubguru.net | udp |
| US | 13.225.78.77:80 | c.pubguru.net | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | a3.pubguru.net | udp |
| US | 8.8.8.8:53 | a3.pubguru.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| DE | 3.126.156.194:443 | a3.pubguru.net | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | claimrbx.gg | udp |
| US | 8.8.8.8:53 | _8443._https.claimrbx.gg | udp |
| US | 8.8.8.8:53 | 34.121.18.2.in-addr.arpa | udp |
| US | 104.21.47.203:8443 | claimrbx.gg | tcp |
| US | 8.8.8.8:53 | 77.78.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 194.156.126.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.47.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| DE | 3.126.156.194:443 | a3.pubguru.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| DE | 3.126.156.194:443 | a3.pubguru.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| CA | 15.235.9.150:443 | tcp | |
| CA | 15.235.9.150:8443 | tcp | |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| SE | 40.126.53.18:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 18.53.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nleditor.osi.office.net | udp |
| US | 8.8.8.8:53 | nleditor.osi.office.net | udp |
| GB | 52.109.32.38:443 | nleditor.osi.office.net | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| US | 8.8.8.8:53 | 38.32.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:443 | tcp | |
| CA | 15.235.9.150:8443 | tcp | |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 104.21.47.203:8443 | claimrbx.gg | udp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 172.67.139.41:443 | wall.adgaterewards.com | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| US | 104.21.47.203:8443 | claimrbx.gg | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | udp |
| US | 172.67.139.41:443 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | 41.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | malsup.github.io | udp |
| US | 8.8.8.8:53 | malsup.github.io | udp |
| US | 185.199.109.153:80 | malsup.github.io | tcp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | wall.adgaterewards.com | udp |
| US | 104.21.46.132:443 | wall.adgaterewards.com | udp |
| US | 8.8.8.8:53 | 132.46.21.104.in-addr.arpa | udp |
| CA | 15.235.9.150:80 | 15.235.9.150 | tcp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| DE | 3.126.156.194:443 | a3.pubguru.net | tcp |
| CA | 15.235.9.150:80 | tcp | |
| CA | 15.235.9.150:80 | tcp | |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 104.21.47.203:8443 | claimrbx.gg | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| NL | 23.62.61.72:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.129:443 | th.bing.com | udp |
| NL | 23.62.61.129:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 3.161.82.43:443 | sdk.privacy-center.org | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.82.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.82.161.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.186.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | udp |
| US | 3.161.82.43:443 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| US | 13.33.218.24:443 | www.datadoghq-browser-agent.com | tcp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.218.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| DE | 18.245.31.123:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 199.232.213.91:443 | softonic.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 123.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| GB | 172.217.169.65:443 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| GB | 172.217.169.65:443 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 18.245.86.71:443 | api.privacy-center.org | tcp |
| IE | 54.74.233.226:443 | ad.360yield.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| IE | 54.72.0.237:443 | ap.lijit.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 18.244.15.236:443 | aax.amazon-adsystem.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| IE | 52.49.45.15:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 63.3.26.104.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 18.245.86.71:443 | api.privacy-center.org | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.212.206:443 | ampcid.google.com | tcp |
| GB | 172.217.169.65:443 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.86.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.233.74.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.0.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.235.86.64:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.173:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.15.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.45.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| IE | 67.220.226.233:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| IE | 67.220.226.233:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.86.235.185.in-addr.arpa | udp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | 233.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 13b9a6827e43b2256bfa27312a0df7f7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 123.8.88.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| IE | 3.251.0.235:443 | ap.lijit.com | tcp |
| US | 23.200.188.27:443 | contextual.media.net | tcp |
| IE | 3.251.0.235:443 | ap.lijit.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 23.200.188.27:443 | contextual.media.net | tcp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| US | 23.53.112.216:443 | acdn.adnxs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.0.251.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.188.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.112.53.23.in-addr.arpa | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 52.17.116.73:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 2.18.121.10:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 18.245.31.16:443 | api-2-0.spot.im | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 54.159.1.74:443 | sync.srv.stackadapt.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 100.25.66.254:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | 68.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.116.17.52.in-addr.arpa | udp |
| US | 44.219.8.233:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 81.17.55.123:443 | ssbsync.smartadserver.com | tcp |
| NL | 81.17.55.123:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 10.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.31.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.146.119.168.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.197.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.66.25.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.1.159.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.8.219.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | 123.55.17.81.in-addr.arpa | udp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.153.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| BE | 104.90.25.153:443 | www.avast.com | tcp |
| US | 8.8.8.8:53 | 153.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static3.avast.com | udp |
| US | 8.8.8.8:53 | static3.avast.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.52.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| BE | 92.123.52.22:443 | static3.avast.com | tcp |
| US | 23.53.113.19:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | 141.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | mstatic.avast.com | udp |
| US | 8.8.8.8:53 | mstatic.avast.com | udp |
| NL | 20.50.2.44:443 | mstatic.avast.com | tcp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| BE | 104.90.25.237:443 | www.nortonlifelock.com | tcp |
| BE | 104.90.24.133:443 | c.go-mpulse.net | tcp |
| DE | 18.66.102.51:443 | static.hotjar.com | tcp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| DE | 13.32.27.54:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | 44.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.25.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.24.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.102.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 52.49.219.73:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| IE | 52.49.219.73:443 | symantec.demdex.net | tcp |
| IE | 52.49.219.73:443 | symantec.demdex.net | tcp |
| US | 8.8.8.8:53 | oms.avast.com | udp |
| US | 8.8.8.8:53 | oms.avast.com | udp |
| US | 8.8.8.8:53 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | trial-eum-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clienttons-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clienttons-s.akamaihd.net | udp |
| IE | 66.235.152.225:443 | oms.avast.com | tcp |
| IE | 34.249.24.243:443 | cm.everesttech.net | tcp |
| US | 104.17.209.240:443 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | tcp |
| IE | 2.18.24.17:443 | trial-eum-clienttons-s.akamaihd.net | tcp |
| IE | 2.18.24.18:443 | trial-eum-clientnsv4-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | 191-101-209-39_s-2-18-24-17_ts-1718381148-clienttons-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | 191-101-209-39_s-2-18-24-17_ts-1718381148-clienttons-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | x5s5cjyccimbeztmnjoa-phsu56-e5365fdd8-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | x5s5cjyccimbeztmnjoa-phsu56-e5365fdd8-clientnsv4-s.akamaihd.net | udp |
| IE | 2.18.24.25:443 | 191-101-209-39_s-2-18-24-17_ts-1718381148-clienttons-s.akamaihd.net | tcp |
| IE | 2.18.24.9:443 | x5s5cjyccimbeztmnjoa-phsu56-e5365fdd8-clientnsv4-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 54.27.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.219.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.24.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.209.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| US | 172.64.155.119:443 | privacyportal-de.onetrust.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 216.58.212.206:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 223.223.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 684dd313.akstat.io | udp |
| US | 8.8.8.8:53 | 684dd313.akstat.io | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| NL | 23.218.49.95:443 | bits.avcdn.net | tcp |
| NL | 23.62.61.97:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 95.49.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | dl-edge.smartscreen.microsoft.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | app-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | app-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| US | 8.8.8.8:53 | iavs9x.u.avcdn.net | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 34.117.223.223:80 | v7event.stats.avast.com | tcp |
| NL | 2.18.121.29:443 | iavs9x.u.avcdn.net | tcp |
| US | 34.117.223.223:80 | v7event.stats.avast.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 29.121.18.2.in-addr.arpa | udp |
| NL | 2.18.121.29:443 | iavs9x.u.avcdn.net | tcp |
| NL | 2.18.121.29:443 | iavs9x.u.avcdn.net | tcp |
| NL | 2.18.121.29:443 | iavs9x.u.avcdn.net | tcp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| NL | 2.18.121.29:443 | iavs9x.u.avcdn.net | tcp |
| NL | 2.18.121.29:80 | iavs9x.u.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 34.160.176.28:443 | shepherd.ff.avast.com | tcp |
| US | 8.8.8.8:53 | 28.176.160.34.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | h4305360.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | h4305360.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | j0294597.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | l4691727.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | n2833777.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | r9319236.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | s-iavs9x.avcdn.net | udp |
| US | 8.8.4.4:53 | n2833777.iavs9x.u.avast.com | udp |
| US | 8.8.4.4:53 | s-iavs9x.avcdn.net | udp |
| US | 8.8.4.4:53 | r9319236.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | h4305360.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | h4305360.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | j0294597.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | l4691727.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | n2833777.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | r9319236.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | s-iavs9x.avcdn.net | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.4.4:53 | r9319236.iavs9x.u.avast.com | udp |
| NL | 2.18.121.29:80 | l4691727.iavs9x.u.avast.com | tcp |
| NL | 2.18.121.9:80 | l4691727.iavs9x.u.avast.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 199.232.213.91:443 | softonic.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 151.101.129.91:443 | sc.sftcdn.net | udp |
| US | 151.101.193.91:443 | sc.sftcdn.net | udp |
| DE | 13.224.186.120:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 3.161.82.117:443 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.82.161.3.in-addr.arpa | udp |
| NL | 2.18.121.9:80 | l4691727.iavs9x.u.avast.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| GB | 172.217.169.65:443 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| IE | 52.210.74.222:443 | ap.lijit.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| IE | 54.154.125.194:443 | ad.360yield.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | 222.74.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| GB | 172.217.169.65:443 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| DE | 178.63.241.79:443 | s.richaudience.com | tcp |
| IE | 2.18.24.9:443 | qsearch-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.115.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 23.200.188.27:443 | contextual.media.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| DE | 157.90.33.122:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | telem-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | telem-edge.smartscreen.microsoft.com | tcp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 122.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| NL | 2.18.121.10:443 | player.aniview.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| US | 52.71.174.196:443 | sync.srv.stackadapt.com | tcp |
| US | 100.25.66.254:443 | jadserve.postrelease.com | tcp |
| US | 3.228.191.36:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| IE | 52.49.49.56:443 | ap.lijit.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 81.17.55.171:443 | ssbsync.smartadserver.com | tcp |
| NL | 81.17.55.171:443 | ssbsync.smartadserver.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | 196.174.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.191.228.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.55.17.81.in-addr.arpa | udp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| NL | 2.18.121.9:80 | p1043812.vps18tiny.u.avcdn.net | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| DE | 13.32.27.65:443 | s.ad.smaato.net | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| DE | 35.156.10.230:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 149.202.238.100:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 151.101.129.91:443 | roblox.en.softonic.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| DE | 35.156.10.230:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IT | 142.250.180.131:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | 89.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.27.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.10.156.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r4---sn-aigl6nl7.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigl6nl7.gvt1.com | udp |
| GB | 173.194.183.201:443 | r4---sn-aigl6nl7.gvt1.com | udp |
| IT | 142.250.180.131:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 131.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | marcnorgaard.com | udp |
| US | 8.8.8.8:53 | marcnorgaard.com | udp |
| US | 8.8.8.8:53 | marcnorgaard.com | udp |
| US | 8.8.8.8:53 | ffc3b310abc75b386f68917b34a21053.safeframe.googlesyndication.com | udp |
| US | 172.67.207.108:443 | marcnorgaard.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| DE | 18.159.181.185:443 | match.sharethrough.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | adclick.g.doubleclick.net | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 108.207.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.181.159.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | f3461309.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | n2833777.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | r9319236.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | s-iavs9x.avcdn.net | udp |
| US | 8.8.8.8:53 | t1024579.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | f3461309.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | f3461309.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | l2983942.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | n2833777.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | r9319236.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | t1024579.iavs9x.u.avast.com | udp |
| US | 8.8.8.8:53 | lib.wtg-ads.com | udp |
| US | 104.26.15.10:443 | lib.wtg-ads.com | tcp |
| US | 104.26.15.10:443 | lib.wtg-ads.com | tcp |
| US | 8.8.8.8:53 | 10.15.26.104.in-addr.arpa | udp |
| NL | 2.18.121.9:80 | t1024579.iavs9x.u.avast.com | tcp |
| US | 8.8.8.8:53 | b8003600.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | l2983942.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | l7814800.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | p1043812.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | s-vps18tiny.avcdn.net | udp |
| US | 8.8.8.8:53 | s1843811.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | b8003600.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | b8003600.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | l2983942.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | l7814800.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | p1043812.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | s-vps18tiny.avcdn.net | udp |
| US | 8.8.8.8:53 | s1843811.vps18tiny.u.avcdn.net | udp |
| US | 8.8.8.8:53 | consent.cookiebot.com | udp |
| US | 8.8.8.8:53 | consent.cookiebot.com | udp |
| NL | 23.62.61.136:443 | consent.cookiebot.com | tcp |
| NL | 2.18.121.9:80 | s1843811.vps18tiny.u.avcdn.net | tcp |
| NL | 2.18.121.9:80 | s1843811.vps18tiny.u.avcdn.net | tcp |
| NL | 2.18.121.9:80 | s1843811.vps18tiny.u.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.ff.avast.com | udp |
| US | 8.8.8.8:53 | 136.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | marcnorgaard.com | udp |
| BE | 104.68.64.217:443 | consentcdn.cookiebot.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| US | 34.160.176.28:443 | shepherd.ff.avast.com | tcp |
| NL | 23.62.61.129:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 18.244.15.236:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 217.64.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 34.117.223.223:443 | v7event.stats.avast.com | tcp |
| US | 34.117.223.223:443 | v7event.stats.avast.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| US | 18.244.18.104:443 | b-code.liadm.com | tcp |
| US | 8.8.8.8:53 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| GB | 172.217.169.65:443 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 104.18.244.18.in-addr.arpa | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 8876029.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8876029.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8876029.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| GB | 216.58.204.70:443 | 8876029.fls.doubleclick.net | tcp |
| GB | 216.58.204.70:443 | 8876029.fls.doubleclick.net | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.169.59:443 | storage.googleapis.com | tcp |
| GB | 216.58.204.70:443 | 8876029.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| GB | 172.217.169.65:443 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | b94320fb02a35c6c8441654c98428a4d.safeframe.googlesyndication.com | udp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.169.217.172.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 8.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| FR | 185.235.86.64:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 185.235.87.110:443 | gem.gbc.criteo.com | tcp |
| NL | 2.18.121.10:443 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.246.197.210:443 | match.prod.bidr.io | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 52.71.174.196:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 81.17.55.171:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 81.17.55.171:443 | ssbsync.smartadserver.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| DE | 35.156.10.230:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | roblox.en.softonic.com | udp |
| US | 199.232.213.91:443 | softonic.com | udp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | imgsct.cookiebot.com | udp |
| US | 8.8.8.8:53 | imgsct.cookiebot.com | udp |
| BE | 104.68.64.217:443 | imgsct.cookiebot.com | tcp |
| US | 172.67.207.108:443 | marcnorgaard.com | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| US | 8.8.8.8:53 | dst36t2kjn7gi.cloudfront.net | udp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
Files
memory/4772-0-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-2-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-1-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-6-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-12-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-11-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-10-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-9-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-8-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
memory/4772-7-0x000002DB53DF0000-0x000002DB53DF1000-memory.dmp
C:\Windows\Temp\asw.dcbf065b12dba651\avast_free_antivirus_setup_online_x64.exe
| MD5 | 54aaadc43b9a0a026a86db8d350a2cd3 |
| SHA1 | d1b767200495717f9abbd808c3b38079c64be877 |
| SHA256 | de1fa4badf89ecf4beedfd8f00f79e145e3f492be540e0964ef7468213a20844 |
| SHA512 | 1d75da2ad226d1a6e744854a49b05416db10d4ef68ddf0d7d2d93f01b30a28cb84ae2b1a9c9ddc1817781a98409ed9556c02822f57965ab6f8865e3c55c36f3a |
C:\Windows\Temp\asw.dcbf065b12dba651\eref.edat
| MD5 | 173a83381bdc749f82a66ce267b6112d |
| SHA1 | 078038d3cc7f5b2880a0a5e43edb0d392f188361 |
| SHA256 | bd4833cb4b2f182a92f452ac7a54210c9526c96aa183f723c6f64da322f55d60 |
| SHA512 | d2cf7c81d2ce6b69010b1f42f99c30428b2a421952020312df04f60e028b77012c257d07fbcbfa04b175811deecd58479458aaf3853f07fecb9600977252b351 |
C:\Windows\Temp\asw.dcbf065b12dba651\ecoo.edat
| MD5 | 061e3b7364dc315748e7ede27c93ce7a |
| SHA1 | e29e80f407e292a1199a78de8745bb3368ae9341 |
| SHA256 | 55921d5a85a9e36bc7b47829bd5303108b90b6ab3192db13fd88a8c6dbece928 |
| SHA512 | 2d78594da33f75f82cfad0157e6316676822246557489d83908fc30fe0c999c04c1a5ca2f5fb716c89d35feb5ab8c2a0fe6ebf16fbf13f22f4665af0f28e4ae1 |
C:\Windows\Temp\asw.1c39e711436bc4e7\servers.def
| MD5 | e76e81467cf59e07920fa8350f262269 |
| SHA1 | e0ab1867d50c7d6cf2f35ca00aa94564cde1ef94 |
| SHA256 | cd4ca129df4cda34752225d61dc5b810e768bdeb60b0b8fb3fba3826820761c8 |
| SHA512 | 5b29f1f97e6ef1acc567beb1340d13a07c52d94cc6ae6284650c3e717f137af3db43b84a2904f26e772e524dc8e69cdb86eb8e98e9ec65323769171e0ee35070 |
C:\Windows\Temp\asw.1c39e711436bc4e7\Instup.exe
| MD5 | 4aed041ad383def5407e438fd5597675 |
| SHA1 | 6a5d6ddeb83b4e6425cc77190b0539b6e5dffbc4 |
| SHA256 | 1cb887579ece5a1d11832d0543f0b02c338ac8581d54909bc641abe13e294abf |
| SHA512 | 4b2c07668565f4a01f4e7f124e1050bd12228dc2547a00add12921b2300a71588387d8c2d3c0de4303222c5ea2e65bfafe2ab342417d2c5ab8ac300c40d5c171 |
C:\Windows\Temp\asw.1c39e711436bc4e7\Instup.dll
| MD5 | 3b6abc970f7227284d87acd2d95c7c5a |
| SHA1 | 02b1248aa23cb8aee91b06a9b8b044fa93b469b1 |
| SHA256 | ecf706e38e489c6840b68db5b6fdb4687a175ec6c325c8673f27f7cbf01234fa |
| SHA512 | bd06e9599fee8ac872ad6cb5e539a78137daf8b831eb7be3df8bc773d91f9eb4883d01404b7c6724997e6ec1526af213ed1988780c9e40ba98227649ee91a2b1 |
C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\Setup.log
| MD5 | bdf6eb5f97a6cfce1b74818c47a07545 |
| SHA1 | af484c0fa11448a2d1def0d129566fa62fd9ef96 |
| SHA256 | 670464335832d49e196442851160dd5fc345e13ab0e8f8a24ee99ffe6ca50bad |
| SHA512 | 467c3593fdb1036b8ab76544d88656d80acb7b070a658a227e99f59a8ad20bc1cfc4dc32d4925d6ec5ef2a6027bf41dd047bcf6b8a0367237f7c87d092a6cc64 |
C:\Windows\Temp\asw.1c39e711436bc4e7\config.def
| MD5 | da59c9092a31f572c882d563c600a34f |
| SHA1 | 0ec1cb7f7c16252d637d71e08e9363bfe96a5842 |
| SHA256 | 563c4f5827c6f7a2a52d4dfe22f03e296751b1667566fe9a5ec4a7981c0f1766 |
| SHA512 | ee9ad7259df259dd6d444b6b8b933f2c6d928a3ed1f0de42598d09fdcdb0af2ae3f64dab888d3d5f4443a8b918e596f0ee28ee874fc9dfeeac422c3a9e107924 |
C:\Windows\Temp\asw.1c39e711436bc4e7\config.def
| MD5 | 66f10981310c8f0043137a908e8f5c9f |
| SHA1 | d5b9a23cdacec2d9646c5ed2889d1dfbd612eac4 |
| SHA256 | 3ab100774a3470250589c4966ec81c8dc8bf9a09082abf5c3098cac40828a86f |
| SHA512 | ae543d759363d01ec1046de591b073649775b25e7f9ee0ff59163c2a2050d4a0bfcb046f0f046c0d56f14959a28a57678ebc8abde04b4a5b2bc3efe79f0cc380 |
C:\Windows\Temp\asw.1c39e711436bc4e7\config.ini
| MD5 | 7e4a723b596de509250e2468f02c56f3 |
| SHA1 | 64ee2d83c9eee0efb52da1de35d7c77784913bb8 |
| SHA256 | a7b2f9481419a04090a28e7e386781cb908efe8853c78a2cae09dd5dc1374cac |
| SHA512 | 856daa3069b0f1763e7218635664b99f1186d67be45f1bb11498ff1346b36ee65e9f4a847948c4b5088046a0716439a6106687a2df61ccb034d33e1a666de7cb |
C:\Windows\Temp\asw.1c39e711436bc4e7\HTMLayout.dll
| MD5 | 39a20f9d67d6d4bac0ff081c62b13996 |
| SHA1 | b5b6b70e943a96a8697f07759245702e026be7e7 |
| SHA256 | 825288012e4c15035b3d7fdfda396912b83992bf0683f9d2a5d55dfa1306b5a1 |
| SHA512 | 798f6616b4f07bc75c5833a906735c1cc44d2ac044ceed4119005601e6f0266327ffb4819a44bac49bc0cde8b2ac7a021d098a12da586689de1119914e2032b0 |
C:\Windows\Temp\asw.1c39e711436bc4e7\servers.def.vpx
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Windows\Temp\asw.1c39e711436bc4e7\servers.def.vpx
| MD5 | dc5709c442df025a33cb2ca0d22133af |
| SHA1 | 5007da1e31f4705932c1f272dd4975b14bef268d |
| SHA256 | 6530f71b39a09fec9fdf8f258a488640a2094dba5e4a32cf4aa4670fce805744 |
| SHA512 | c6938f9569e943bbc04fe39acdf8e7302b77124b7f1e2ccbb20ec01242238e81b6ab83730393fe61ce716cb1c4e7df064c65bc5ce84540371fcf6a50a615cb6b |
C:\Windows\Temp\asw.1c39e711436bc4e7\uat64.dll
| MD5 | c0719ef096798494a616f84f587282d7 |
| SHA1 | ee38158f887bc2189234330c4891f12f9d902d7a |
| SHA256 | ba4d8d0ba809d934004da646ec31a72650dc16e4288404badd761e4bed6a982a |
| SHA512 | 7b22ac9c0c2c881674333d325363aa1d378d3b3c75700a7713a7f33b6ee144c43cd209d9fe9ff31a93b329881dc14c873cb2338af4695d44724afd5ddda5d298 |
C:\Windows\Temp\asw.1c39e711436bc4e7\uat64.vpx
| MD5 | 11bb373887fe44e1edea08b70c638095 |
| SHA1 | e887149cb489a3aec8092636379ac4c64e389089 |
| SHA256 | a2f66db4a802a3aeb977d40a22e399382d8b82da216645defa5b5009602fa358 |
| SHA512 | d9933cb1b8258f13b21d3bf6a648ed81de1608663e1166a8eaf1baea60f4bc5017ac218f277beb4e65e6719ca57d2910cd6c268ee8a5f8766c13680e86fba879 |
C:\Windows\Temp\asw.1c39e711436bc4e7\part-setup_ais-180517e4.vpx
| MD5 | 67a540fcde81f108f7568628590ee342 |
| SHA1 | bd454d4203eb18115264fed792b4d5e41a2e2fb5 |
| SHA256 | 328f4780c3389e61ea00604b5d5085e734adee7f162796f1130d5f36d0cf2924 |
| SHA512 | 20586f6f537b18f7e3d0945e0dbf69e6bd62457a06c739268c9867b407e9071c0b82ba8adf166ac19c78e9f36f4d8ccceb85ce1dddc1d5c6b5b49c11fb602199 |
C:\Windows\Temp\asw.1c39e711436bc4e7\prod-pgm.vpx
| MD5 | d4f72d1329501105ec7111178ac7c98f |
| SHA1 | 17bfc1e8299b43c46b18442b7e74f84953dc6193 |
| SHA256 | e2919168247b931b6f7c3274c10e4b68ea9b3a67eeab74347b2ac49bea9b0aa7 |
| SHA512 | 570ee9fb319cb6a291e57abe5cde166d74b82090f818d145d763ec05810184f4548275f2cc294c4bcf395da1cbe1d138b190292b71ea1ae836004eb391353329 |
C:\Windows\Temp\asw.1c39e711436bc4e7\prod-vps.vpx
| MD5 | 0066d9b938e4d92eed90d515c0da993f |
| SHA1 | 60f4f31c64671349b100505428a618c9a9033820 |
| SHA256 | bc659320e0681b00d3b5700251822db8e60e17daeeaae4b6cad83421aaf14209 |
| SHA512 | d28022752f3fe222d24eb30beb89dbecd25db7100dc362f79463afc45ace1166074ebca1a4c0931b457e1f5643a9644e268c1f0a65109a291ba3eb003f464e62 |
C:\Windows\Temp\asw.1c39e711436bc4e7\avbugreport_x64_ais-a3d.vpx
| MD5 | dd9112cf8378dd2dcd7da7652ab7ef4f |
| SHA1 | edba0ad6afe5f7d5fef1a68fe6e298285302a205 |
| SHA256 | 01a5da7bd76821e598dd0c145e402f01968a486ec0289304ecbc01e8e3e3545f |
| SHA512 | a792118766c8aefdda2f3158e3f20235b3d45e2504a8aa131189034a4c1dce36ef304253794bd73eefa9de1b58666422cba7311e93588b6b05340c23c9b24502 |
C:\Windows\Temp\asw.1c39e711436bc4e7\avdump_x64_ais-a3d.vpx
| MD5 | 4dae0714e69b6d570b458d2d464ace66 |
| SHA1 | 7b87175b6810ba49fff360affcd27b0b1c163899 |
| SHA256 | 009a8b3c599329995ec197d1c9e5a13ad8bcf0888d6ef434d295b4a7e76ca3e7 |
| SHA512 | 9c5cb5a9893276cc5bfb5baddcfe6584b78bd0387fc731f0e21f963d8515a42fc77b3b8a25291ab0b09910d72193a191cd3f72a2b0dd92f27c89f5a62251a02e |
C:\Windows\Temp\asw.1c39e711436bc4e7\sbr_x64_ais-a3d.vpx
| MD5 | c137e649a83c0d6e99b40b7244015812 |
| SHA1 | 6aaa485bec43f485b3863d525a8653d19949e005 |
| SHA256 | d54383d72f4ef21f157867ea9164ccdc3d6dd9c8de32a691a86c1f0c5a008f8f |
| SHA512 | c38621980bb82a5fdf509d92167027c67db56c3b3d17c621ef732a98595d50788a4ea934fd19a93787f7d7defadb537036eb0e1464aec8ec1cf8dc6073cae88f |
C:\Windows\Temp\asw.1c39e711436bc4e7\offertool_x64_ais-a3d.vpx
| MD5 | 83a59fb227b8146aec13b3e5183da115 |
| SHA1 | c0edcf17207414387cbd193503dec8fc3d88bf4c |
| SHA256 | 240f009ab1ce95fb23cb1c76f0c944e3acc8567b4198dd6d4de7d8bbf2979919 |
| SHA512 | 317ac6ea8ea54f32614a3623bff1c0193c072c6ee8d845ab1b23575170fe1e1048f71847a23f4a6ef42e33466bd4c4d8a1fe10a2c7c48410c032287de3992560 |
C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\Setup.log
| MD5 | 1ccde7558e1c11e74b04427abacd5d18 |
| SHA1 | 8bf56f854f6f610512df327177215c5c682bb1d7 |
| SHA256 | 2b147413afbbbb75aacc2bddaa126cd3cfcfbca622bc9a91a055bb23edf0b985 |
| SHA512 | c3ce1184a2a8c64cdfe1e2c2da3c26d02f1c165c2412263e0fb36a8d41e51a65aaff9184a59e06b8826ad670ffdb639b3535780b9612dfa21b0927570cfba905 |
C:\Windows\Temp\asw.1c39e711436bc4e7\part-prg_ais-180517e4.vpx
| MD5 | 2c670a43751b0f2adb2bbb0f5dd646bb |
| SHA1 | 74ad4b2eeb00c337bb4902def41353c44aef6e3a |
| SHA256 | 876f56bdbd1314c4f97757bbb341c908bc1de6acb5fbe8fdbbfdd2e3b1c55bdf |
| SHA512 | bd5b7b4996f1c70adb77fb3b590a96cbe673253e05a10c94c2d38ee12d63995fc385c541eaacfd653ffd7e3629673fc539830943d9202ed2c9a04f2c42f8b4d7 |
C:\Windows\Temp\asw.1c39e711436bc4e7\setup.def
| MD5 | 98592e07fab8330e4b367ee1c2ee1a23 |
| SHA1 | aaaeddbb740f3fb46362ff6055b909e7215e7c22 |
| SHA256 | 046d8d52a8da3a1e288aa24452ce97ed72f47c0f327177ac76373d1eacfc9b40 |
| SHA512 | 1f734e991340156de357b638b562b6f95e762f1913953fab3b449ea6fa3fb081db02dfc3339a4dd1d5c82a0fe169d7a4d4699ce239900bd7e51372a561cc7511 |
C:\Windows\Temp\asw.1c39e711436bc4e7\prod-vps.vpx
| MD5 | febd30cf901c8fe640b98cfaadd1a633 |
| SHA1 | aa419a6d759ef6b133d67109047728b98cb31270 |
| SHA256 | 485c2d46a6b2f6d3401307455f64b30cb8758749dbf5d5fe836b6a738b68a3ef |
| SHA512 | 350a675fcfc0f3a6ead858c5feae0b7a81494bf4a6f7181405627b2c580b5ecefb8f926778a65423a76165f0a2677a5535fccaf5374e0beafb9669d66af0f138 |
C:\Windows\Temp\asw.1c39e711436bc4e7\part-jrog2-93.vpx
| MD5 | 12d90335062c671ad47ea706deac815c |
| SHA1 | 23eb16bc513813f0cd2ae023863d27d813afded2 |
| SHA256 | 1f3f4b1e26ab968c05bcb51ecfe48b4b501a32e33301a36ecef26fe2daf0ea8a |
| SHA512 | 368ac634f6310ee1f3fdcc3170bd34ac6330219e8c3231ecf09102da0dd4a60add7f9e283874336c49435c2746145ace92503faa75cfdfe89ad3db1202c5040f |
C:\Windows\Temp\asw.1c39e711436bc4e7\part-vps_windows-24061317.vpx
| MD5 | c0e5dfce82300127835aba8db5feeba1 |
| SHA1 | 1fd558a4e3055aadfbc0b871661b4821e7e11659 |
| SHA256 | 97eb2d0d06f82ac4414549ad2dbc01789fdeb624f773a57d1cf20cd94131bc05 |
| SHA512 | 3ea70565ea6c6932a2b694cc61ed7da75f40e798075cab4b077573c098bab842f55b2a3b6b9b3972c7bd36eb6dff7a935fe0b48efc52e33f14d057d8eb97323f |
C:\Windows\Temp\asw.1c39e711436bc4e7\asw25c5ebe5b31fada4.ini
| MD5 | ddcf51ae2588d2cf4b23f96b4b425107 |
| SHA1 | 4de1a4f9b825d07e9e5cd78d77c397414830ac93 |
| SHA256 | fc1885ef1407ec75dc81e7768ac854ec0f8232f9dfdb8d1bfe238173a8f0317b |
| SHA512 | 1ecfb8b8e077474c3758470c68e5e9e95cebebc7fa51481c8bc720dc65ef9a3bd39bbb7b66589d451c6762f9db1c6ce0e79a4b81413e3cdac1af2a608db4dd40 |
C:\Windows\Temp\asw.1c39e711436bc4e7\asw25c5ebe5b31fada4.ini
| MD5 | 4c43757b3ac31125e2a84d1e8a63da31 |
| SHA1 | df7aa2b082259a693f414a27459f08de60f9f19e |
| SHA256 | 845002f91990a6f799d8be28db0dc5252742bf281e5b90efbb7f637f65128006 |
| SHA512 | 47d67f15297461a34bf01a97af80910b4c7c87d1132bf89d24c976d23614d3355f451c314baa8c7e8a3041fd2f730ace7958850eb88dee5daa3b3562341caee9 |
C:\Windows\Temp\asw.1c39e711436bc4e7\config.def
| MD5 | ec1b7cd39f0f05386c58ce4eee0a7773 |
| SHA1 | be4716359d77420a9cc50f7848653537f3727578 |
| SHA256 | a61f24139b866cf0f1d80f7e1b1efe479cb24273e6957f1d47af1b932dd32111 |
| SHA512 | f4886d684a2d9984d0c6f9d712fe9f21597acf9f6e06b5f073f581bf7765bf630c80bc33f518f2e8cfe7e912043869b9df3568af4c940915b75b9066935829db |
C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\event_manager.log
| MD5 | 1af6b4e038d1ac1839f3b37ff5153ca1 |
| SHA1 | 22012c84c6abdcefb30fa3a193a4fda82f7e8360 |
| SHA256 | 4469ba2bc7f133ec4e6f858828e3c6691752443798920ab0a7c10a6659183f3d |
| SHA512 | dd7dbcbfa1e3976792c930af692ec14153fb7451375f58a4054cecd4da890f4896d69d3f9b9f53d7f8af752471abca7c8ff5e59a93f94f0739462447f802520a |
C:\Windows\Temp\asw.1c39e711436bc4e7\New_180517e4\gcapi.dll
| MD5 | 3ead47f44293e18d66fb32259904197a |
| SHA1 | e61e88bd81c05d4678aeb2d62c75dee35a25d16b |
| SHA256 | e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905 |
| SHA512 | 927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0 |