Analysis Overview
Threat Level: Likely malicious
The file https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
Loads dropped DLL
Executes dropped EXE
Checks BIOS information in registry
Checks computer location settings
Registers COM server for autorun
Themida packer
Checks installed software on the system
Checks whether UAC is enabled
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 21:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 21:57
Reported
2024-06-16 21:59
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Downloads MZ/PE file
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Windows\system32\cmd.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ext.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fur.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sq.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kk.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tg.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ne.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\he.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tk.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\az.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sl.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\da.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spc.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip32.dll | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pa-in.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ky.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{25976052-54FF-42AB-9155-C37A3BDE6375} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 465387.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\7z2406-x64.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/9r13k249f79stkj/VAPE_V4_LITE_%255BZIP%255D.7z/file
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9db446f8,0x7ffa9db44708,0x7ffa9db44718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9128 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=11868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=10644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11384 /prefetch:8
C:\Users\Admin\Downloads\7z2406-x64.exe
"C:\Users\Admin\Downloads\7z2406-x64.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\VAPE V4 LITE [ZIP].7z"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10024 /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\Vape Crack fix\fix.bat" "
C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe
"C:\Users\Admin\Desktop\Vape Crack fix\fix\server.exe"
C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe
"C:\Users\Admin\Desktop\Vape Crack fix\Vape V4\Vape_V4.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5593594720460607176,2985154217682795770,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| FR | 13.249.9.41:443 | cdn.amplitude.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| DE | 142.250.185.142:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.181.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.170.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| DE | 142.250.186.138:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 35.162.121.194:443 | api.amplitude.com | tcp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.67.142.121:443 | g.ezodn.com | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| DE | 142.250.185.226:443 | securepubads.g.doubleclick.net | tcp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| DE | 142.250.185.195:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| DE | 142.250.185.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.184.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 142.250.185.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.121.162.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.181.250.142.in-addr.arpa | udp |
| DE | 142.250.185.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 52.17.55.191:443 | bcp.crwdcntrl.net | tcp |
| FR | 18.155.129.21:443 | tags.crwdcntrl.net | tcp |
| IE | 34.247.240.165:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 228.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.55.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.240.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| DE | 142.250.185.142:443 | fundingchoicesmessages.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 142.250.186.138:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| FR | 18.244.28.8:443 | hb.yellowblue.io | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| FR | 99.86.95.185:443 | cdn.prod.uidapi.com | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 216.58.206.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| DE | 216.58.206.33:443 | tpc.googlesyndication.com | udp |
| DE | 142.250.184.228:443 | www.google.com | udp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | udp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| GB | 185.239.172.170:443 | ghb1.adtelligent.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| DE | 142.250.185.66:443 | googleads.g.doubleclick.net | udp |
| DE | 142.250.185.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | f12a1495057c4294105de0e7ffacee46.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| DE | 172.217.18.1:443 | f12a1495057c4294105de0e7ffacee46.safeframe.googlesyndication.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.95.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.31.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.172.239.185.in-addr.arpa | udp |
| DE | 142.250.184.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| NL | 185.235.87.77:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| DE | 142.250.185.129:443 | cdn.ampproject.org | tcp |
| DE | 142.250.185.129:443 | cdn.ampproject.org | tcp |
| DE | 142.250.185.129:443 | cdn.ampproject.org | tcp |
| DE | 142.250.185.129:443 | cdn.ampproject.org | tcp |
| DE | 142.250.185.129:443 | cdn.ampproject.org | tcp |
| FR | 185.235.86.184:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 74.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.185.250.142.in-addr.arpa | udp |
| DE | 216.58.206.33:443 | tpc.googlesyndication.com | udp |
| DE | 142.250.185.226:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | download2389.mediafire.com | udp |
| US | 199.91.155.130:443 | download2389.mediafire.com | tcp |
| US | 199.91.155.130:443 | download2389.mediafire.com | tcp |
| US | 8.8.8.8:53 | 130.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sys.ctrackapp.com | udp |
| FR | 52.222.201.8:443 | sys.ctrackapp.com | tcp |
| FR | 52.222.201.8:443 | sys.ctrackapp.com | tcp |
| US | 8.8.8.8:53 | track.donecperficiam.com | udp |
| FR | 52.222.149.76:443 | track.donecperficiam.com | tcp |
| FR | 52.222.149.76:443 | track.donecperficiam.com | tcp |
| US | 8.8.8.8:53 | go.etoro.com | udp |
| DE | 184.25.158.219:443 | go.etoro.com | tcp |
| DE | 184.25.158.219:443 | go.etoro.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | s.console.adtarget.com.tr | udp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| DE | 142.132.249.185:443 | s.console.adtarget.com.tr | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | 8.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.149.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.158.25.184.in-addr.arpa | udp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | marketing.etorostatic.com | udp |
| US | 8.8.8.8:53 | etoro-cdn.etorostatic.com | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| DE | 23.212.216.134:443 | etoro-cdn.etorostatic.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.216.212.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | amplify.outbrain.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | c0.adalyser.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| IE | 54.72.212.61:443 | c0.adalyser.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 151.101.129.44:443 | cdn.taboola.com | tcp |
| US | 151.101.188.157:443 | static.ads-twitter.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 89.149.193.117:443 | ssbsync-global.smartadserver.com | tcp |
| US | 18.245.175.102:443 | static.hotjar.com | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| SE | 23.34.233.58:443 | amplify.outbrain.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| DE | 142.250.184.194:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 9944765.fls.doubleclick.net | udp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| DE | 142.250.185.195:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| DE | 142.250.184.198:443 | 9944765.fls.doubleclick.net | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| PL | 93.184.221.165:443 | t.co | tcp |
| US | 8.8.8.8:53 | tr.outbrain.com | udp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| FR | 18.164.52.95:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | wave.outbrain.com | udp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.212.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.153.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.184.250.142.in-addr.arpa | udp |
| DE | 142.250.184.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 64.74.236.159:443 | tr.outbrain.com | tcp |
| US | 64.74.236.159:443 | tr.outbrain.com | tcp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 142.250.184.198:443 | 9944765.fls.doubleclick.net | udp |
| SE | 23.34.233.58:443 | wave.outbrain.com | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| FR | 5.196.111.73:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| BE | 104.90.26.20:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | 165.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.26.90.104.in-addr.arpa | udp |
| IE | 54.216.157.131:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 54.154.6.201:443 | ap.lijit.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| DK | 37.157.2.229:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| FR | 18.164.52.46:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | trc-events.taboola.com | udp |
| NL | 141.226.228.48:443 | trc-events.taboola.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | 131.157.216.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.6.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| SE | 184.31.15.75:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | cdn.mxpnl.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 35.186.235.23:443 | cdn.mxpnl.com | tcp |
| US | 8.8.8.8:53 | dc.services.visualstudio.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-de.onetrust.com | tcp |
| NL | 20.50.88.238:443 | dc.services.visualstudio.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| FR | 99.86.91.65:443 | api-2-0.spot.im | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 52.86.229.235:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.17.93.114:443 | match.prod.bidr.io | tcp |
| US | 174.129.13.121:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| IE | 34.250.70.143:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 75.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.235.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.88.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.93.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.229.86.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.13.129.174.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.70.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| FR | 5.196.111.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| FR | 5.196.111.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| FR | 5.196.111.73:443 | rtb-csync.smartadserver.com | tcp |
| DE | 18.196.133.194:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.133.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| NL | 23.62.61.194:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.74:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | ghb2.adtelligent.com | udp |
| GB | 185.83.69.58:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 107.151.11.18:443 | ghb2.adtelligent.com | tcp |
| GB | 185.239.172.170:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.202.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:52776 | tcp | |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
\??\pipe\LOCAL\crashpad_3952_SDUXMHWAKNHLZMRY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0350b79082cd9be9a925e5dae6c08747 |
| SHA1 | 7e75a090aaf2686cf0e347b866a7645c6f5b4abe |
| SHA256 | 8961ec9dce64934bef4e615f31d9a7525b473cc6ce72d5cba512cfd0ed58b45a |
| SHA512 | a492f6c3b5c64242c272eec9b1db94c9a6073d3f55714c555e46bba6c707c2c4bdc76ea0eae995dd127cdcfb578f400299a57df169cc1f9a464768b9c2b8ee8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8c90616f70d98455c7745575283309a7 |
| SHA1 | 85c226830035be137fb8c2d5c57a2a4aa6d94785 |
| SHA256 | 7c71f726f5e98ac99bbf47aebe5047076db905e9c1498877ab53f08ecc95d6c7 |
| SHA512 | 3cac714de927fa5f5b7efb2ee9bd0f8f43719ae293980aba2faf3e68ca870f2dc286e000ca458fee59e46a67afaaaf9cefff5fca30e0ff243e3448e1be4f74fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63bc9d3b88012f73a712f7ff591017d6 |
| SHA1 | 324a3a38b496a32611af160f593730090a9d7f2c |
| SHA256 | 0d5d536450135c28058a0a5c86eed1d1c8701fa6873ff68ffb4b406f9a4d5cfd |
| SHA512 | 59b7f52b8f8704b48b3d32c73402a32459d66ac522351ea8f29c811dc8cdb135c495a2810ce8f851df47b14fbcd751529ce88a268cda8007f7012144c11ccc49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 18dba21ecc7d649880255609f26eb684 |
| SHA1 | 0bb0b419b3367c8601c3d4ef1cfa3347ba6e92b0 |
| SHA256 | e27d9caa29810cffebdf8eee47dfa16cb1535c22e8c1611c408ca9e4cfb141f3 |
| SHA512 | cda7a5560aa85c3aaae8a5e370ddcdd3b530ed281e3731d0307ca4c7a19629535aab1cd1ec12c25918c208b43f11e6cc9667ccb3cb2187c4ff19ed7b11a75e29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2693ce2a822b7a41755adc9ef40738c |
| SHA1 | c84625a3e88ccb857ab8996645c4ed2b5421471d |
| SHA256 | 8ae3463f2138074ec613d2c3e7ca2c0eb53902d8679831f4f17c8bd5bf951cbc |
| SHA512 | 2c43494fc1aacda35a71addda9ee97d4dc239979f36bcf882d4ee60b65d05aeb1c2c1964fdc8852c7524ee042e9cd0f3c2c16b2d22e437bd061fbff456b254cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 44ad2f74e4e27cc3797eb76f9f3f2cb0 |
| SHA1 | 29b45da99ebac81b689f208b091b1e08bf7b0273 |
| SHA256 | 062bce07e576d4f94b98c6bddd9305339ef20516c0c9b4421a6bef2f5ba12243 |
| SHA512 | 12805fed3de34c29573acd8445ee0a8021c25140a4f2b9e3a9f1cbbb50602c1e4f31b4e31afb63abd28968b48fb290236c54f06ec077c8fcd56b4df6438b5cf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58439c.TMP
| MD5 | 61c65f406fa11442c7ff30a643cc3bc9 |
| SHA1 | f776f97e8507bcf17c2f14494c47f123f4d012e7 |
| SHA256 | 2781fb3031066d2cfd85aab9b2e09efad3765c41e4b624f9b40e662a23c4930e |
| SHA512 | 4e3b59ed13fb3d8773746aa557f65d8dc0152fd381e466711f49cd73a5e347b91a6f53ad3c8388c2c398c139dbb47e27971f69c2eccdebced5a123ad3fe9d308 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | 99916ce0720ed460e59d3fbd24d55be2 |
| SHA1 | d6bb9106eb65e3b84bfe03d872c931fb27f5a3db |
| SHA256 | 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf |
| SHA512 | 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 00a0ce6bc943f4313aca051c24b50388 |
| SHA1 | cad12055a592d99d0e13a1193d0f60d87fb64fad |
| SHA256 | b2812c03040fc8d24ebee770ae1400a1eeba45aedd305bc347146477c635f5f1 |
| SHA512 | a4dc9d228833ae054a1c6022e4a73a867a43919f027f07ad9fdb1ea0f6ddf909fce02d779384beaf1ff3aa967c7ba5ffc415235efe5dc94ce0a9ed88aa6ccc74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fb3271c5-32e9-4782-94cc-031c6ceae93c.tmp
| MD5 | 193a88f782c59bddda4fc193ae26a171 |
| SHA1 | 0cbd9bfd941ae43a34a52414a4c033eb625051e0 |
| SHA256 | da3f2f18902750509a48b273dc7b127602cf6fe7eb36f9fe4ac6d457a7a1bee8 |
| SHA512 | 93c26d01c02f9a9cfe3b823c3721739f8d1cbb42c1041b2ea78693acdfe40dad8aa831644dc2b55631da867ba43ff2cb264705f04cc45ea01be650ffc6533ae6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4cb43b10792fea37d8c97a397c293a48 |
| SHA1 | 7b07bd25925a1961f8f69c7b3ada7aac414e40f5 |
| SHA256 | cff8c90871f33e1cf34964a48f049fc3b91e501099c5c0a6f402aeb8c1014f4d |
| SHA512 | cacede7fe1aec9e0a8371bf8c3129a82ce9af5f4422d80ed4be94bdaf117d02a835a98d0a96c9cb26ed3b553371d97ebef2933dad648732d65252444060b0f90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0454686832cccb23927d8e206791d39f |
| SHA1 | 14e9bbf05df5373c777ec299eedb4b71c68e7368 |
| SHA256 | 34b7b4e8e7b053e6f57905646ef4444f44aa347757ebc1036ae1a55c30dfd897 |
| SHA512 | 4d8719c2589c4a8291d157a7dba8fe3c009f309a0ea9b4dc0e9dfde3224ebc8baed29f046ec469e63ebefd597d9c2e3e76761b2b9d6bdd3b3bebc7f31e769daf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e7a7d4aceb4f7883593d42a5c4b1b5c2 |
| SHA1 | 1f338e7f2205a2a23720ab4c063afa464d1459b2 |
| SHA256 | 5434ac89573b99ae184a96a2ec54e032d9d3221b00727efd6c8c864254d0615d |
| SHA512 | 4d6de878725778a13c42c4d6ab977258d641c8d66f00fe3f0d2344cc44803f98570266147b03c63c92cd34429dbe41a9cf967981769c9f769da171f55acc22bb |
C:\Users\Admin\Downloads\Unconfirmed 465387.crdownload
| MD5 | d8af785ca5752bae36e8af5a2f912d81 |
| SHA1 | 54da15671ad8a765f3213912cba8ebd8dac1f254 |
| SHA256 | 6220bbe6c26d87fc343e0ffa4e20ccfafeca7dab2742e41963c40b56fb884807 |
| SHA512 | b635b449f49aac29234f677e662be35f72a059401ea0786d956485d07134f9dd10ed284338503f08ff7aad16833cf034eb955ca34e1faf35a8177ccad1f20c75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 79a71e3f5741e7d67349043a8c1bdbb5 |
| SHA1 | 55e7b29c772ba660db8aec0b5bc10993997fbf29 |
| SHA256 | 9972272343d6d62ba3a75823d71d5aa8af6ffa08ed40aca44091a72f985c0dc3 |
| SHA512 | 5cc36f849bd0f1a6ba50a1015a3ecbf2fae300cc0ded0aa2b3ffcdb49d23f54ee99bfa353030be434a0dad30123bdfd658c1fca5f6d038db52f0d9f3419be2e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1019df54d7efb3f6e1f338f13856057d |
| SHA1 | 203cc2159946fdb1e2fd02da79886f2593eb62aa |
| SHA256 | b478d8d9c906c95dd1b4a697abeb30e45513a844576d189af7bac1769ee8b8f9 |
| SHA512 | 247e52f4eeeffef7deb5782cf4ad997988b530558ee411f4b3759e7d90d441f8574596caf9d28da182b446de3c05d3761b94c8efc3864c2d1ed82c4818187208 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3945da9dca64a7dd3320fd9574187549 |
| SHA1 | 64ee3c74d20dccf5d00b902a7350ad76128ea9e2 |
| SHA256 | c6b72c29ba85ce0dc5c9c9627968c6ce28640a4d047118485409fa32ea0d0638 |
| SHA512 | ec0cba51bebf1037b5f0e3054e3554d7fed5cd70dd834f503da2bc9ed113088cc51f8e1d45afcc7fbe001f4bba7040c4d291e785b73e701f8f078e9d7f36a9d9 |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | 7ec019d8445f4dcdb91a380c9d592957 |
| SHA1 | 15fd8375e2e282a90d3df14041272e5ac29e7c93 |
| SHA256 | 1cc179f097ee439bb35a582059cbc727d9cea0d5c43dfaa57f9f03050cfaea03 |
| SHA512 | d71a79091fcc6a96c24d95662a18cc24145b9531145ef0bcb4e882c12f5bb5ca6c7a9b9e50024c9c0bf4cb6bf40dca7627cecbfddd637142d04a194e1956ae9b |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\cryptography-36.0.2.dist-info\INSTALLER
| MD5 | 365c9bfeb7d89244f2ce01c1de44cb85 |
| SHA1 | d7a03141d5d6b1e88b6b59ef08b6681df212c599 |
| SHA256 | ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508 |
| SHA512 | d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Asmera
| MD5 | 86dcc322e421bc8bdd14925e9d61cd6c |
| SHA1 | 289d1fb5a419107bc1d23a84a9e06ad3f9ee8403 |
| SHA256 | c89b2e253a8926a6cecf7eff34e4bfcdb7fe24daff22d84718c30deec0ea4968 |
| SHA512 | d32771be8629fb3186723c8971f06c3803d31389438b29bf6baa958b3f9db9a38971019583ba272c7a8f5eb4a633dfc467bfcb6f76faa8e290bad4fd7366bb2b |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Bamako
| MD5 | 09a9397080948b96d97819d636775e33 |
| SHA1 | 5cc9b028b5bd2222200e20091a18868ea62c4f18 |
| SHA256 | d2efac4e5f23d88c95d72c1db42807170f52f43dd98a205af5a92a91b9f2d997 |
| SHA512 | 2eccf2515599ed261e96da3fbcfbab0b6a2dfc86a1d87e3814091709f0bfe2f600c3044c8555ed027978a8ae9045666ee639a8c249f48d665d8e5c60f0597799 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Douala
| MD5 | 8244c4cc8508425b6612fa24df71e603 |
| SHA1 | 30ba925b4670235915dddfa1dd824dd9d7295eac |
| SHA256 | cffeb0282ccbd7fba0e493ff8677a1e5a6dd5197885042e437f95a773f844846 |
| SHA512 | 560c7581dcb2c800eae779005e41406beaf15d24efc763304e3111b9bb6074fe0ba59c48b5a2c5511245551b94418bbc35934d9bd46313fcc6e383323056668c |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Gaborone
| MD5 | b77fb20b4917d76b65c3450a7117023c |
| SHA1 | b99f3115100292d9884a22ed9aef9a9c43b31ccd |
| SHA256 | 93f19e9551d58868ae5820752d2c93a486124c364463dc9c9489d0458f8bc682 |
| SHA512 | a088c2a4c7d72717257c3125c7c2aca28463d68306ea452afaad75b8a0f9e5730a8d9c430d14668809717a672dc63c4816762acb046b339da662da421a6d65df |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Africa\Mbabane
| MD5 | 049a2b9b24bbd0cfad59a06f8e813e13 |
| SHA1 | 65c0d4ab314cb72b8d8c768e3d0c3218848b61f1 |
| SHA256 | 6c1bcc752668e77585a308ae8543bd0bccd8e813865626e809bf94f3fe3d977e |
| SHA512 | fc9b86e23d12a6d013d98b8be6146317d9267732d87560fd175758c12e4606da662474bbd801ec14dc99213552d5ba00053952d6529fa34712fa0819ad0364bd |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Aruba
| MD5 | adf95d436701b9774205f9315ec6e4a4 |
| SHA1 | fcf8be5296496a5dd3a7a97ed331b0bb5c861450 |
| SHA256 | 8491e557ff801a8306516b8ca5946ff5f2e6821af31477eb47d7d191cc5a6497 |
| SHA512 | f8fceff3c346224d693315af1ab12433eb046415200abaa6cdd65fd0ad40673fdddf67b83563d351e4aa520565881a4226fb37d578d3ba88a135e596ebb9b348 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Catamarca
| MD5 | 1342337c1ba29a36342c5f9f8df09898 |
| SHA1 | ac9a4e79fe5a861447c23d68cccb35762d5f3aa4 |
| SHA256 | 7621f57fdea46db63eee0258427482347b379fd7701c9a94852746371d4bec8d |
| SHA512 | aad5259d1b7b2b7b88c43d43e42936ed7227cc232614be13565c830105497f97f23711ae042d77d1ea3393e9423f3683cbb2163675160722242e7aca667bb8bf |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Coral_Harbour
| MD5 | 0972a9c4c28bf71eeab5f0bac573cdbc |
| SHA1 | a94fbc2d567e41723f03629b6c9a864260108a17 |
| SHA256 | 91ac80fe976931c490d058c8ce8b5d71ffa6d4961f6ca13ea9c153f0b0bccea0 |
| SHA512 | ece548f7d840a588523aacddc93891e0dd300390f79de063e60074e00a92ae33a8201642b841ff868387f1ac2188c485cce941d83c7a3617d27ac286dbcc0c17 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Indianapolis
| MD5 | d006fe381417eb507316edde462e5679 |
| SHA1 | bbbc8e6ed142fd6ed7c4c648932e9765decbc302 |
| SHA256 | 1ab36e6f5ff7526e5087aef03b1e7cfd3100cf87f001e025936025313540fec2 |
| SHA512 | 72a8972a3b498ee61a6b67f5dd539b593961fd11d7ffe66b99c772dfa378d514cbad0746657d512f4ebd2edcf9403c651229d07bcfd630a61fe1ed674cb2197c |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Rosario
| MD5 | 6b5ab25d6c67149b565e4b62ea6d07bd |
| SHA1 | 04f2815d23c3c63ac6bd204a2935f18366c8d182 |
| SHA256 | d57a883fc428d9b3d1efdd3d86b008faa02db726e6c045b89acec58d903961fc |
| SHA512 | 521820194f3e1a7dce73498ec37937214b8a168c414c4a4e0e0d77853efe928fa86d4eca30aabf438a3a910bd0e20dd3c46461cb7eb7d0f4704e8d452165d63a |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Tijuana
| MD5 | f62f2b82ca05aafdbf7df7dca812df80 |
| SHA1 | 039fb0c1f7175007ba07175b37a32878ac96968f |
| SHA256 | 3871edbf2dc9ef4cfac2f2811e03ea3049c6b3a497a7c7e47f4597f5988e3839 |
| SHA512 | 7db3d0e84955d8c21de8c6d6c17d2f64a452b9d2266f65e1e1c7f2304ca30f2e07d65746fe59ac5d0187b08cd20549e63601b6aa19330a66c51b1ef4064a3b84 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\America\Toronto
| MD5 | 44a2dd3cb61b90aa4201c38e571a15ba |
| SHA1 | 73f6ad91b2c748957bdaec149db3b1b6b0d8ac86 |
| SHA256 | 820392cdb1e499f82ef704d0ccfd0c50ab2b28c6e0bdeb80793861d5e165d5ad |
| SHA512 | 11ddb971c65c2f4ecc690ef685163f2972c089660f4778997964d89113a403030927edbb2ed397b81cf61bde9276add6a43ee8ee92dfa69a6d102b035fe9f01d |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Harbin
| MD5 | 09dd479d2f22832ce98c27c4db7ab97c |
| SHA1 | 79360e38e040eaa15b6e880296c1d1531f537b6f |
| SHA256 | 64ffc2e43a94435a043c040d1d3af7e92d031adc78e7737af1861baa4eeef3e6 |
| SHA512 | f88ae25f3f04c7d5d5f98aafecc03cc7e4e56f1cd4c8deba6afd043f0fb7fe67b4d50e4df5493e77c6b34ba183e019442e736a13f784ba8c2847c06fd74ff200 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Kuwait
| MD5 | 310d07841066a98eddcc7d3813ec2786 |
| SHA1 | bde5a629fdb78b40544b8018b2578f0b085045cc |
| SHA256 | aeaf4a3e3f25d050679ca9fddd690c780d489e036d4f3939fe8578b04661738c |
| SHA512 | aba447ee023e8dc32da7bb14674c0554686e7a017ccf23091c6cb39a68079ebdfa16adedbb3e882b8605e411cf727f297223e6cff9be3c2ff99367a8037fb25e |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Asia\Vientiane
| MD5 | b6cb1b97eb7b7e587f17b7dd9301045b |
| SHA1 | 5c81d559f702a0239d5bf025c97e70b2c577682e |
| SHA256 | 798ab4be1f3d3758f4ebd511a10bed06ed277446a5e853ebb5b17c58228aa43c |
| SHA512 | b32e4a6b3f7b88a4b2dd2b77eceaf9ac1e1c06c9a06b8473a4acb88d98bf03c59236212d936866865e32fccea478f06cebb3f8cb60cfc3f6f1a579bd1ae946bf |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Australia\NSW
| MD5 | 44cc3e944fdd50314de398d0aed2bd8e |
| SHA1 | ca9f55088c536a5cb6993b1a5fe361c0617bc4fd |
| SHA256 | 42c3857585b16db2f8ffd47ba19faa60f473340de8d4fe9320ea7be861605906 |
| SHA512 | 33f9b04997fc4d3a207e7905029886110f455934f87d6820d7ec8f901f6b65700f69f667991d909d09d73acfd3bdeca9d077e3fa74f1f3a0d0edf9bcf871dfb3 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Australia\Tasmania
| MD5 | 8b19c5bc1dc3b7baee99a3528d2bf3b6 |
| SHA1 | db8884f4beb55ae0c292403cdb8ffc47c18effcd |
| SHA256 | 18b412ce021fb16c4ebe628eae1a5fa1f5aa20d41fea1dfa358cb799caba81c8 |
| SHA512 | 3b6ca88f06374f4c0f95b3cb9c62720a1a71491280b2d1f39938fe37e999e4685865070dc4b4c941a65ecd0f61c3c2e1bec15c153ce43a682f81134e4dc9b60c |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Brazil\Acre
| MD5 | 103eb03cddced65a327ace0ecaf78ef0 |
| SHA1 | 23649fa3b661b1a7b1332e38479d24bcdb4e902f |
| SHA256 | d7ba27926f0ffd580c904ae32bdaebd2ac0d9e2eeaa7db6071467dde0de5b4eb |
| SHA512 | dec8dc175c36b1a73ccf7a3524a1779fe1770832c21eef88f86c4b4b6e793d22b318173deaa5a85fc9969554dc486cec05bd4100466090438d9bc4660fcb0a3e |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Etc\GMT-0
| MD5 | 9cd2aef183c064f630dfcf6018551374 |
| SHA1 | 2a8483df5c2809f1dfe0c595102c474874338379 |
| SHA256 | 6d9f378883c079f86c0387a5547a92c449869d806e07de10084ab04f0249018d |
| SHA512 | dafa0cb9d0a8e0ff75a19be499751ad85372aafa856ff06dd68ecf2b1c5578bb98a040becaecf0aed2c3e4ff7372ff200fe7614334756d19fe79dd61c01d4e92 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Etc\UTC
| MD5 | 38bb24ba4d742dd6f50c1cba29cd966a |
| SHA1 | d0b8991654116e9395714102c41d858c1454b3bd |
| SHA256 | 8b85846791ab2c8a5463c83a5be3c043e2570d7448434d41398969ed47e3e6f2 |
| SHA512 | 194867d0cf66c2de4969dbfeb58c775964ecb2132acdc1b000b5ef0998cefde4a2979ffc04ec8b7dcb430e43326a79d9cedb28ecea184345aa7d742eaf9234ac |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Isle_of_Man
| MD5 | 3d9add8c0dd4f406b8a9ad6f1219fb95 |
| SHA1 | c0b30d0940f65b8819cd6628d0670784dcb6b344 |
| SHA256 | c69d3cc15e384d932601d06aa69b6d0c285001bf2d44dd3719c121b7df5162d6 |
| SHA512 | 9c82987fa7919fc333f3f04b309345b91240fa60d205a144b6ca10fcb586fddc3e9725e71da5a588eddd21bf99265dfe1495bb16df4367a82df57e103a324c78 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Oslo
| MD5 | b14df1a5f5e982e5aad07468ef6890ad |
| SHA1 | d8838a66441249a79ab65c959eff3dbd379a1a06 |
| SHA256 | 51d0844618f5258a71de88e68a5691a32568478a8c035f8f12fea11b09e9b090 |
| SHA512 | 9af8dab36bb648939594c9f67327f43c612b8912bdf523d59ee22158de7de99ced88a39979d853c0f26c17617f7a44ce5113ac519956a40b7aedc9a861d8dd61 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Podgorica
| MD5 | 6213fc0a706f93af6ff6a831fecbc095 |
| SHA1 | 961a2223fd1573ab344930109fbd905336175c5f |
| SHA256 | 3a95adb06156044fd2fa662841c0268c2b5af47c1b19000d9d299563d387093a |
| SHA512 | 8149de3fd09f8e0f5a388f546ffe8823bdcda662d3e285b5cebc92738f0c6548ccb6ed2a5d086fd738cb3edc8e9e1f81c5e2e48edb0571e7ea7f131675b99327 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Zurich
| MD5 | 2da42297275a23b4a6b99702cf995583 |
| SHA1 | 782d7d6812933a263ebfff012a0120d480071b1b |
| SHA256 | 2b9418ed48e3d9551c84a4786e185bd2181d009866c040fbd729170d038629ef |
| SHA512 | 68837833426fe905b74a9364496c572e3157c0c7cf179688e7facb7370fab3f01edf08421998dade9023c6bc17ab9b84eef2154a0ec83a8f7b85992bc9b88d1b |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Europe\Vatican
| MD5 | 0854fdfdc75ae977fbfacbcf91373305 |
| SHA1 | 645c9273e893a40dae3abba06edb5c9ae6f81bd9 |
| SHA256 | f97e45fdddc3cf49014568944d750df9f81e0876d41072da68723010f6447544 |
| SHA512 | 86f972715b93d2531283a11cf1c0a29bca28d65098dec823ba923ad852251802c85c49d08d1e4997141b0469914dfcc24e79149d1b40b23264063d3228f1a02b |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Israel
| MD5 | 570f4cd5d0ee9ebe57259c7ded62de1d |
| SHA1 | 89e42d27cfb78255ae18ee02f5a4c8e3ba57dde0 |
| SHA256 | 254b964265b94e16b4a498f0eb543968dec25f4cf80fba29b3d38e4a775ae837 |
| SHA512 | 6b89b8e78404ba60b8cb2c4bf1b22482968cf07e1d87c43f10205f915fa56d1a1bfc67ce89a84e625d625766fd1fe001d96070c74654e58c420eb3ae3ed07406 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Navajo
| MD5 | 19227bc675e2571ae222314e661e3e6c |
| SHA1 | 1605d96fc5764f101adc3151d3a8a0345508652e |
| SHA256 | ebfc8fa35fe6be7b7d0e0a4fcebd10747b2376c7d41ba00b9da8102cc2f50d23 |
| SHA512 | d3ae1f7aa3ed19427052a27be2797712b72e67bdc608c7fe4bc4e82b4fc57a6bb3fe65624c751e176757b485c353178afa88f01b549fff376071b8f35d25cef9 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\NZ
| MD5 | 77332ae81e8f657034dd1e92e77716f1 |
| SHA1 | 78d4d3a481c49ab7ff31722bced30e1c31e8bc98 |
| SHA256 | 8000e3a323e8fd0212414e9426b020707a771c368ca0e151747f9ddb7b814b27 |
| SHA512 | ddfc24fd77bba175c9365bc4683260fe5d66c03c4f6035d9c74273a19ccc4e1733af4ead7cb9927bb2b6406cd2efabfb4457c2d2d12027600f0938b989fbf2a0 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Pacific\Samoa
| MD5 | c14f2b93f0df81c20caa20bb4cac3773 |
| SHA1 | 4c388c7f9a7700517fc6577943f3efe3bdddd3eb |
| SHA256 | 7c262b62985863aad47f13b0ef5db2e5cc917b5d38002de9a2ea83ddb0883458 |
| SHA512 | de7fad8c156a159afc0422e2622096182c8e0f284e0971963f9793042983764de331e3eca316ce9d2f30c6adc9e65ac99178cea62ba7f119f2a99c8318e7be4e |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Pacific\Yap
| MD5 | 241d697eee1307dd6dfc08a11f171e59 |
| SHA1 | 84bd517076992c1ab829d16577327e8c1873fc28 |
| SHA256 | e886032958ae4430bf455c750093b16b35444fa719b5dbff2c513ac5bb4622d2 |
| SHA512 | c50689b85e0def9ba584aca2d9fccee49ea3125cd7c4474d12cd7d6782e64fd0aa64d6a51757bd19be8615679dd2ac848f90677f36cabec9fc0b720c813027bc |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\Turkey
| MD5 | c9a38ba69f382895c76b041da1d8e40b |
| SHA1 | df6cbece3d9afb3aedb44e131b6e68a6cf74ca8e |
| SHA256 | d92d00fdfed5c6fc84ac930c08fa8adf7002840dbd21590caf5a3e4a932d3319 |
| SHA512 | cd85c8838e7f67a482252b0f3d35161f191cfc25f2a5e1ed6d05a2ebdb5c378fc7447ab362b8ab95861a43db3fbb095f0f1f7f0cd3bb6efbc2d4a7275c9fcf47 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Arizona
| MD5 | cf35f572aafd957e09aeb94465607e14 |
| SHA1 | 2a602f28796917b134dcb2bb57cc4ad958940405 |
| SHA256 | 9c43b060e9c6c44370f735bc9b9d0f1b16ed55f4eb5f7418028e31e0b80e2df2 |
| SHA512 | b031557b697eb2879182dff02896d7ed9356e7f93686a8a49716eb8051a7ab1a43110df4f8b6e972240e42347506503dac83eafdd5191b364ed973ec05df279e |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Aleutian
| MD5 | f43102c06ca5450a97e9467f49bed36a |
| SHA1 | be58a7c839146fa675eeb6dad748c08d0647542c |
| SHA256 | 201d4387025000a6e13c9f631cb7fccd6e4369dec7224052f9d86feb81353a53 |
| SHA512 | ba8cdb793975054121eb8284fdf41336428778e4b856d176ed8e55f16eab6b520a6bb42db2e36b81684589a46b3363e41681916c5c5a27a3c56b675fdf9b635b |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Hawaii
| MD5 | 4e7fd88341bd37b660769d4583914ac2 |
| SHA1 | 5d5313bee3a467f7b5311b263c7d38b52f182164 |
| SHA256 | 7f03d1bf5264e7ab023a2ef9b997ddfc8cb6936692407c770762b9c549523f33 |
| SHA512 | 0d7a0a3aab195c1b8c5b58793f78182fe9340193434b95541c93caf0b9860e2e1c07bc77cb62424657feb8f193a5da55df77fdc52e730638dc7d4cc673eb6a82 |
C:\Users\Admin\AppData\Local\Temp\7zE89E8D249\Vape Crack fix\fix\pytz\zoneinfo\US\Indiana-Starke
| MD5 | f21a138cc4c7ed21940f57b3172a4021 |
| SHA1 | f8a312b32af4e9074f4f68955ce2af41a8bdd6ca |
| SHA256 | 06200b4a18e238b835a3c98c4562758f24e526482fc33b5eec1f5648ebd350d8 |
| SHA512 | 11c3cca68bca7d816e73b250b3340005fec6a9c2ef3395a3eed628a08bac215e18394db4eb9d5730e7b7de11c2ae8298acd9ce9d606197200822c4e9198d8f60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 05d3e0895bc1c22b9e7e5f191399cb4e |
| SHA1 | 0c95f7d8be7461fb6133634e1607966cb5ac1cdb |
| SHA256 | f635025ea31be3f94daefcb4fe8ae31a0e5787c87aa5370a3d254a2d368b0440 |
| SHA512 | 16d2b49631553d2e35d200cf6c7c4be0ed56d4c8c14eed6f09ae33ee4dfb245b02330682f2393c22a5ebe9cc74d702e0c33ff1cfddf352087b05dd544b46d8b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 887c60452ecc8e7e2c324e18474d0157 |
| SHA1 | 915e3b7379e86c8ce372703b0e37ff0fd94c1c9a |
| SHA256 | daae3f97cbf9c5f8c0ed8a539c5bd82e89827a9d967c1bfcb198808dd784021f |
| SHA512 | 1b721756614f040b5da1ce8b1925a2884a310bffe8ee37795f933f2d9be070ba6e56cc5a49ad4be4bb4816b95f848ee248052d7e44be711464f8d586e69e8098 |
memory/2232-2570-0x0000000065FC0000-0x0000000067E66000-memory.dmp
memory/6528-2571-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp
memory/6528-2572-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp
memory/6528-2573-0x00007FF6BAB00000-0x00007FF6BB7EA000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ff97b748fc48fde663e0f95acc5a0744 |
| SHA1 | 7fd3f462cd922e93a136ac4d3e74df9c1dfc1745 |
| SHA256 | cca2b6e432aa929a006aa67db68bfb6a63932f3dd6d70904a55ded99ccaea2f0 |
| SHA512 | dec04a1f1dff739fc3364b7501dbc1df7a97aaa5e26f1288ddf972c10c46641ebb4893aec82d3f995585eb58d7b8dd4a1f40523e6228830603962c8bb99c3e40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f7cfca2b6f7a13f9c4213bb0fa54ac58 |
| SHA1 | fb3ccc3c6392d3e359a13d0a392909d1ea3b7829 |
| SHA256 | 76eb57412f1a3f6d156227bc8e7f65474a9681a0e9a5517c0bad3376ed35bce1 |
| SHA512 | a83435b3002d3a5da8a55cd79c2f56a38b3c29186c9a3b3c3a7471661ff019a752f0a51004cee61c3149fc7ff68b226f6e7be27a403a0c60c4e8be7aff249442 |