Analysis Overview
Threat Level: Known bad
The file https://file.io/2HcJfRg1SRN9 was found to be: Known bad.
Malicious Activity Summary
Quasar RAT
Quasar payload
Downloads MZ/PE file
Enumerates system info in registry
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-28 01:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-28 01:50
Reported
2024-06-28 01:53
Platform
win11-20240611-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Quasar RAT
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 551268.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://file.io/2HcJfRg1SRN9
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffee2eb3cb8,0x7ffee2eb3cc8,0x7ffee2eb3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1812 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5020 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004DC
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1760 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| GB | 18.245.218.91:443 | www.file.io | tcp |
| US | 151.101.131.42:443 | hb.vntsm.com | tcp |
| US | 151.101.131.42:443 | hb.vntsm.com | tcp |
| US | 151.101.1.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 143.204.176.17:443 | cdn.exelator.com | tcp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.167.233.64.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| GB | 52.84.90.40:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 52.72.95.134:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| GB | 89.187.167.7:443 | load77.exelator.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.95.72.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| IE | 54.228.55.244:443 | s.cpx.to | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| DE | 91.228.74.200:443 | pixel.quantserve.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| US | 104.18.43.178:443 | elb.the-ozone-project.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| GB | 18.245.187.41:443 | rules.quantcount.com | tcp |
| IE | 52.215.105.210:443 | track.venatusmedia.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| IE | 54.228.55.244:443 | s.cpx.to | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.141.153.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.187.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.105.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.228.220.67.in-addr.arpa | udp |
| GB | 172.217.169.65:443 | 9dc24687e3eebe3f1ade2a8b1b71564f.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| US | 23.220.113.164:443 | tg1.aniview.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| GB | 143.204.68.53:443 | ib.3lift.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 2.16.106.147:443 | feed.avplayer.com | tcp |
| GB | 23.73.139.56:443 | content1.avplayer.com | tcp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| GB | 13.224.245.126:443 | img.3lift.com | tcp |
| US | 8.8.8.8:53 | 147.106.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.45.240.172.in-addr.arpa | udp |
| GB | 23.73.139.56:443 | content1.avplayer.com | tcp |
| GB | 23.73.139.56:443 | content1.avplayer.com | tcp |
| US | 23.220.113.164:443 | tg1.aniview.com | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | udp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 23.53.112.216:443 | acdn.adnxs.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 23.53.112.234:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| IE | 63.35.249.114:443 | ap.lijit.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| FR | 164.132.25.180:443 | ssbsync.smartadserver.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 34.231.72.174:443 | ssp.disqus.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.231.72.174:443 | ssp.disqus.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | udp |
| ES | 23.60.223.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 216.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.112.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.249.35.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.25.132.164.in-addr.arpa | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| GB | 18.164.68.59:443 | api-2-0.spot.im | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| IE | 54.154.253.138:443 | ad.360yield.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 54.164.16.2:443 | sync.srv.stackadapt.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | tcp |
| GB | 23.73.139.56:443 | player.aniview.com | tcp |
| NL | 64.158.223.137:443 | equativ-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| IE | 63.34.117.50:443 | delivery.redpineapplemedia.com | tcp |
| IE | 63.34.117.50:443 | delivery.redpineapplemedia.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| US | 64.202.112.159:443 | b1sync.zemanta.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| US | 64.202.112.159:443 | b1sync.zemanta.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| DE | 18.193.153.32:443 | match.sharethrough.com | tcp |
| DE | 18.193.153.32:443 | match.sharethrough.com | tcp |
| DE | 3.125.126.125:443 | optimized-by.rubiconproject.com | tcp |
| DE | 3.125.126.125:443 | optimized-by.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| DE | 18.193.153.32:443 | match.sharethrough.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 2.16.164.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.117.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.126.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.153.193.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 96.46.186.15:443 | track1.avplayer.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| GB | 108.138.217.48:443 | hb.yellowblue.io | tcp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| IE | 34.253.118.168:443 | match.prod.bidr.io | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| US | 44.196.209.172:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| NL | 35.214.226.31:443 | csync.loopme.me | tcp |
| FR | 142.251.37.35:443 | csi.gstatic.com | tcp |
| FR | 142.251.37.35:443 | csi.gstatic.com | tcp |
| FR | 142.251.37.35:443 | csi.gstatic.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| FR | 142.251.37.35:443 | csi.gstatic.com | udp |
| DE | 57.129.18.111:443 | wt.rqtrk.eu | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 89.149.193.101:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 89.149.193.101:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 35.214.226.31:443 | csync.loopme.me | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| US | 151.101.193.16:443 | m.media-amazon.com | udp |
| US | 151.101.193.16:443 | m.media-amazon.com | udp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| GB | 108.156.39.62:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| GB | 108.156.39.62:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 54.164.16.2:443 | sync.srv.stackadapt.com | tcp |
| US | 44.214.226.155:443 | i.liadm.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| FR | 164.132.25.180:443 | ssbsync.smartadserver.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 34.253.118.168:443 | match.prod.bidr.io | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| GB | 108.156.39.126:443 | s.ad.smaato.net | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.153.141.129:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 151.101.193.16:443 | m.media-amazon.com | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 35.156.158.169:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 35.156.158.169:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 18.244.122.174:443 | m.media-amazon.com | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 196eaa9f7a574c29bd419f9d8c2d9349 |
| SHA1 | 19982d15d1e2688903b0a3e53a8517ab537b68ed |
| SHA256 | df1e96677bcfffe5044826aa14a11e85ef2ebb014ee9e890e723a14dc5f31412 |
| SHA512 | e066d74da36a459c19db30e68b703ec9f92019f2d5f24fd476a5fd3653c0b453871e2c08cdc47f2b4d4c4be19ff99e6ef3956d93b2d7d0a69645577d44125ac7 |
\??\pipe\LOCAL\crashpad_3352_JMQUPRYPDORTCDKP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f717f56b5d8e2e057c440a5a81043662 |
| SHA1 | 0ad6c9bbd28dab5c9664bad04db95fd50db36b3f |
| SHA256 | 4286cd3f23251d0a607e47eccb5e0f4af8542d38b32879d2db2ab7f4e6031945 |
| SHA512 | 61e263935d51028ec0aab51b938b880945a950cec9635a0dafddf795658ea0a2dfcf9cfc0cab5459b659bb7204347b047a5c6b924fabea44ce389b1cbb9867d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 299935416a68a41c316b9b9879900cff |
| SHA1 | abf11c7e50fffcf4682010ba46ffdac77920e042 |
| SHA256 | 8402fba406b7ad384de0f0534ce0fa40b60fda7a9b619bfcd0baa316a5a44f0d |
| SHA512 | 2a97f3ff5882dc7dc95d62a8df5e164d6dfd3b9a6cf158d1fc77f3f8fd0714a740a9df002f4b74a8fef65a4fbd469c66ff8a4b9a8df82b9a4c588ee62a35621c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 17cd67763ec12314a5dfc7f18146ae06 |
| SHA1 | c46a586a532894f1b1974bc5023fe49c40e6d964 |
| SHA256 | 14755767aeae9a6f1f9bc6ffff9edde9b2774446c8d7c2ecca4ceedd475e44ef |
| SHA512 | 20ebb07c042b94434f2cb223f9a1e895f2970d189f06d77f22d97f52403535bc627e760b00b733255b5f783272b73a7b7caabfc84f566495c3ecb4ec3537e95a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f33809094b5ff4a3cc22ba7bba91c35a |
| SHA1 | 7a5c7262007a43a1b5345335684efff210a25d87 |
| SHA256 | be92c500b929d10b42f9e48d04cd04796dffa9ca07346da55aa92e92ecde2431 |
| SHA512 | 7ae709b570de838c4d83e4a9f23368b4fd1047a97daa0f8b7920b08009b793774f549d1b07ae7e0b198c7cca247c3434f8901e6511e3900da38a4ae36cbcbfe6 |
C:\Users\Admin\Downloads\Unconfirmed 551268.crdownload
| MD5 | 8b6ea83a3c031a60b36324a02fb0e610 |
| SHA1 | 9716678978d300443d3cc2a757410489c5c10760 |
| SHA256 | a847f4126ae5f0d337e772adfae8e9a2c95b6056e6153f36c5f36f93105f84ec |
| SHA512 | 02944ec71aa93e7db557baca37fb569170cf43a0f25b95e21843cec6bd59d2773cadefef49d68ea7065808024e91f5ff374a355f422e9f48fd2ae5734cbb292a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 4322f0449af173fb3994d2bef7ecb2e4 |
| SHA1 | b6ee5c6f76b8eee448f6b4b2b56fa1ec39653934 |
| SHA256 | 0502e6e2f3fc54a30dea0eb07eb19a395c7ea6fc273321a49a4cc977a59b7cc9 |
| SHA512 | d8bae6131a5a8a1fcabb2d7efebc6cdbba27955fb77484a5d87dbce7a237c0cd5e19b74b4dad28312929ad732d3b80cf3d7f15f059c88438d0bc6ff9535ceeef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | 9a23e02c51224896115a872ee5f62800 |
| SHA1 | 447ac79a43947ca2519a6a9e4d63333c81156c06 |
| SHA256 | f6acbc67934394aa13122f6cb281e96a0765dca464725108b63b046da126831b |
| SHA512 | 9d1e4546a4ced1959212bd1c0f0f8f8a09e6d69b85db5d9cd0172c614745c46143b269ac9a47253fadccfd5834f2db03d35398db16419607b4e749fbd8938321 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b764bf7f6c950693f66e9a90410ad558 |
| SHA1 | b80a6438921a9975873224421560840c6f9768d8 |
| SHA256 | 8a783b4f9490af9663102c0f675f6139bb62ab3ece9cfecdde92d048e35f2a72 |
| SHA512 | 2a53b7b0153684c5326f6ae881a9d1fa881c731d52a459bd8aa0003817c46058d994b4c666cf0d527c2740c563a4da640d0a3c599d51cc9a0b827fa0fd6bd721 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9d2c485174efac4bf7685e3e6a1592cb |
| SHA1 | ffbae88e10dacf1f6a3729a9b729d11338161251 |
| SHA256 | 499c5e9269c1a0b63d0e7333d15de609cc00d2848ea4ef54fd5d7bbc362a5278 |
| SHA512 | be7946e6e08a166d95b0b191b85402fcdaa3842eea93f7c95951575b1e687025e2ea4bcdbe5bfc6cf664377f1e225513969aa53f50f664bca8538ef12a826d2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cdef.TMP
| MD5 | b67cee510139a5c75a5fbfec6eff7b72 |
| SHA1 | 273a40eb61ff8a054dae0bea898c2cc0f848ee2b |
| SHA256 | 342f4112a1958cec7c52d7e33b37c364bfce24811185755f155dd955fb8020c6 |
| SHA512 | cc7e683d6b31d544805820306145624a8bc71a76d4dd2deda58f8212fd0387c10912f86873d0ddfbebaf9d23cba631702beeb72caee582043ef591ec073be5d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c0b6f9d126be0d5d8505b7c423b62e5 |
| SHA1 | 959309bc98c49e52f52c80597774605c32ae77b6 |
| SHA256 | 63bf11323c4b88d6685280e2b5e7ca9e5defebab58ca00b9677f1e81bcd0565b |
| SHA512 | c49f31d523fefce9e41d697af94c378dcadf6c01bd4161220e57b23d6616d706adb8996e0173d6c940f3a012de73294fea9cfa60c4f9a4b2bc01a94f36c40e1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5e42077b85df235_0
| MD5 | 60d3613a3bd520dc5e12fbc1efe0a304 |
| SHA1 | 83a0aa760f9a635581681ddfb2867b2c44709fcd |
| SHA256 | 1abed51c47bec536b5529a7ea7fefb157729ce8fd4f9ba99086eb8bb437bfbf7 |
| SHA512 | ce7b3f1bd219a80e5471e57b8b17957e728b1f0be4e6fea4cac2c69fc731087ae4695f80e831f405434e0207a0c4feb369c7c4bea3dca2e67d6536bd5dbb4055 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | 40faa0c4150091170644046bbe98ca75 |
| SHA1 | d07b30afeaad31c52a1e9dcc2b5362065cc46625 |
| SHA256 | c3973eeb11e12431e06d1ef84661ade738e2f9d653e09bb1882dfdee5f887158 |
| SHA512 | afa3bf63f9211982ff39b058d0dc8b5ade5339ed68615df5f0c16477dac454897dc1d61e67d78ef1191c1f5859407828d297a5102ee7f28addd10449fd07c85d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c27ee838b6936d7026901f1a5eac5e8d |
| SHA1 | 3572130f89bc43661e7428e44f1a7aa873e1df6a |
| SHA256 | 50dff959dc956f20c24381ae5454f396c0b7c02c75f90b01ed665046045102ef |
| SHA512 | d8b9341c0b3acf7de370f960a84e6863b1d7c23e31b5957c9de9d4fbc8fe0d5c8c4fb608eed7abc01d145c5187b7de5301eab77d9eea15ac6dae3e40bd03194a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 10c619f583a0d310d0a4f88196b79d5d |
| SHA1 | b709a204cfb36ff75e8a527ab7bc814c6e8cf060 |
| SHA256 | 34a46fbc8bdd5268e1ac3a2a1a172179391e8882935fdc6e74d88257239d8460 |
| SHA512 | 742cd40725011771ca94457f7eb4460865ffa23c918d661c7a4f8f317499f137cebfddcaad8a9279a230640b9bb4082997504d0293eb1dbbe8680b8d70f32aee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 107f2d10bbc3d6b19625f426a5897645 |
| SHA1 | 0ce49d0c392787c9fb1792e604663d69b3363275 |
| SHA256 | d6e3f59448c5c366254e9fb70cc41898a7cb2238bc1e0bb1c5e9364f94234185 |
| SHA512 | 8cc4126a07642e3ac918eda392207a1b86be471a25573889c189294a2ae1fdcb3adfa8452e0c0db665d95c468c6d6f8a983d6f84a7d643bbcc9780d44dcc13eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 28d098eebe97db1b224e82899b6a7cca |
| SHA1 | 0ad93666b70a35824285fd5ec687598c465cb965 |
| SHA256 | 5c2d7ea6928eb94a9f293b0aa42294b1822e13592f8b0112f47cee5a7dc50bdd |
| SHA512 | b91beecb434f8ccff7ab1d262609ed7d2a79b0c75766a2c6c6578e0e1c7237f49467c95eacf2ef0dd5d3ecaefed20155b784a82e42b69b7978cf10866b31a634 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 279dad77b0626741a9e78215bd9a6c54 |
| SHA1 | 2c94c23d81b1bb6156aa268dd8994ff384feb40f |
| SHA256 | 2e1ddf3a00fef29a064d9e327edd13a587ca24126c7f24b4fe2450ff045aa9b3 |
| SHA512 | 0786ce42ffcdc9289767d033ce3a3b6506378f5742d1d53a8e546ae873e376dff005a696131ea389e37f192efdec11d92f7a1b49af69c0e5fc0cc9925f17c9fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d7b67c80767aed3c74f374777f71e704 |
| SHA1 | 2b9416c3f309872ff4c7e4d1807911422fe8f365 |
| SHA256 | 9755883dc440f89675118d501ead10ad7d0559ef45cb902094b4c3a7ab996e48 |
| SHA512 | 7351126ee9151b6a049203979fc63e3cbe02b9f71055a34022444b032459d88b4298e0a3dc5be56a57fe606f77ecc2c57cdc56f6f3490df6f5184ae5e39c775a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b8771cd1298b4c7d51345a2ead61628 |
| SHA1 | e17e5fab8ec8ca59e51bb0205970646a1ec3df6a |
| SHA256 | 9324f724c6a2521c957dc2ed3c4def7ea62035382a630db529e4594e80176e2a |
| SHA512 | 21c1bdec454c4b317f8d96219c621e26c6e312dc2f48b2c4204e07cb39dceeb08d5654ad1e4659e355971c6981eecbad3b5884eaedfe526596f283144d9809aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | faaabc47285917a13ddf9085ec484a2f |
| SHA1 | ae7e1c9f996abc995f8b889afa538449fdcebb52 |
| SHA256 | 91b82d1cf2c9b5daeeb21a4c6b1774156a0c0e1d246f5bc7397126b358299f21 |
| SHA512 | 412024ec2e53aa9588e90d13dcf0afd8f908166d81489f9cb68d863d53354559a5ea23d5a8a4a81c8731c04988c8b427f59caae3df52ade62f64517a9fabe30a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb0774e1a1c977db_0
| MD5 | 8aa95e745674053d789180420b19061e |
| SHA1 | 1b31ba31d6b4490fe03a69aa9663839fafb2157c |
| SHA256 | 10af2ad95ccb861caaee5841f9166ad14f2c6b89f2db23f941dda2f67e1981c9 |
| SHA512 | 9d37a6402571d69319b7717cb153f5dac3417267bcd39ac73710296be7b17e70f62c464982437626b83272e64936fe357e52d8b3508cb31eb086ca516ccef71d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f5d6e213bd111fe_0
| MD5 | bddb691d12d04f38b42dc8bc98d3270b |
| SHA1 | 3d410701ae2142202ff22eb8fdb4abf021d245e1 |
| SHA256 | ec7473ff9fb6da574debb4bd252aac5663f59496a1f3bc1808e589ae11dfe088 |
| SHA512 | ee1799438736960a1723d455fa9361df3ef05d6cdbc454105463b8b94becf855425f48b6ad8e80250a5f5e91ef7f0512cc91bb8fa7c848aea616504445c03c32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4d386dbc84433b8c_0
| MD5 | c1af4ea89ee0486bb4325e6afd936aa7 |
| SHA1 | de0404ec8be3612bed23713799fdacb3b1664f04 |
| SHA256 | 6a2d0e3b75c952ba7effc5bd50f1305df557379f810c27d4f5ebcbe602bf196f |
| SHA512 | 0658bdfc281906d4a78e8d2584d70e269b9b90e5418a6332515b47ceda119d0e963d5180954de7e36b619c9f1b67af61aefb00aaa84da99d5b34ca8801abf6bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 65a5aaaca1bcc807f71877d2209333df |
| SHA1 | bf2bee700ae3844e8ea0d2a849622238915d0e14 |
| SHA256 | 8e4fa56717bb803bd4828396143d3877f69c9d7ef5bf5c153051dc86791b33e3 |
| SHA512 | b3a939e4455d80d24504b8471cec53fe5d09ef7e1b00a2e804d7698bd1c3a3bc29e9a2cdbd7dbae1b828f68ee85d16669b7cc4d29e278d3b461d6291b91384d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7e540728dbf786aa51371712d637079 |
| SHA1 | 3a7cae9afaa386e3ac27954554b099a8f5d93ae7 |
| SHA256 | 69ddc97b4f7352252e5942972bc3d5bb732b817c5a1db3d1d88ac899367badb1 |
| SHA512 | f1073ea2c4353fd8aae535fe89f89cff4dfc4ba4181e6065e4bc96900432bb7591b3d2aaf1f59a055eddf7d436b51bb00877c60bbb7a4ece5dffcd336c7fe4fd |