Analysis Overview
Threat Level: Known bad
The file https://www.youtube.com/watch?v=31RLLmYnBVg was found to be: Known bad.
Malicious Activity Summary
Quasar RAT
Quasar payload
Executes dropped EXE
Enumerates physical storage devices
Browser Information Discovery
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Uses Task Scheduler COM API
Scheduled Task/Job: Scheduled Task
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-19 16:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-19 16:05
Reported
2024-08-19 16:06
Platform
win10v2004-20240802-en
Max time kernel
97s
Max time network
97s
Command Line
Signatures
Quasar RAT
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=31RLLmYnBVg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8a19c46f8,0x7ff8a19c4708,0x7ff8a19c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5292 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x318 0x42c
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7928 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11580 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe
"C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "javaupdatechecker" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe" /rl HIGHEST /f
C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe
"C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "javaupdatechecker" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe" /rl HIGHEST /f
C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe
"C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,1235904220574919025,1879006166370646641,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe
"C:\Users\Admin\Downloads\ezRip\ezRip\ezRip.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| FR | 216.58.214.174:443 | www.youtube.com | tcp |
| FR | 216.58.214.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr4---sn-5hne6nzy.googlevideo.com | udp |
| FR | 142.250.179.118:443 | i.ytimg.com | tcp |
| NL | 172.217.132.169:443 | rr4---sn-5hne6nzy.googlevideo.com | tcp |
| NL | 172.217.132.169:443 | rr4---sn-5hne6nzy.googlevideo.com | tcp |
| FR | 142.250.179.118:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.181.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-t0a7sn7d.googlevideo.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 216.58.213.74:443 | jnn-pa.googleapis.com | tcp |
| FR | 216.58.213.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 227.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 216.58.215.33:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.201.174:443 | play.google.com | tcp |
| FR | 142.250.201.174:443 | play.google.com | tcp |
| FR | 142.250.201.174:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 33.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| FR | 142.250.74.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 238.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| FR | 216.58.215.33:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| FR | 172.217.18.206:443 | consent.youtube.com | tcp |
| NL | 172.217.132.169:443 | rr4---sn-5hne6nzy.googlevideo.com | udp |
| US | 8.8.8.8:53 | 206.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 142.250.74.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.74.250.142.in-addr.arpa | udp |
| FR | 142.250.74.238:443 | youtube.com | udp |
| US | 8.8.8.8:53 | fastupload.io | udp |
| US | 104.26.2.147:443 | fastupload.io | tcp |
| US | 104.26.2.147:443 | fastupload.io | tcp |
| US | 104.26.2.147:443 | fastupload.io | tcp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.20.95.138:443 | www.statcounter.com | tcp |
| US | 8.8.8.8:53 | video.onnetwork.tv | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| FR | 94.23.186.68:443 | video.onnetwork.tv | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.pubfuture-ad.com | udp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| US | 8.8.8.8:53 | cdn.onnetwork.tv | udp |
| US | 172.67.70.38:443 | cdn.pubfuture-ad.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| FR | 178.33.54.87:443 | cdn.onnetwork.tv | tcp |
| US | 8.8.8.8:53 | 147.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.70.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.186.23.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.30.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.70.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 173.222.211.58:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | ip2geo.pubfuture-ad.com | udp |
| US | 8.8.8.8:53 | cdnt.onnetwork.tv | udp |
| US | 172.67.70.38:443 | ip2geo.pubfuture-ad.com | tcp |
| FR | 217.182.102.210:443 | cdnt.onnetwork.tv | tcp |
| FR | 217.182.102.210:443 | cdnt.onnetwork.tv | tcp |
| FR | 217.182.102.210:443 | cdnt.onnetwork.tv | tcp |
| FR | 217.182.102.210:443 | cdnt.onnetwork.tv | tcp |
| FR | 178.33.54.87:443 | cdnt.onnetwork.tv | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| DK | 13.33.153.189:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdnpf.com | udp |
| US | 172.67.185.239:443 | cdnpf.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 58.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.102.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.153.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.185.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.5.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cf.pubfuture.com | udp |
| US | 8.8.8.8:53 | s3.pubfuture.com | udp |
| US | 8.8.8.8:53 | 360playvid.info | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| DK | 13.33.141.70:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.21.50.50:443 | 360playvid.info | tcp |
| US | 172.67.74.59:443 | s3.pubfuture.com | tcp |
| US | 104.26.4.37:443 | s3.pubfuture.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| DK | 143.204.237.28:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| DK | 143.204.237.28:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | serve.360playvid.info | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 44.195.198.182:443 | serve.360playvid.info | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| NL | 89.207.16.210:443 | proc.ad.cpe.dotomi.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.50.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.141.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn0.360playvid.com | udp |
| US | 8.8.8.8:53 | t.360playvid.info | udp |
| US | 8.8.8.8:53 | 153.161.49.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.36.239.216.in-addr.arpa | udp |
| GB | 95.101.128.202:443 | cdn0.360playvid.com | tcp |
| US | 8.8.8.8:53 | 182.198.195.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| FR | 172.217.20.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | 28.237.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 44.196.94.208:443 | t.360playvid.info | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| FR | 142.250.179.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 142.251.35.163:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 202.128.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.94.196.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 142.251.35.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 163.35.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 44.236.200.196:443 | ids.ad.gt | tcp |
| US | 44.236.200.196:443 | ids.ad.gt | tcp |
| US | 44.236.200.196:443 | ids.ad.gt | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | tcp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| IE | 52.215.197.51:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| IE | 52.215.197.51:443 | bcp.crwdcntrl.net | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| DK | 37.157.6.243:443 | adx.adform.net | tcp |
| NL | 147.75.34.153:443 | prebid.a-mo.net | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| NL | 89.149.193.112:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| FR | 142.250.201.162:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | udp |
| FR | 5.196.111.72:443 | sync.smartadserver.com | tcp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| US | 44.236.200.196:443 | ids.ad.gt | tcp |
| IE | 34.250.59.226:443 | ad.360yield.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 44.236.200.196:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| DK | 13.33.125.70:443 | cdn.prod.uidapi.com | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| DK | 18.173.5.81:443 | connectid.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| FR | 185.235.86.179:443 | ag.gbc.criteo.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| NL | 185.235.87.225:443 | gem.gbc.criteo.com | tcp |
| FR | 142.250.201.162:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.197.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.200.236.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.59.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.125.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.5.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| FR | 185.235.86.179:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.225:443 | gem.gbc.criteo.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | fe250e72b7f840038b485511ed2854c9.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| FR | 172.217.20.193:443 | fe250e72b7f840038b485511ed2854c9.safeframe.googlesyndication.com | tcp |
| DK | 13.33.153.189:443 | c.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | fs6.fastupload.io | udp |
| FI | 37.27.131.82:443 | fs6.fastupload.io | tcp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | 193.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.131.27.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 178.32.210.231:443 | ssbsync-global.smartadserver.com | tcp |
| FR | 178.32.210.231:443 | ssbsync-global.smartadserver.com | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | node.setupad.com | udp |
| US | 8.8.8.8:53 | track.adform.net | udp |
| US | 8.8.8.8:53 | s1.adform.net | udp |
| DK | 37.157.3.20:443 | track.adform.net | tcp |
| US | 8.8.8.8:53 | cookies.nextmillmedia.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| DK | 37.157.2.250:443 | s1.adform.net | tcp |
| US | 34.225.168.224:443 | cookies.nextmillmedia.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| DK | 37.157.3.20:443 | track.adform.net | tcp |
| US | 8.8.8.8:53 | 231.210.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.168.225.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| GB | 2.18.109.233:443 | eus.rubiconproject.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| NL | 147.75.84.127:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 233.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.193.101.151.in-addr.arpa | udp |
| BE | 142.251.173.155:443 | stats.g.doubleclick.net | tcp |
| FR | 94.23.186.68:443 | video.onnetwork.tv | tcp |
| NL | 185.235.87.225:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.179:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | go.trvdp.com | udp |
| DK | 13.33.141.38:443 | go.trvdp.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 99.81.94.253:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | 155.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.141.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | stg.truvidplayer.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | a7244b6825ab7275557664defe8b57b5.safeframe.googlesyndication.com | udp |
| GB | 2.22.101.110:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.94.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| DK | 143.204.237.56:443 | stg.truvidplayer.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | s.trvdp.com | udp |
| DK | 18.173.5.36:443 | s.trvdp.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.220.244:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 110.101.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.237.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.5.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rt.ad-score.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 35.208.216.174:443 | rt.ad-score.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 51.81.244.190:443 | pbs.nextmillmedia.com | tcp |
| IE | 99.81.204.127:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | 244.220.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.216.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.204.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.244.81.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.128.46.52.in-addr.arpa | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| IE | 52.214.160.218:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| IE | 52.209.189.118:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 218.160.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.189.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| FR | 142.250.201.174:443 | play.google.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| FR | 185.235.86.179:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.225:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | skiddinglol209-64250.portmap.host | udp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| NL | 185.235.87.247:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.191:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.247:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.191:443 | ag.gbc.criteo.com | tcp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| FR | 185.235.86.191:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.247:443 | gem.gbc.criteo.com | tcp |
| FR | 216.58.214.174:443 | analytics.google.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| NL | 185.235.87.247:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.191:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.168:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.242:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.242:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.168:443 | ag.gbc.criteo.com | tcp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| FR | 185.235.86.168:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.242:443 | gem.gbc.criteo.com | tcp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| NL | 185.235.87.242:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.168:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| DE | 193.161.193.99:64250 | skiddinglol209-64250.portmap.host | tcp |
| NL | 185.235.87.245:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.187:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.245:443 | tcp | |
| FR | 185.235.86.187:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 847d47008dbea51cb1732d54861ba9c9 |
| SHA1 | f2099242027dccb88d6f05760b57f7c89d926c0d |
| SHA256 | 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1 |
| SHA512 | bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f |
\??\pipe\LOCAL\crashpad_4840_RWMRJTGYVRQNAULS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f9664c896e19205022c094d725f820b6 |
| SHA1 | f8f1baf648df755ba64b412d512446baf88c0184 |
| SHA256 | 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e |
| SHA512 | 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f15e450550d3914c98707239235794d5 |
| SHA1 | 2879ff87861951cc0cbd6f48d786d4262a9430ad |
| SHA256 | 0d961329d9559af2e5e71b17c2badc2d46f15451d5e0f9a9dd76f36d72171073 |
| SHA512 | 7ef30cffcb0b97443b4ccd6c146b52550e0f25e2d7d328e0bc05d23223ccf99ea0e9b71a17d4831fa45e6c4745a5dd6f7431e9b57bfabdadc2342bce46d1503c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 421b8116ed62f4c7fcffa5795734c220 |
| SHA1 | cd8e310ad6755e9afbb3c955b68ae81f3f1b98c4 |
| SHA256 | d8b50243ebe472fd4bd2ea1cbd6925e207837f7d5ff01e7b54d9c25eb2563122 |
| SHA512 | 43b67e3e76ef0b1b9d09396bd57da3740e5b3eefc7ce173e0ccf3aaa9ba62c5a9617532d59cc9bd94c4c12c0a535375cf6f711531e06824d8b77bd1fcdd44be4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5e6cbb136d77a2931b2883a85ccf0ff1 |
| SHA1 | f02cafbb43232a5034ed060c916bb0178bb292c4 |
| SHA256 | 6cad7a5f49fb417b0625921a03fa9e95b505f3e1d65618212987f36ba4962d26 |
| SHA512 | b46c0ec775f8ef00f037b593283a3b7476c12860658f199f694a9402986489d4b4aaee5134f96f40b13df9ac1924a251d50a2765ab86957fb6c1d96e8d0e0e42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7f6f5c617170ed8728e347b71f30dafb |
| SHA1 | 0ae2fc570873bde3897a0e444ab8d36cc7b91e0f |
| SHA256 | ecd408d91584096e450a1ee06bbea085ab60ecb9c93380dde294ee610ad4e0cc |
| SHA512 | b22c28e9a35591bc22d33d3fd372c3d7242cf656b4356b2c7907c0339752b6ae7fc3e3e5093d7e57181c95506619e56e57cc56c363d9c4a540f6dc7cbe60efd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e93dce2325f1fd1e72e21d0f2035af8a |
| SHA1 | c20261c8ce48ccd66cc2d8d501954766d09aaea0 |
| SHA256 | 83ee6201ef62c67b3955e53327438013905c81cd7c6515eb511e5c7d87d253bc |
| SHA512 | 26380e1c1b91516b9024a5cf1f2d0d232ee57f043d5691512de1943eed7fb6351d7f60e9b9c6a2423ec1ca03e472cf1ec58b393c88e9d599c4ee1acf95b8abb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | de54578fb140203772709581ab7aeed7 |
| SHA1 | 635c6caa91462d1b1a325f06dd9820d85530a6da |
| SHA256 | 7ced26247553c42c5d9b09d17ea7ef4d697f62377be544d4fff3c78498e3d468 |
| SHA512 | b6dc28905b1cc7ce6a37048c8a1fb9f1f0eca2e7792e266c256c877602979c29be07e0d93a6233f67009b981e8311e4a850d0cf7298ebc3c2a303eca08d476e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\91ac33a6-8ec4-482c-a261-0f97c9f4b58a\index-dir\the-real-index
| MD5 | 5be7bc31e324b2231ac101ce45e2256a |
| SHA1 | 79f3e35b78b4672ca318cb0090006955d7863d8d |
| SHA256 | a7cd079da04a34bf7f7d30eccd071ebfbbc46146dacf48985d709b96869bd4bc |
| SHA512 | b557f747e2791ac43d60fafd899c47b55381ab509f76ed8df03910b76c00a6c81f8457a7f5c07c9c38432d7feeca3fbdfc14924ad44c79ce80fa7ecaca0cb4cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\91ac33a6-8ec4-482c-a261-0f97c9f4b58a\index-dir\the-real-index~RFe57bb03.TMP
| MD5 | 40250d43f6f0ffbb390fa7221487905b |
| SHA1 | 5979cbd491ccab750da6166f9523e86aac08a1d3 |
| SHA256 | 8575b2ffeb528a030b8a8dd9c51d23049d6926f8a961cd69bc0ff894fdadd089 |
| SHA512 | eef0d768f0f72c49dc2956b703f0444be77b97aeb6db580220e7949f6debcf2252559eab7b55786b924fca7185da1fe645ce0e28dd161e0aa0c86a7979ecafa7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 338e8316137d4ab759bd496ae8eeb3fa |
| SHA1 | f3ecf0200a083495b4ba7112339f2fe05f3ddc0e |
| SHA256 | bf0e93d17a2aac13e683fa466a5a2052b95aff91ec9ec4f880efde8ac89d8f82 |
| SHA512 | 34f7f3ec258682b4f62d0065ae9d2d654146f91b640c3da549ae6fc40409c582932df8e663fb94633d39db6a535920495032c3515ba4e45c9cbec6e7439b08c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8ed6697a-c1a7-4a7d-9bdf-5c34c6148948\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a0ce5f6d6dfeafdb10a539c3da4f2864 |
| SHA1 | 73b52240120c80c2615b5c3449765653139ea967 |
| SHA256 | 57c3a28e5ac1216111bebe6095b0a28326e23fc4196a059f4d8adf2fac4ca3a6 |
| SHA512 | 26360861f8bb1c9da8062ca941f5d72f867ae15c33a560414045601d19971dfde2f81330961ece77fd88a778477858e5af1b7c3876310073098bdff5e8600e1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 907f8482e1bdd222e2ec62ac441db79a |
| SHA1 | 5a7375989e3e338fe0bc880b923d98bdf3335345 |
| SHA256 | 09b44095d31cd4880a9531701a9b1b1cfdf36c9b3341773b23ff4db25920f219 |
| SHA512 | 9c6ff1356ca9ca22eb6485e5c2378b63792a14aae676945ede40bee60f0b846f78944e1c7e9cb5861181937465327bf1b924e7685a7b2ec0e7045c2379f0e315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9e89e01c9aba7a02bdc752ef326d793d |
| SHA1 | 9a3b8f8e7654d89db26e6688fd21fc59cd342e6e |
| SHA256 | ed63db8255d834443a33e15781feeb69e91b3f2fde477b770476e83ee7dbf529 |
| SHA512 | c84daa155aa025109a7c2ef3a77241ed56e69ec17226c94dff015368895b95422aa22e4d44b4514340288c2e662fbe2a664ffb6eea762a9662f59cf451aa323c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 858041c19204953e91ce39820b1007f3 |
| SHA1 | 34085dab1e958dcaa9765eb20ada990aabb3dc26 |
| SHA256 | e8655b324342643465a3b7e5bb3f2de742b495551ec1e8820455f23dd8d7cf11 |
| SHA512 | dce0984c5e2730ca10dbe939fdce4c3ba972405cab6814a637700885f7da9feb98e51139325d1314afc758e20e12eab0f8d5fce35d35a724624a5858fa94bcdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2a071490e33fffcfb59c7aef14771bd2 |
| SHA1 | 9a13eb4cc11210c08b0bf5b6319058f66e5c1c9c |
| SHA256 | 6b7ab3ca0776ab48c07d7a69c948a9dcc6e0a2f898552ac1857b6db9ffd4c9c6 |
| SHA512 | ad52b85b6b373d9ef7a894ca5f629ec0c9ae4fd19c7abc857eac228e81bc320b05ff0a2469596e9aa52aa5d1f9b9fa6173174f9be08fe341df77a4635d438dff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 201a89b53e3d7ff9f45d78e9a191c8a5 |
| SHA1 | e4abe321ea8f590ca6a6c3b38c3e8fd8827d67b6 |
| SHA256 | a3f235d453979f32edcc800f6d8be8266c207361165a740ec917786f935c6daf |
| SHA512 | 179a594bf32cbf8c9b0c760780eeb83d55540c767bd619e7362abb7d66bf4d2301895dcf1cb9362390a7b5149589e499f73c87f210a73fd9e3a3fe41cc0e6642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | dbe6d76a95111c0c2a8b89478258c95e |
| SHA1 | f0d5b7f5e30fa6df6eee51aed1241ccae78259f2 |
| SHA256 | 46bfe88f740dbeed005c2f4c36ed51aa7347e90c55d07c5e3167f903fff4d1b0 |
| SHA512 | 25f819705955dbdb3d44591850d8a7a21603fd2e76b9010e50026c74386ce26e5b6ae52e229f80be2b47a95f54e05cc0dee2339cadd3c9a32b034adfc5f4fafe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9d5bb2e5c8fe53dc14f4911455e8f9d6 |
| SHA1 | f71d272aa5865ca614e4b02e84696805dbb7ee54 |
| SHA256 | 66b9c6bf7d28766453fa4a036b7a4969d1596b26763e6ddf5512b2009dc68558 |
| SHA512 | 6c1d893422fb6a141054f60a3340e6ee65eb2758409e72b1fa920f0387b66e284f2e0926d6cdab414deae41dad1266d07f07ed38e68058b65e46012b0a1e2860 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e196.TMP
| MD5 | 09c85d106341398db330949f5c8ce4b8 |
| SHA1 | 9a0af74e71d140e492ceb036009159fab6370f83 |
| SHA256 | c1f03e4d0a9b6916da1c1396072785e39c974c32c918745d57ed3282c5207a57 |
| SHA512 | e2519f1e7b2c02fff04696929fea9812a86064db7c21dd4c2ad217f5e6546b84de1f75b1dc8e73560894d4acfdf0d22f3c8c2b71fe0ba6fe5ac78d756d1f7b41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fcf6585a6709d46f697a128f97478b34 |
| SHA1 | 0e9a86fab418b045d294534eab113b2d1d5aa46c |
| SHA256 | 3139ac52d7edea5d076e89fd4c3155a643f2cf243ddc515f2e09e28099b006dd |
| SHA512 | 11263b109203cd74e80d0f5db329597f867d80310dadb0ee97c523fc62358884649197bb6d79ff9fbbab83732724d313b5f5d1d5a660609cb224d00ce65863d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4054852dcee3eff5dedf1d8d4c6b22f2 |
| SHA1 | b1015e3c5e8ddffa4d8772c926d89b1844df59b3 |
| SHA256 | 6ebc69f80ce338f564afa2279d4c98ed0e64c175417226c7de2a66fda8dd2b53 |
| SHA512 | 1904f6c59852c1a4ec782147546d5e9ae08776c24e0d3fbf623414d6bbdc151ed2412b37e0080d16e215123b08b16145266b3893765eccb501b3074b1e9a5661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9315e22c21b7784c4fd5114df58ef4c0 |
| SHA1 | 0e5afb4d5bbb814b971cba77142cdda262ed741a |
| SHA256 | 725884ec4981cdc5e35e5d81dbe129bd53d93286f8ec8720d21e6cf1f2279f07 |
| SHA512 | 91520c97813a18a22217553bd9d0aa7dd82c9ed2e0a33f6fd43017e10992c1d40c7bf76571bd2343211bd3aa5ac8dd871f196727390bc529f4fb228b4e46008c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5e49a596a879b7ca8106bb13683a6bb6 |
| SHA1 | 164d2d2044579a6f540c8fe8e4e8892c6d7b65c2 |
| SHA256 | f55a2d5e80ac5434705c0e9adc98bf607f62c62f038064d86ac7582e2a543a6c |
| SHA512 | fc6217e5cc9bb0505c1ccf8e9498ff85c2779b843dcebfaf563734fda4f5fdf213cd2884ab5e04406f8bc785454c4a7df87662976ed9217d0b51b5e2c76ba1b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580dc6.TMP
| MD5 | 632d098121cc02f98844bdd54b090f70 |
| SHA1 | 3a49772d915f38f56d580273a67c76e2b7f73e7f |
| SHA256 | 3659e1b12268de331a539ee35d99b34a5825ab881093b51f2359a5378c50eab8 |
| SHA512 | 270c7638377c5cc2842d7b79a73c9fdb28231d188b3909c021788c5405027ff884ed392650435973f30278b640c2b2f3f8691780665c9f40749935a123a7c11b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\60c68474-cdd4-495a-a55f-6d82cefa8a4f\index-dir\the-real-index
| MD5 | f0e32fbdb11f0595dc22230cb5f7bb96 |
| SHA1 | 86cc4ac31b38f8f77aaf4f5d0363487c78656d91 |
| SHA256 | 4e119d1d4cd211d61d994133bdd55e1e0fdf85fbecdbc05fe5d8ccdb64253b24 |
| SHA512 | e2565bb5a205e19585847c0574eabd6ae5a7b04378217b3b87f16d4ab61e1125792a806d80437bcacedee2a9104c136da67832c26c2acf6916596e6a3a314342 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\60c68474-cdd4-495a-a55f-6d82cefa8a4f\index-dir\the-real-index~RFe5814db.TMP
| MD5 | 76d8bd4174237a0a15aeb9511f6ade81 |
| SHA1 | b5f570a21e8faf01e4af17b7a204140f68715dbd |
| SHA256 | 09f18c839f0bef9b2e2770592b71e20ec991f6af1721264b138a801438b3dbba |
| SHA512 | bcfcd2aeffdfc8b1c0a2a0b349101b7001c66781cbc85d3f8de9e5f16ef3b5f5df7ab4664d74f1912444323205dc072eac0028fb3303123d16ee03096857e668 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8ed6697a-c1a7-4a7d-9bdf-5c34c6148948\index-dir\the-real-index
| MD5 | deee63a5d6f6fd6c6dc1acb5aab43583 |
| SHA1 | 1bd6e01d4443b32204dde7626378a10b039ecc7a |
| SHA256 | 50e328e447496dac449e886619f978b8ff153bcdec0614b94f1cdfd4632939c3 |
| SHA512 | b855c2b22ca17fef385ddd9e98102b7d3207ebe5a0fdf88828ccf622ceafad2d66a34a6714c40c5779320c304171b79ec70b377e87ab40bd9805996eee7896d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8ed6697a-c1a7-4a7d-9bdf-5c34c6148948\index-dir\the-real-index~RFe58174c.TMP
| MD5 | c3f4923e5b00d8150f3e23694bdf0ad6 |
| SHA1 | 6226f82c28fb4203f45d46660341d00dbd7cd772 |
| SHA256 | ee7a5c1aad6c2bbe0eb8587c7239eb2260addb6c28d95a9fd4ead222d6d045bf |
| SHA512 | 481bf0af313fbd4a32d78057975edb70926cf7d5a045efa075d462dc321aba80b20c1baeec37216701bc74df977f565fffde9aec712396dc6b92a6bd9c708f42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ba50293fc8606f9331d7908ae0d3e1cb |
| SHA1 | 98b66a1610de5101ff9930d6d69c4bcbe1c8e31b |
| SHA256 | fe5de9cd51e0be92314ef6d69df48310033b621660b18ca41b60cd0eea37bca6 |
| SHA512 | 51aa7e6abe1a7cdb03a3987ae8f7b69449de4b90a811007bbede1ffac85c0acecadd888c8214051fd2fdc1d836a592b9625de81dcc1c2f479254570e45b100e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | a985559d0e66583398b6caec4cd6e214 |
| SHA1 | 120fe1d4c52aeb22f3f3b74c26e9adfba2bd633a |
| SHA256 | 388f3a5b0ffc2fca8416b21c05e4aaff7dc1a1bbc2500e632d25264275a38b99 |
| SHA512 | 116c272578cc199d0210ba6cfc00f7c348e52c68019526ff7f09941cae6ee3ab25c338e3aa371f8e10ff6259b8a7fa615a5747b51cd2cdc14abff660710abb12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6724df2e9581bbbdddd64032617e88db |
| SHA1 | f6f7c49ef8d32f6f2b7f774198020e606f50d363 |
| SHA256 | 0c48df143ed875fffe6483be8b2f5d290fd9a07cafe5a56db6368b6e35e9203f |
| SHA512 | 219c4e06f8e6fd1ef1d5c9ac4ca5bc6373be3df41e46d03a7bb19c05692f626a0689ec228feba36571d79754831a25213707e09f5381881c416a72174657412a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9dce1eb8508319441bc452dfb64975a9 |
| SHA1 | ed57fc736fe00614a4bf02388d1f3299e50d4d4a |
| SHA256 | cad9b2bd1d1601eaf5c0dceb1496b6d9563dc6e7febe480ef017536fa423a0bc |
| SHA512 | d3a26243623a38a0c7831698284c0ec821bb9131c928daa2a5a8362fced402a8f1b160c588745c65b0becafdbb56d892421e88363cb6a0f3f7a2190b17733279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c24237ce2422215b5122d76e96bb7da6 |
| SHA1 | 6c370115e93cd87cace5d003e1fd225f62383700 |
| SHA256 | 39ed4a5c02c3371c7aaf1d78e8506ed39c4b4c2c1ca489d7cdf45dd1092ae6be |
| SHA512 | 0048a38bf9c797091eec0eb2bfd2ed3f3393987600aa70ba375fd11a5396bbdca0b88928764018565a9c25ff5f85cd3c126eccb93423dd1aac9bde7b775ec03c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | a1afe33ce7442502a96deee597945384 |
| SHA1 | fe34cd78635f5617cf238de6dc746058d6f88899 |
| SHA256 | f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa |
| SHA512 | f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80 |
memory/5572-1334-0x0000000000540000-0x0000000000864000-memory.dmp
C:\Users\Admin\AppData\Roaming\SubDir\javaupdatechecker.exe
| MD5 | 043871ec404d967e3a8397f8cd99f25f |
| SHA1 | 4b194ffac71882497207a18ec8c86cc841907378 |
| SHA256 | 5fd670ad5a0eb8939ab57b8c3801754b717c8b82b73a296ac6f2ffb8579786a7 |
| SHA512 | 827f3005084872a69a928ad4d1983098768bc1182566fbc78fe692aea8ed655e60e446f0fbbf0cd045a5e5c3779319529551ae8f17a6ecc25984bde57deeb283 |
memory/5432-1341-0x000000001BE50000-0x000000001BEA0000-memory.dmp
memory/5432-1342-0x000000001BF60000-0x000000001C012000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 28cf5fc1145d3786a05fd2f1214a73a8 |
| SHA1 | 9725e5606c71c73be878a42796633e693179e31e |
| SHA256 | 1bf9ccfb685fc47019c3fd53d0bb6ab4f53c12989994a7fa48e56c2aaaba53d1 |
| SHA512 | b1dd8d827c3a8bf22c86b5be3b80c2b8ab4ff72919d293bef2c2b1be483d4bdf13ccfd2682dda74f74286893364c81f0fab895832ea47d16823d407598124dbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2ea7df73c5adf11afe804b6918b5d177 |
| SHA1 | d74dae916b3ac113c1ed9b1ad85a271e10041bf8 |
| SHA256 | 5faba62495c87695b0896cdf91f2e852c1bbcd57dfd2050830ef17c2071feba9 |
| SHA512 | dd4b27ceeea61694f483c8223830370908069827be8b3864c3b41643f98fc7af7a40ede8f98b4f385e64115a9472fa3edebfb90cb350be07c8fe6a9aedbaa766 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ezRip.exe.log
| MD5 | baf55b95da4a601229647f25dad12878 |
| SHA1 | abc16954ebfd213733c4493fc1910164d825cac8 |
| SHA256 | ee954c5d8156fd8890e582c716e5758ed9b33721258f10e758bdc31ccbcb1924 |
| SHA512 | 24f502fedb1a305d0d7b08857ffc1db9b2359ff34e06d5748ecc84e35c985f29a20d9f0a533bea32d234ab37097ec0481620c63b14ac89b280e75e14d19fd545 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3928bd61622f338d178de26c40ddfa83 |
| SHA1 | 3cb2d29e9da374f5cfa124bd5bd18f380e78e15d |
| SHA256 | 836364b5564e9519f32c5d417c1cb72c73b21875c16d9b3a3dabb1de87c44db6 |
| SHA512 | fdafe00269b53c9c4482cedc554088d4cc502715b3dd483a3fecfeeea001d68b089bcd7087352c280206cf3f7a466be8791e949851dda72c4cc1f2768c3b1de8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 19710f98deba17d0580fc54c3f20a12d |
| SHA1 | 85e119e0a29c2242b927512433b719548c498e0c |
| SHA256 | 3f51a177c7473c3c014512764d3273dfa20f26c2b8ed39566f1edb98ff0c2a07 |
| SHA512 | 47c032bcfcdee1e75dfe8be7c776ad157923e405b945f21bb597257a207709ca15ce4f5f548f425cae5cdcdce659d6dc2b3b9c8d26ccd715e7392bf7b69318ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0d8a427ba0f10c3094ae412b211cfaa1 |
| SHA1 | b046188abdf592e5b6c35830008999e0187d177b |
| SHA256 | b7cdc953b4d6c1e2c27b40bfd6f35e4701932c59976700db340ce588c935fe6a |
| SHA512 | e632a1ca35c607c7b35ecee1a1be62e35b6512aca22f71e9dc5153ef0557c037d7c5303576dd47aa612b93aeee7b1740f6c07edb76726357726ab8720b8c224e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | db2e119c258442e572804a7a60e50eb0 |
| SHA1 | 7e2a5957f5d8a4bbec16a6bbd6a3b2a102afc6a7 |
| SHA256 | 35f05b5fa0bacdb4a0bec4da9f8cff4209bd1b191455bd6c5da973527cf4ee28 |
| SHA512 | c5b87604975eab219af0ddc90b7b4e964abdf4b20247e92ec7532b1ba28cd05d728af0e82c3e63380f4b2a2b275a084f92ccb962569b6f26943ccf76132d63f7 |