Malware Analysis Report

2025-03-15 04:19

Sample ID 240824-1wfx3ateqr
Target https://visortmo.com/library/manhwa/21631/killing-stalking
Tags
discovery motw phishing
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://visortmo.com/library/manhwa/21631/killing-stalking was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery motw phishing

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Browser Information Discovery

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-24 21:59

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-24 21:59

Reported

2024-08-24 22:00

Platform

win10v2004-20240802-en

Max time kernel

43s

Max time network

47s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://visortmo.com/library/manhwa/21631/killing-stalking

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4392 wrote to memory of 2360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 2360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 1816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 1816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://visortmo.com/library/manhwa/21631/killing-stalking

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff0dc446f8,0x7fff0dc44708,0x7fff0dc44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6492 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6492 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6848 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4bc 0x504

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,10287642540126934159,4363251715603759875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 visortmo.com udp
US 104.21.39.222:443 visortmo.com tcp
US 8.8.8.8:53 widgets.outbrain.com udp
US 8.8.8.8:53 222.39.21.104.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 17.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 25.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 2.18.109.60:443 widgets.outbrain.com tcp
US 8.8.8.8:53 otakuteca.com udp
US 104.21.234.62:443 otakuteca.com tcp
US 8.8.8.8:53 hb.vampednorbert.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 nakamasweb.com udp
GB 18.244.114.118:443 cmp.inmobi.com tcp
NL 23.109.170.241:443 hb.vampednorbert.com tcp
US 104.21.21.156:443 nakamasweb.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 60.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 62.234.21.104.in-addr.arpa udp
US 8.8.8.8:53 118.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 241.170.109.23.in-addr.arpa udp
US 8.8.8.8:53 156.21.21.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 tcheck.outbrainimg.com udp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
DE 157.240.27.27:443 connect.facebook.net tcp
FR 142.250.179.68:443 www.google.com tcp
GB 23.46.74.20:443 tcheck.outbrainimg.com tcp
US 8.8.8.8:53 20.74.46.23.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 27.27.240.157.in-addr.arpa udp
US 8.8.8.8:53 mv.outbrain.com udp
US 151.101.194.132:443 mv.outbrain.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 log.outbrainimg.com udp
DE 3.125.91.136:443 api.cmp.inmobi.com tcp
DE 3.125.91.136:443 api.cmp.inmobi.com tcp
US 50.31.142.255:443 log.outbrainimg.com tcp
US 8.8.8.8:53 rock.defybrick.com udp
US 8.8.8.8:53 mcdp-chidc2.outbrain.com udp
US 50.31.142.31:443 mcdp-chidc2.outbrain.com tcp
GB 18.244.140.120:443 rock.defybrick.com tcp
US 50.31.142.31:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 132.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 136.91.125.3.in-addr.arpa udp
US 8.8.8.8:53 255.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 31.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 120.140.244.18.in-addr.arpa udp
US 50.31.142.31:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 23.46.74.20:443 images.outbrainimg.com tcp
GB 23.46.74.20:443 images.outbrainimg.com tcp
GB 23.46.74.20:443 images.outbrainimg.com tcp
GB 23.46.74.20:443 images.outbrainimg.com tcp
GB 23.46.74.20:443 images.outbrainimg.com tcp
US 8.8.8.8:53 flint.defybrick.com udp
US 52.45.196.192:443 flint.defybrick.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 192.196.45.52.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
FR 142.250.179.68:443 www.google.com udp
US 104.21.39.222:443 visortmo.com tcp
US 150.171.28.10:443 g.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 roskertech.com udp
US 172.67.179.230:443 roskertech.com tcp
US 172.67.179.230:443 roskertech.com tcp
US 8.8.8.8:53 resources.infolinks.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 172.66.41.9:443 resources.infolinks.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 172.66.41.9:443 resources.infolinks.com tcp
US 8.8.8.8:53 230.179.67.172.in-addr.arpa udp
US 8.8.8.8:53 platform.bidgear.com udp
US 104.26.3.107:443 platform.bidgear.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 static.videoo.tv udp
US 8.8.8.8:53 fstatic.netpub.media udp
US 8.8.8.8:53 router.infolinks.com udp
GB 89.187.167.38:443 static.videoo.tv tcp
US 172.67.70.145:443 fstatic.netpub.media tcp
US 172.67.70.145:443 fstatic.netpub.media tcp
US 172.67.70.145:443 fstatic.netpub.media tcp
US 8.8.8.8:53 app.sureview.tv udp
US 8.8.8.8:53 imp9.bidgear.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 9.41.66.172.in-addr.arpa udp
US 8.8.8.8:53 107.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
GB 108.138.233.65:443 app.sureview.tv tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 rt3067.infolinks.com udp
US 8.8.8.8:53 cmp.netpub.media udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 style.videoo.tv udp
US 8.8.8.8:53 geo.dailymotion.com udp
FR 195.8.215.137:443 geo.dailymotion.com tcp
GB 84.17.50.9:443 style.videoo.tv tcp
US 8.8.8.8:53 c.videoo.tv udp
US 8.8.8.8:53 api.dailymotion.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 japanreader.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 65.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
CA 51.161.119.116:443 japanreader.com tcp
CA 51.161.119.116:443 japanreader.com tcp
CA 51.161.119.116:443 japanreader.com tcp
CA 51.161.119.116:443 japanreader.com tcp
CA 51.161.119.116:443 japanreader.com tcp
CA 51.161.119.116:443 japanreader.com tcp
DE 159.69.57.124:443 c.videoo.tv tcp
FR 195.8.215.158:443 api.dailymotion.com tcp
US 8.8.8.8:53 static1.dmcdn.net udp
US 8.8.8.8:53 www.dailymotion.com udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 ghb.console.adtarget.com.tr udp
FR 188.65.124.92:443 www.dailymotion.com tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 ghb1.adtelligent.com udp
US 8.8.8.8:53 ghb2.adtelligent.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 pbjs.e-planning.net udp
GB 18.245.143.82:443 static1.dmcdn.net tcp
GB 185.239.172.170:443 ghb2.adtelligent.com tcp
GB 185.239.172.170:443 ghb2.adtelligent.com tcp
GB 185.239.172.170:443 ghb2.adtelligent.com tcp
GB 185.239.172.170:443 ghb2.adtelligent.com tcp
US 23.227.151.242:443 ghb2.adtelligent.com tcp
US 23.227.151.242:443 ghb2.adtelligent.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
GB 89.187.167.38:443 static.videoo.tv tcp
US 107.151.11.18:443 ghb2.adtelligent.com tcp
US 104.26.8.169:443 script.4dex.io tcp
US 8.8.8.8:53 statics.dmcdn.net udp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
NL 147.75.84.127:443 prebid.a-mo.net tcp
NL 147.75.84.127:443 prebid.a-mo.net tcp
NL 147.75.84.127:443 prebid.a-mo.net tcp
NL 147.75.84.127:443 prebid.a-mo.net tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 104.18.34.178:443 mp.4dex.io tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
US 23.227.151.242:443 ghb2.adtelligent.com tcp
GB 18.164.68.41:443 statics.dmcdn.net tcp
US 104.26.8.169:443 script.4dex.io tcp
US 8.8.8.8:53 pebed.dm-event.net udp
US 104.26.8.169:443 script.4dex.io tcp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 137.215.8.195.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 124.57.69.159.in-addr.arpa udp
US 8.8.8.8:53 158.215.8.195.in-addr.arpa udp
US 8.8.8.8:53 116.119.161.51.in-addr.arpa udp
US 8.8.8.8:53 92.124.65.188.in-addr.arpa udp
US 8.8.8.8:53 82.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 170.172.239.185.in-addr.arpa udp
US 8.8.8.8:53 242.151.227.23.in-addr.arpa udp
US 8.8.8.8:53 169.8.26.104.in-addr.arpa udp
US 8.8.8.8:53 178.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 127.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 41.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 18.11.151.107.in-addr.arpa udp
US 8.8.8.8:53 geo2.dailymotion.com udp
US 8.8.8.8:53 cadmus.script.ac udp
FR 188.65.124.65:443 geo2.dailymotion.com tcp
US 104.18.23.145:443 cadmus.script.ac tcp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
FR 188.65.124.92:443 www.dailymotion.com tcp
US 8.8.8.8:53 s1.dmcdn.net udp
US 8.8.8.8:53 static-origin.dmcdn.net udp
FR 195.8.215.160:443 static-origin.dmcdn.net tcp
US 107.151.11.18:443 ghb2.adtelligent.com tcp
DE 51.89.9.251:443 onetag-sys.com udp
GB 18.239.236.112:443 s1.dmcdn.net tcp
US 8.8.8.8:53 apps.identrust.com udp
FR 188.65.124.59:443 pebed.dm-event.net tcp
FR 188.65.124.59:443 pebed.dm-event.net tcp
FR 188.65.124.59:443 pebed.dm-event.net tcp
GB 88.221.134.137:80 apps.identrust.com tcp
US 107.151.11.18:443 ghb2.adtelligent.com tcp
US 8.8.8.8:53 dmxleo.dailymotion.com udp
GB 18.245.143.82:443 static1.dmcdn.net tcp
FR 188.65.124.66:443 dmxleo.dailymotion.com tcp
GB 18.245.143.82:443 static1.dmcdn.net tcp
GB 18.245.143.82:443 static1.dmcdn.net tcp
GB 18.245.143.82:443 static1.dmcdn.net tcp
GB 18.245.143.82:443 static1.dmcdn.net tcp
GB 18.245.143.82:443 static1.dmcdn.net tcp
FR 142.250.178.138:443 imasdk.googleapis.com udp
US 8.8.8.8:53 inv-nets.admixer.net udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 65.124.65.188.in-addr.arpa udp
US 8.8.8.8:53 112.236.239.18.in-addr.arpa udp
US 8.8.8.8:53 137.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 59.124.65.188.in-addr.arpa udp
US 8.8.8.8:53 66.124.65.188.in-addr.arpa udp
DE 116.202.167.155:443 inv-nets.admixer.net tcp
US 8.8.8.8:53 vendorlist.dmcdn.net udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
GB 18.245.187.36:443 vendorlist.dmcdn.net tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 static.criteo.net udp
IE 54.77.206.203:443 ad.360yield.com tcp
IE 54.77.206.203:443 ad.360yield.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 23.227.151.242:443 ghb2.adtelligent.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
FR 188.65.124.59:443 pebed.dm-event.net tcp
US 8.8.8.8:53 155.167.202.116.in-addr.arpa udp
US 8.8.8.8:53 36.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 203.206.77.54.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
FR 188.65.124.59:443 pebed.dm-event.net tcp
FR 188.65.124.92:443 www.dailymotion.com tcp
FR 188.65.124.59:443 pebed.dm-event.net tcp
US 8.8.8.8:53 graphql.api.dailymotion.com udp
US 50.31.142.255:443 log.outbrainimg.com tcp
US 50.31.142.255:443 log.outbrainimg.com tcp
US 8.8.8.8:53 s2.dmcdn.net udp
US 8.8.8.8:53 vod.cf.dmcdn.net udp
GB 18.245.253.87:443 vod.cf.dmcdn.net tcp
US 172.67.179.230:443 roskertech.com tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 hbx.media.net udp
NL 79.127.227.46:443 id.a-mx.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
DK 37.157.6.237:443 cm.adform.net tcp
DK 37.157.6.237:443 cm.adform.net tcp
US 8.8.8.8:53 vid.vidoomy.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 67.202.105.23:443 ssc-cms.33across.com tcp
GB 23.46.72.29:443 hbx.media.net tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 87.253.245.18.in-addr.arpa udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
US 8.8.8.8:53 sync.adtelligent.com udp
DE 168.119.72.236:443 sync.richaudience.com tcp
GB 89.187.167.39:443 vid.vidoomy.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 89.187.167.39:443 vid.vidoomy.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 168.119.72.236:443 sync.richaudience.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
GB 185.83.71.234:443 sync.adtelligent.com tcp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 dis.criteo.com udp
DE 168.119.72.236:443 sync.richaudience.com tcp
US 104.17.43.93:443 gum.aidemsrv.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 104.17.43.93:443 gum.aidemsrv.com tcp
US 8.8.8.8:53 player.aniview.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
DE 37.252.171.85:443 secure.adnxs.com tcp
DE 37.252.171.85:443 secure.adnxs.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 52.1.95.45:443 api-2-0.spot.im tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 44.195.106.120:443 cs-server-s2s.yellowblue.io tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 134.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 237.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 29.72.46.23.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 234.71.83.185.in-addr.arpa udp
NL 89.149.193.100:443 ssbsync.smartadserver.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
GB 13.224.222.128:443 eu-west-1-cs-rtb.openwebmp.com tcp
GB 13.224.222.128:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 54.211.52.44:443 sync.srv.stackadapt.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.215.131.87:443 match.prod.bidr.io tcp
US 64.202.112.191:443 b1sync.zemanta.com tcp
US 64.202.112.191:443 b1sync.zemanta.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
IE 54.194.101.55:443 ap.lijit.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 93.43.17.104.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 45.95.1.52.in-addr.arpa udp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
US 8.8.8.8:53 100.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 120.106.195.44.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 128.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 236.72.119.168.in-addr.arpa udp
US 8.8.8.8:53 jadserve.postrelease.com udp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 bttrack.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 192.132.33.69:443 bttrack.com tcp
IE 34.253.170.144:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 87.131.215.52.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 55.101.194.54.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 44.52.211.54.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 191.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 144.170.253.34.in-addr.arpa udp
US 8.8.8.8:53 111.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 sync.aniview.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 18.165.242.110:443 sb.scorecardresearch.com tcp
GB 18.165.242.110:443 sb.scorecardresearch.com tcp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 110.242.165.18.in-addr.arpa udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
FR 188.65.124.59:443 pebed.dm-event.net tcp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
FR 188.65.124.59:443 pebed.dm-event.net tcp
FR 188.65.124.92:443 graphql.api.dailymotion.com tcp
US 8.8.8.8:53 vpaid.vidoomy.com udp
GB 89.187.167.39:443 vpaid.vidoomy.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 35.186.253.211:443 rtb.openx.net tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 tofu.dmcdn.net udp
FR 195.8.215.171:443 tofu.dmcdn.net tcp
US 8.8.8.8:53 171.215.8.195.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 847d47008dbea51cb1732d54861ba9c9
SHA1 f2099242027dccb88d6f05760b57f7c89d926c0d
SHA256 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512 bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

\??\pipe\LOCAL\crashpad_4392_GHNOVPORIGYYGDCE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f9664c896e19205022c094d725f820b6
SHA1 f8f1baf648df755ba64b412d512446baf88c0184
SHA256 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA512 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9cb8b44ad1b3610a64323b74b660313a
SHA1 28a2b1e18b4c1e280cf727b35711a6ddb38eca52
SHA256 cb48361a123459f37406461a0e5fbe2463a193023dff337730e16385988fa3cc
SHA512 5a13bc3a977b2ab70126e184b8f33ce7aed10ffceb504e00d81aa9686957e5f3a508208df99ac18ba3e5fa4154553545d2d21fc1b3e37200a08d4cd1556f9088

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 a4202141d83cbfd4181e7ba1ca2a65bc
SHA1 0ea20a0b146c526fe3637d469cb8230656a3bcd2
SHA256 31455c6439d27e18bf4961363466fb8088a2896858bd10db1b3837783a6ec8e9
SHA512 d43b8bb3e63e03f3fef32639920600c2429d7ceaef5db194948ac322de453969e917221ea3bb6aa6ff88da352a99bb16a317cd893e42436dba62e944976d23a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 c1a6b6ecaec394c0755dd618861f2b37
SHA1 34171e11a9684e4eaa94c61d68310cbc41ee8eb2
SHA256 6621c50a5c7dc172ccd28600da024d14e490ae54db3335dd66bf071a237a8a82
SHA512 f7ae780a6665be1fee0d901072d81126951fd5b83119bb2675a55f697a4fc3a839b5a19f54b0cd18b8b53546c335a8f558266b5492e63ca83374a4a05ef93a0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4df7e48c0a7f336d7970105c9ea64ffb
SHA1 537750036b8f63c6a7ce285d0e0e518385121023
SHA256 b11c59da5bb6558e9554e875c096a14512664fd8ac2d136a5929db7635cf0cb7
SHA512 38841f3edc66f40be426ff010db12e19f257619ca41a7beb016e41d3d57cb4bfe30e45c886ecd2483f55f7b72c079db92bec4a553d096f950b306a4c7c33ce2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 12e84cec6b08e5ce47370a90df866ed8
SHA1 15a6e34a4a04110f0812c1bd16c7626db0709b2d
SHA256 dde3a9c249fbda0972f1cef42fdbe34545b705c252c6ba1920254477861f6f19
SHA512 9f072f5b9b87a355bd86dea7ecacc72d3f02aea3b6829ee4fb8b2ed4a95d234c669240c649773f87d0b68131cb5e28bccd199150bc62a0207589051ae94a9a5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 46eb265e80af1dcfd3cc2ecb6024be90
SHA1 8936cb8083dd983e690b930cf89388831c2dc312
SHA256 274e4769ae29a9848a77144d9db54bafc576360ef64471cbf7c87da547b86985
SHA512 ae87605732fd69e87c814b741aa156b96b8227eeab05fce7dfe006dfdc513ad513874a99d074d3a3b54b78ec9a9fb9a36f6ed9232c9341a61b79462002bfb00a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 4e86b949f3f0620c7ee37d3558821a23
SHA1 e65d2070bea4500329eee720e68c36eb9b6baace
SHA256 f293211312c2050f102154147d47bec093df2969fd69d3e15f2a1b3ec77379b3
SHA512 8c67ce92b918077681563898d2851853c52683919329d2d83fbece90a7783b334b4db867c117d469bff7d1436fd2fb19f376c5492e159855e1649b7dc436a10e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8db1b45b1923d320496b11228c0839d8
SHA1 4ac95654bfbeb10ca5cee2096aaff18f7450adec
SHA256 fc46485cb7b645302ade4a491e0a6b21ab482dc5e83fa2602d375322be29db92
SHA512 669c456f666c5b9c876821e7458512e51c0d91f90e091d268a121341fc2347d9a52253c572f0b9bc1c83a9544518f1f957d0518ec38106387cb044001b48ecf8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

MD5 fde7bfac5e1b650d1ba3a1ca142af92c
SHA1 975f6ed02c7b3cc63fb3c0503c5fcd1751089cf3
SHA256 15db1bcf0c21280f59560767b56f93447a9d007b612c18dd4b32cd577124e315
SHA512 9aecf23558e64ff898c677ed2488b496d347a675c09d3e2b47edd7263dea6da28f4c518208205a8879853dd0d15352b5589a1adc35903abefb0f9da116dff934

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

MD5 c73d429e7af1ec2ccfc0adf397f095f8
SHA1 fc6ff94ef282edf9167707f0673b501a552b4188
SHA256 3866cc203bb5a7e366ae1108b48bbc7aa5ac26cdc9f3ec68133acb260730bac4
SHA512 7b7e29e304ef2fb5f65c98bd8c449d325205aacdb12fe9e880aefdcd229f412daf4babea281f543a54882d0db3100d4d6ef91c9dbd272cab5f8b2b23cb51e8a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 4462b84efb7f774834e06acf99ce9e15
SHA1 32bcafe63200bf351087f605ba7e543678c6dae7
SHA256 95210754d5ecc93c4d4414b9ee2578ee70c262d9f1f9b5d5a5d747f1c5451eb6
SHA512 63d560fa4bcfe4b28d014cc708eb9e430fc0c4cbf84127f1f9518d6b276b6b0391c8f02d42c43a7f0ebe1781f6c1bd9d4c7ce00dc658f3e25516b44655794949

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

MD5 d89a2949a083b7d1836cbd816ecc06cb
SHA1 ba28588858508ef56bdd47271065e5c25b14ed1e
SHA256 766a165bb7096a0e93134facbc1b59c5e167b1eedd6b50a1f48b1cf6ba8ebc76
SHA512 ca8d0bc4905f22e616df68b1d2a9d1df80d6cbcb13bb882a3685a5736a14c27e2d5ad373886d6976b7d98ea01c8feecc88e6017228afe7c02b187b94afa5bc3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 19c5463756accb41eb7194cfd2210495
SHA1 ce61b2c974e856dbf452a78cf3e8a013403aa107
SHA256 9741c2aa857199df381aeb157e8c6905db1c07b0e52792f3fad2702efebc8531
SHA512 05629604e82f7fd87adfc7f7566b38cfc3c92098969608e721703d69ba702739af1db987a5690a9dc4278feaf060cc81fad925541bfbf7ebe4d50a9bba40e39b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5819dc.TMP

MD5 70c893c69ac9ed1f5af9ba7fd91c1ce4
SHA1 b0f22a4c2e74da5fc6ebc6e1af575504319a6cab
SHA256 e6fce8154b81d2252a4f8c20b2a66d07df72996ba3137aab5703b599890d7d50
SHA512 1e30c5d007cbb3a92dc50649ce7381a886a874fbdc2e6d9d25c11c6cb6977a70131bad4d526cefe9a40d8e4e1c0d5dd02b0f59b76c3d061dc72e1c81fe81f378

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4337278677db6f26_0

MD5 20e2d373228acb98694816ea456a47a9
SHA1 b2972621e2f7cda055be05e70e0e4765a6d2f576
SHA256 1244ca90623de88f967c64cae2cbe39e0f41e465bea1e94496407914c8b340cd
SHA512 7b41acaccaa9e0ce3bbfc712cecc5935618a483a53c4dba6104cb20b9fda3481d67961e526248626fad83fe2a6f2101940f028e308f6445da54ba96e922ba703

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24fd4615ee16f2c8_0

MD5 fa174e11b0e135edbe4583bae7f561a6
SHA1 f573827a3ea64fe5f0d29dd81339369358c08cb7
SHA256 f39f7f916286e2c5ea13fa4ae6c689b59e4b87b37a0cd98179d9f467ca4d138e
SHA512 3881a94f784d4ed6b872eeea999e66ca56b11964f47df56716de9d936b1c55be3d7eb0d3d8b3698fab86375baf2714b24a39564ce65b9c3e0815ba0e752c8c03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

MD5 deb04fe2a35d2981313f891baaa32654
SHA1 69e5aaef4a2f447878824d905832a08a9c596d83
SHA256 93dedb17602e315ba495c99be747f3d5717b4f49306c55326f4570b43c9bc1c8
SHA512 8c32d572a8f108079263b9ab5230467b454518b60932db7a2cc855a350130d93db5b8f2cc5c82a9b3011e572d80d67e23c777145fd45e6467b0b2caafe92378a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ea131d195ad071de92574e93f39dce27
SHA1 08217e5a0b49861b5900b9212964bb2f70211b17
SHA256 96a033dfc137d9513783a4a36c2fb4efe8acafa6bd3f9bd026505a745a5d9c31
SHA512 f84a4ed2b400c3059dc88292dd36e7aa01ec462019d20cb2fa7e90b3eb3811096786ac4eb5a3bf9871384d2c15f6201d9f253af6779236487c5c100e7608b0e4