Analysis Overview
Threat Level: Shows suspicious behavior
The file http://jetstar.co was found to be: Shows suspicious behavior.
Malicious Activity Summary
Looks up external IP address via web service
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Browser Information Discovery
Suspicious behavior: LoadsDriver
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 10:42
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 10:42
Reported
2024-08-25 10:45
Platform
win11-20240802-en
Max time kernel
147s
Max time network
150s
Command Line
Signatures
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | www.iplocation.net | N/A | N/A |
| N/A | www.iplocation.net | N/A | N/A |
| N/A | www.iplocation.net | N/A | N/A |
| N/A | www.iplocation.net | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\localhost\ = "0" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\localhost\NumberOfSubdomains = "0" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\CA | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\trust | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\localhost | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\localhost\NumberOfSubdomains = "0" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1735401866-3802634615-1355934272-1000\{FFA5231B-93B4-4859-A91F-1156CF3116F3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DomStorageState | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\localhost | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\localhost\NumberOfSubdomains = "1" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\localhost\ = "0" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\Root | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1735401866-3802634615-1355934272-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://jetstar.co
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9e1a33cb8,0x7ff9e1a33cc8,0x7ff9e1a33cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3360 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5000 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004E0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=11332 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,17620169477199085734,3763102537432316794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | jetstar.co | udp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| GB | 89.187.167.39:443 | cdn.consentmanager.net | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 92.123.142.131:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 131.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| GB | 92.123.142.153:443 | www.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.91:443 | th.bing.com | tcp |
| GB | 92.123.142.91:443 | th.bing.com | tcp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| US | 104.26.6.214:443 | www.iplocation.net | tcp |
| US | 104.26.6.214:443 | www.iplocation.net | tcp |
| US | 104.26.6.214:443 | www.iplocation.net | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| FR | 142.250.179.74:443 | ajax.googleapis.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tile.openstreetmap.org | udp |
| US | 151.101.129.91:443 | tile.openstreetmap.org | tcp |
| US | 151.101.129.91:443 | tile.openstreetmap.org | tcp |
| US | 151.101.129.91:443 | tile.openstreetmap.org | tcp |
| US | 151.101.129.91:443 | tile.openstreetmap.org | tcp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| US | 151.101.129.91:443 | tile.openstreetmap.org | udp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 104.17.159.237:443 | cdn.fuseplatform.net | tcp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| US | 104.26.15.80:443 | cdn.pushmaster-cdn.xyz | tcp |
| FR | 172.217.20.206:443 | www.youtube.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.17.159.237:443 | cdn.fuseplatform.net | tcp |
| FR | 216.58.215.34:443 | cm.g.doubleclick.net | tcp |
| GB | 18.244.114.118:443 | cmp.inmobi.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| FR | 172.217.20.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| FR | 216.58.215.34:443 | cm.g.doubleclick.net | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 152.199.21.175:443 | campaign.adpushup.com | tcp |
| GB | 108.156.39.27:443 | config.aps.amazon-adsystem.com | tcp |
| DE | 91.228.74.244:443 | secure.quantserve.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 3.233.145.242:443 | http-intake.logs.datadoghq.com | tcp |
| US | 3.233.145.242:443 | http-intake.logs.datadoghq.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| GB | 89.187.167.39:443 | video.adpushup.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| IE | 34.254.33.22:443 | ads.servenobid.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| GB | 89.187.167.39:443 | video.adpushup.com | tcp |
| NL | 185.89.210.212:443 | secure.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 134.209.74.245:443 | exchange.cootlogix.com | tcp |
| US | 134.209.74.245:443 | exchange.cootlogix.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| GB | 18.245.187.38:443 | rules.quantcount.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| FR | 142.250.178.138:443 | maps.googleapis.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.74.209.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| FR | 142.250.178.142:443 | maps.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| SE | 16.16.135.15:443 | in.pushmaster-in.xyz | tcp |
| FR | 142.250.178.142:443 | maps.google.com | udp |
| SE | 16.16.135.15:443 | in.pushmaster-in.xyz | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.74.227:443 | maps.gstatic.com | tcp |
| FR | 142.250.74.234:443 | maps.googleapis.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| DE | 3.121.186.27:443 | btlr.sharethrough.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| GB | 92.123.143.201:80 | apps.identrust.com | tcp |
| IE | 34.254.33.22:443 | ads.servenobid.com | tcp |
| FR | 142.250.179.65:443 | f8e056208578e84fa39f7c9831eae7eb.safeframe.googlesyndication.com | tcp |
| US | 104.18.41.106:443 | ex.ingage.tech | tcp |
| US | 159.203.145.17:443 | exchange.kueezrtb.com | tcp |
| US | 159.203.145.17:443 | exchange.kueezrtb.com | tcp |
| US | 159.203.145.17:443 | exchange.kueezrtb.com | tcp |
| US | 159.203.145.17:443 | exchange.kueezrtb.com | tcp |
| NL | 147.75.80.51:443 | prebid.a-mo.net | tcp |
| DE | 37.252.171.149:443 | ib.adnxs-simple.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| GB | 95.100.245.39:443 | a.teads.tv | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.18.41.106:443 | ex.ingage.tech | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | 17.145.203.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| IE | 52.211.21.83:443 | ap.lijit.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 92.123.140.90:443 | hb.trustedstack.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 92.123.140.90:443 | hb.trustedstack.com | tcp |
| GB | 108.156.39.118:443 | public.servenobid.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 159.223.97.109:443 | sync.cootlogix.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 159.223.97.109:443 | sync.cootlogix.com | tcp |
| US | 67.202.105.21:443 | pixel.33across.com | tcp |
| IE | 52.211.243.178:443 | g2.gumgum.com | tcp |
| FR | 51.178.195.213:443 | ssbsync.smartadserver.com | tcp |
| GB | 104.103.201.8:443 | secure-assets.rubiconproject.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | udp |
| US | 3.209.126.202:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| FR | 217.182.178.234:443 | rtb-csync.smartadserver.com | tcp |
| IE | 52.215.131.87:443 | match.prod.bidr.io | tcp |
| FR | 217.182.178.234:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 104.18.42.227:443 | cdn.dxkulture.com | tcp |
| IE | 3.248.128.118:443 | ce.lijit.com | tcp |
| IE | 52.215.131.87:443 | match.prod.bidr.io | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 52.6.209.65:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 52.6.209.65:443 | ssp.disqus.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 67.202.105.22:443 | pixel.33across.com | tcp |
| GB | 13.224.222.101:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 159.89.50.93:443 | sync.kueezrtb.com | tcp |
| US | 23.22.234.152:443 | api-2-0.spot.im | tcp |
| US | 159.89.50.93:443 | sync.kueezrtb.com | tcp |
| GB | 13.224.222.101:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 67.202.105.22:443 | pixel.33across.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 23.22.234.152:443 | api-2-0.spot.im | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 52.7.6.179:443 | sync.srv.stackadapt.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | ads.dxkulture.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| IE | 54.171.130.238:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| IE | 52.209.24.54:443 | pr-bh.ybp.yahoo.com | tcp |
| JP | 211.120.53.203:443 | tg.socdm.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| JP | 211.120.53.203:443 | tg.socdm.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| DK | 37.157.6.231:443 | c1.adform.net | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | 246.211.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.234.22.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.50.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.6.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 3.230.229.255:443 | cs.ingage.tech | tcp |
| US | 3.230.229.255:443 | cs.ingage.tech | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 3.230.229.255:443 | cs.ingage.tech | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 52.71.52.107:443 | sync.ipredictive.com | tcp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 52.71.52.107:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | 203.53.120.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.229.230.3.in-addr.arpa | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| IE | 52.210.249.45:443 | rtb.gumgum.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| FR | 216.58.214.162:443 | ep1.adtrafficquality.google | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| GB | 92.123.142.91:443 | www.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs-simple.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.121.186.27:443 | btlr.sharethrough.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 208.91.196.253:80 | i2.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i2.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i2.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i2.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i2.cdn-image.com | tcp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| DE | 185.53.178.72:80 | jetstar.co | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.142.129:443 | www.bing.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6fdbe80e9fe20761b59e8f32398f4b14 |
| SHA1 | 049b1f0c6fc4e93a4ba6b3c992f1d6cecf3ada1f |
| SHA256 | b7f0d9ece2307bdc4f05a2d814c947451b007067ff8af977f77f06c3d5706942 |
| SHA512 | cf25c7fd0d6eccc46e7b58949c16d17ebeefb7edd6c76aa62f7ab5da52d1c6fc88bde620be40396d336789bd0d62b2162209a947d7ab69389e8c03682e880234 |
\??\pipe\LOCAL\crashpad_648_HYGXDMLJYGOIEQLH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9828ffacf3deee7f4c1300366ec22fab |
| SHA1 | 9aff54b57502b0fc2be1b0b4b3380256fb785602 |
| SHA256 | a3d21f0fb6563a5c9d0f7a6e9c125ec3faaa86ff43f37cb85a8778abc87950f7 |
| SHA512 | 2e73ea4d2fcd7c8d52487816110f5f4a808ed636ae87dd119702d1cd1ae315cbb25c8094a9dddf18f07472b4deaed3e7e26c9b499334b26bdb70d4fa7f84168d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b7439c9bba0e48f8ee3aff090dab7249 |
| SHA1 | 543f33a006a57dbbc12c355455d40825d686094d |
| SHA256 | cb165e2f995b7f2bdb3da9b9d126ea842180540f4c6378a8fb72452696a1eaba |
| SHA512 | 578b725a178f2880822dd0deab8d37c0236780196f00db17b4de22756271f0a267260080bd42b2567749fcd0b9a9b3a4e61c94cd2ea76b5b914d520a67ce82b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 229093af41194edcc9072e2dae6a4c54 |
| SHA1 | cf703ecc73b691e40ad83beced02c6fad676b42e |
| SHA256 | f0a2764d593a8d81ee90dfd88cac92e07e4057c7188656d834ca89b4efa3a3e4 |
| SHA512 | 9834837114c8c98ec46b6d5ced140adbfc031e9df71982002c63a9728b05a3e6bba73b87af87ad4d71ed29349a14142e2344eb2874d524f9994619cc3bd4814d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8bbcdcc47aef96792240bd09a683365f |
| SHA1 | 2072260b6e895752e8a753013efca87cd925e10d |
| SHA256 | 58da75cf491c78e57aacfab93f1ffed2c77739e6875de7f2f9837d3d8b254c7d |
| SHA512 | f9fa4d00e40ffe141b4c4da6f5ed12872a34e569674017b1166f3bf8e4b03988a4048f23d52be9b9b15d96385a4e5b0c4b661a07a76be857aaf93ef40b7921ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f51f46538c8649075431bc42f54432bb |
| SHA1 | f742d6b2bbd77cda6bb4bbcae13565d8375f8bc1 |
| SHA256 | acea93b96d421b5d8a833a1c0e36c1b37a333be58b4ab613fe290971e14f788d |
| SHA512 | c177ef70186d95cb1e87a501bc82d7ff90ce01121076b288aa6ddccd446b5885f444a179acf685dd43eb2425e4d2bad77a2aa58c69115cd9e716d3c4c0dd360a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e7261d6d7498ad9bbef3306d74b16191 |
| SHA1 | e63c515ca12ecb02874bd1d541bda13d14d7c696 |
| SHA256 | a0d003894361c8302b3032e71d693774c70db548abcb68899b6251e1d708e24d |
| SHA512 | bfd1f5b37177dbed61554a606a720f06826f283d26d0c7a315ab8e34ca49c82d1e7aaa2b9938958da05715a151a38ee73bab2f09aa9d1beef40a8a19642938fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae7c0a0ad91da93ed198e7d411d7efd3 |
| SHA1 | b941a54cc82655134d77f87c31fdce2893036cea |
| SHA256 | f5cbada9ab8165e8574752811316045caf0edfab4b597e42d9f864ff650fd5e9 |
| SHA512 | 967034765833f332688b4a8df55f35483a89fd6a0d4f0653c2e9cc2feb70bf7fc3a34f49e9af128c35c2b1031bcee7d09f84bda713245dde5309f50a93d02a7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e672286d708d7842d5ba7ce281cd0399 |
| SHA1 | 1d181130b32390354083ce75767482bbf67b59fe |
| SHA256 | ddb489d45e3ee49750930accb14b192309f192d1877ada2fb7648dcba042a60e |
| SHA512 | 8a9f0a1bd7ded9db5f66a86bf95e7ab07a55e832470f347d9f0f5be92c642c63e7ae9fbd0844cfdb10f9b3c1b8dd7776479283992d3a4f98d6e69176026a575e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 79d54be2d6b40d2e3434b4631d9c8da5 |
| SHA1 | 09339822cba03693122705901956b47b458fa1c5 |
| SHA256 | 00e316c3b8a1d354b370b6da97cecae006f408d38fc3e862c2b02a5d82962b4d |
| SHA512 | 333eb14674265dc4ba61fcc249bee285220fcba9faf85c1d10156ae54d26d167393a236d3b8c749e152b974de0873b8385460c5eb7be4858edd28a66be4d017f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a858f91fcc6f88a3faedd5c5a84ad105 |
| SHA1 | af1d06f5bfbf0c42912d1f42bafa26937dd52e61 |
| SHA256 | 46d7bde8a492b18b08c8a1cd7bfb475ef82d3dd601c11e16de7ea1f2f1019eaa |
| SHA512 | e03a939dfa28df48caaba923115a905a6f5b520aaed6e2751da57de6b29bc2e03a12c3eea245ab1073dff274b126b808ddd1c55e7bb6db05f5639089eafc7e79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000081
| MD5 | 46fc3be54c8d2ee81b329ea0e01ce01f |
| SHA1 | eddd1cf5f87f4b02ca6506f4c1092106ad5520ac |
| SHA256 | e41c7684e2d9a2716675d88954f8f050271b1eb26ff253c82fb557e701c58a30 |
| SHA512 | d5a19c619eb167be1808a5c5826c39c21b4ee764ddd69c40664e7d732337ebdcb288e7258bf66e74fa25225a80c4121c16a5af7a6563ddb72bf763ddbb42af22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085
| MD5 | 49d7a88b5fc615da7c2b31d335b629b8 |
| SHA1 | 67d9070ef31bf7706c590c208f78a753f29730d5 |
| SHA256 | ccbe46fe5d824ca0dec1a7eaa67e688214764f98795d20018dda9e64de848383 |
| SHA512 | a26ed66fb8957da9876d77c043971aeec0737659f9d0767f9844129667f5de3e0b82a8918a94617218661df76b9d59d69eb064c3c40f7d326ec6593b451792ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0a15c6b5e5101d1a1beb01ee276ee5b1 |
| SHA1 | 2cf9d3816543b527056de0443ae6ccf016ac2f5c |
| SHA256 | 9cdebb1a3bb502433e2c2f5c76178538be2e3c5131e40fa9f394896753938cc5 |
| SHA512 | 22af42a470c4887c626d3ae335dd7b63e895cb5cb7eeaec5ea6ececdbf24b248548cc1866d36906d52d2bcd8e90bf358d5d18ae6c45c549dd1888a207c46a74e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eed518c18e81c08d173969b9635e7c80 |
| SHA1 | e5b7c3d48692f71f91978815571d7d6913e01cb1 |
| SHA256 | 4476763704daa3d9a09cc40110d140702b4f48906546be2ba77fbededa87c8b4 |
| SHA512 | e66fe7988bdc02598509032af8f286f3e8e1d90fbc15eff023364194eadca010d3d556734536952836b9fbf3418d650d6248f2512e69ddc800790a2ad3fdf375 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59047b.TMP
| MD5 | eb2bbf21b37df43ee5755dd7adfd606b |
| SHA1 | 2741daaac7d206926e3708d5c534b7110ebf2339 |
| SHA256 | 82e63e2f8fe577323b1a8a3233fb221aa13ceafa6a2d46324b7d3248bb806d0f |
| SHA512 | fb51ecb3ef7d60d52f64d19ca95aaffb41650287ebdf5b27df6fd1fe23a7dcf55d3fa65ed52413e0c49972336fbafc41f65498126239100ce4ccbac58f74d753 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 2f8ce4b34013c2c62b4f133ac6b1f476 |
| SHA1 | 18bc7b2d4594d33ac2713f9f3e5be9107f1177c6 |
| SHA256 | b11840c2ed9e9fee4fdf8f850a2b097363284192e4868d27811e675dca5f0ff0 |
| SHA512 | 21e866cbf33c1eed18d0ae2eb4cd7522aed5c6e467c978ff85691ad9adf8902b95ce26ff1364f59cd2dba0d655ddb4cabd2c9d644b3030c600133c164552e567 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5910bf.TMP
| MD5 | 462d51e2d52a2618c67a1195abd8aafe |
| SHA1 | f89382162f8917d34c9c619c46bc116087a4d23d |
| SHA256 | 044948368d3bfd75be4027555929a3e56e507edd380f72a05b83cf579ff0006f |
| SHA512 | 1656257d95955a520c341efe575a8588bdb6d80f0bd75ff31623c617c0e756c7353fe34366c04b84c2ef1b6bc11d709847857001e6057898d44f35326b049f14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 55491c4429bee4661da854c6c62e57e9 |
| SHA1 | 6914f9064f82d49b75d7330691126fd7f57adee5 |
| SHA256 | 486367da7b68dd7057e5c6c4e901418ba50a30a59aa97f6700bc055297204da5 |
| SHA512 | 1c40bed691b99a555f58d0d7532cb6efac5868ee2027e63af4629b8b556541ef7b8b69abfea55bb1b8c8b9878d580b1980912d4645456bad0fd962da0ebc85f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d95f81462b1ac48dd9a453d962140b1d |
| SHA1 | 19df1a819e2aac46346ad8614aa5ff88b10102cb |
| SHA256 | d9607b699d428d8f7de5a1eea9f225c83ad8fb65e43d35b2c4ec6d516da0f799 |
| SHA512 | d7b3a936a1d4732b2ea3df41b843f53a1ab2a77217032d9ed695168ab1b83588381177cee084a40064e0e1dc19ed309b0701d441f831cab664b95f7bfe073fd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 092e679751d255a4fcd43b105d42697b |
| SHA1 | ab8784d6425e3c3d58768dd992f5526161931054 |
| SHA256 | 763ca1dd46b0226e4f788226156b600df4958bad9804654b1412c9bab77b4c2f |
| SHA512 | 922345652b5f24acc593c848efc12983a54483d81762687789432fa942a11852805576454020b6270a57443d10c871996888bfec882009b72473a8971a4f73e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84b45f1442c4b872db1738204b431e0a |
| SHA1 | 687eef908e08bfba7d8c9ee41b78cc3eef8d5025 |
| SHA256 | 9beafed7473050a75ac02b77d2afa17a3edbccaa8e41fab2608107a44c867d38 |
| SHA512 | 9dc7819407aaa1adb8217ea0238490f93e10b75b75c13311a35a9d4a9871b782818fa56e945d3602ddad0abe7579ad23599afbee336ced3798c7decba3ddcb98 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 8285182a42a707410f5c4dafcc5a2455 |
| SHA1 | feb6e0797ceb9bf4e8f6d2d36cd6fd53769bd53e |
| SHA256 | 3c9ff78ecc454cd9b571fd080fc77aa308bd55e420bbfe90ab8a0bea816c2646 |
| SHA512 | 7b0ea7cb6c1d6220ae63a451fc4e15c724bdfbc54c17a149a7dd309937d56950d700fc96c9c79e9f97ea90c93452cb2105929766757d987f8c2ee429c2901784 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c1b964e86d3b976a96010e58ed0d380c |
| SHA1 | 5769145544c2f799d9fb48549f5918af9f77b9b3 |
| SHA256 | ad709621f19f60edf7226bc085d012551584c306c0d75cf66f74aeb1564b04c1 |
| SHA512 | 14e45161d938f324ca4b1f998ba9e526387497e9ad6dddb7ffa41d7b29afe1418ab22dcbf1a6a537a4b54be06f445aadcda7719493355710581006c684d6100a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bf0da6c30016a29ee8d79890ee7ebc27 |
| SHA1 | fe752817480cbd806833cc02f8eef44e463a0f0f |
| SHA256 | bcb70d268f9d61f3959d256a7c18f03283916ea0d705e9aab5f313bdc893d767 |
| SHA512 | 3a6e7a343a6e88cb0e010fecd0c60ffc5b7e88fd90c2f85925c97f412a99fe31774c85fd0ee493b1b6dde8d16fe7efd213bfc11a04ff3645c1b05ea6e8dbc46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095
| MD5 | 825ccd29ac102fcadaf92b2343d5917b |
| SHA1 | 24472e766cfac5b82a73b219796556a0a3702bd6 |
| SHA256 | 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd |
| SHA512 | 71b8e7c0813227f5efa4b4e0561978b13672f46ee441bc222ad77aa46a32f0f44a5dab3ef038bb3418190e69dced597a79e77566da01a259f1cd6b5298a08662 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096
| MD5 | bebe201d813feaad85a3e66607d0da3a |
| SHA1 | 28b049502afa8e9db5340c1a92400591b39870e8 |
| SHA256 | 58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b |
| SHA512 | 2c83376edcb92f471c458f6c5f316dd24639fcbb88aec93b2c2690a596cc129860d0d46a2fe1fb4d71af8ae5856ee48f19ebb17dad38dde918af76c3abf7441b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098
| MD5 | 1d7e3c2d023b33e3dcd3d5e29af88f04 |
| SHA1 | 6baa5ec01e13f4db09d5debe46af697b3da9093e |
| SHA256 | 0e5171f887a69952b0067e34fef8f136b6b408bfc5ff039d37a98c61f473fac4 |
| SHA512 | 397daa10d1b23455d1e555a0db760398cd76c7fb4baf8c38b825e5034bd578f330a62738f26dcc9dcadb3c42f845723ec34cf1d35daf7faa8e1add2e972442a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099
| MD5 | a43b107861b42ce1335e41e43d4e4d00 |
| SHA1 | 99bdb1cec4a68ebe29249c46fefefb6880d009e5 |
| SHA256 | a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2 |
| SHA512 | 151d1d3865b24940962476cd6824232eeabfaed92a90439ed5d467d1c7156f7b03bde91d0303d15648ba13441b8750060066bedbdefa0eb930c43a16cbbcfdf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 37ebfb0d901be8180292b8e5a761c854 |
| SHA1 | 2017b5d14cf6652262a856dc32f98f7038add584 |
| SHA256 | fff6bd2e8816c18739c4ceb1807427c5124e1774ad614c2086a663e1616190f6 |
| SHA512 | bf24d0643d3834b7c6f34f50c67a1fd5175c5aa38acff02e2d4d3296a93423a0d476188143a3559fa2a6e3bfe7a5beedce96d6ef6eccda7b60f1d277af80c05f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 15257828a01ac199d9e792990389a431 |
| SHA1 | 7b167024fbebcba287e0372e977aeb5c300eb997 |
| SHA256 | 5aaa57cbe7f0e4603e10c5a8707d87bebfe7b618439499e7720b015d3d7f15bb |
| SHA512 | 4bee18a02430ef645e6cd052691e3277eec0bda82dd1a4cb015d2f735f1491601d5774930180f845604cbc449145f6b01a8deddb711d477a11fb517a1c8ad48f |