Analysis Overview
Threat Level: Likely malicious
The file https://pandadevelopment.net/getkey?service=beeconhub&hwid=ad4c7e6c-a60a-42d1-8d25-2512822d6aa6&checkpoints=6 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Writes to the Master Boot Record (MBR)
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Checks for any installed AV software in registry
Probable phishing domain
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
NTFS ADS
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Checks SCSI registry key(s)
Opens file in notepad (likely ransom note)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-26 04:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-26 04:23
Reported
2024-08-26 04:30
Platform
win10v2004-20240802-en
Max time kernel
436s
Max time network
438s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://www.manageengine.com/cookiepolicybanner.html | N/A | N/A |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://pandadevelopment.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b910bf4a867946d | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj6C06.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj6C35.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\.apk\ = "apk_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\open | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-786284298-625481688-3210388970-1000\{0B09832C-0D35-4753-9D6B-04734B3F8759} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\.apk | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\edit | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\edit\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\open\command | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\apk_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 176247.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 349371.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 491431.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pandadevelopment.net/getkey?service=beeconhub&hwid=ad4c7e6c-a60a-42d1-8d25-2512822d6aa6&checkpoints=6
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffc77046f8,0x7fffc7704708,0x7fffc7704718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2528 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3544 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3544 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2c8 0x4f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9472 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2980 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8468 /prefetch:8
C:\Users\Admin\Downloads\avg_secure_browser_setup.exe
"C:\Users\Admin\Downloads\avg_secure_browser_setup.exe"
C:\Users\Admin\Downloads\avg_secure_browser_setup.exe
"C:\Users\Admin\Downloads\avg_secure_browser_setup.exe"
C:\Users\Admin\AppData\Local\Temp\aj6C06.exe
"C:\Users\Admin\AppData\Local\Temp\aj6C06.exe" /relaunch=8 /was_elevated=1 /tagdata
C:\Users\Admin\AppData\Local\Temp\aj6C35.exe
"C:\Users\Admin\AppData\Local\Temp\aj6C35.exe" /relaunch=8 /was_elevated=1 /tagdata
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7156 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2028,659333501897357948,10027986214139242334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\synapse.x.apk.v2.616.655.apk
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pandadevelopment.net | udp |
| US | 104.21.60.217:443 | pandadevelopment.net | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 173.222.211.8:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.60.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.211.222.173.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| GB | 92.123.142.114:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 114.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.142.114:443 | r.bing.com | tcp |
| GB | 92.123.142.114:443 | r.bing.com | tcp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 20.190.160.14:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 219.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse3.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse2.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| FR | 142.250.201.174:443 | www.youtube.com | tcp |
| FR | 142.250.201.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 172.217.18.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| FR | 216.58.214.166:443 | static.doubleclick.net | tcp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.97:443 | yt3.ggpht.com | tcp |
| FR | 172.217.20.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | synapse-x.en.softonic.com | udp |
| US | 151.101.129.91:443 | synapse-x.en.softonic.com | tcp |
| US | 151.101.129.91:443 | synapse-x.en.softonic.com | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| GB | 13.224.222.87:443 | sdk.privacy-center.org | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.222.87:443 | sdk.privacy-center.org | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| FR | 142.250.178.155:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| GB | 108.156.39.15:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.148.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.7.141:443 | cdn.btmessage.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| US | 151.101.193.91:443 | di-images.sftcdn.net | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| GB | 108.138.233.47:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | 459bad0f44e8161afd17b85136857261.safeframe.googlesyndication.com | udp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | udp |
| FR | 142.250.179.65:443 | 459bad0f44e8161afd17b85136857261.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| GB | 18.244.138.116:443 | aax.amazon-adsystem.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| IE | 54.72.187.223:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 54.217.65.65:443 | ap.lijit.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| IE | 52.30.53.126:443 | id.crwdcntrl.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| FR | 142.250.201.162:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 47.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.187.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.65.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| FR | 142.250.179.78:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.53.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 155.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| FR | 185.235.86.47:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| FR | 185.235.86.44:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.115.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| IE | 54.75.158.40:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.158.75.54.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| GB | 92.123.140.147:443 | player.aniview.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 34.206.117.153:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| FR | 149.202.238.100:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 52.2.98.215:443 | api-2-0.spot.im | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| FR | 172.217.20.162:443 | cm.g.doubleclick.net | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| IE | 54.171.130.238:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| FR | 172.217.20.162:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| NL | 89.149.193.88:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | 147.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 153.117.206.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.6.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.98.2.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.207.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.130.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | cdn-download.avgbrowser.com | udp |
| GB | 92.123.142.147:443 | cdn-download.avgbrowser.com | tcp |
| GB | 92.123.142.147:443 | cdn-download.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.233.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 199.232.213.91:443 | softonic.com | udp |
| US | 104.26.7.141:443 | api.btmessage.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 27.27.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c16fdcc9f8e0fa4edae7923a1f88203b.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 35.214.240.157.in-addr.arpa | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.manageengine.com | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| FR | 172.217.20.194:443 | adclick.g.doubleclick.net | tcp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| NL | 185.20.209.211:443 | www.manageengine.com | tcp |
| US | 8.8.8.8:53 | accounts.zoho.com | udp |
| US | 8.8.8.8:53 | salesiq.zoho.com | udp |
| US | 204.141.43.67:443 | salesiq.zoho.com | tcp |
| US | 136.143.190.100:443 | accounts.zoho.com | tcp |
| US | 8.8.8.8:53 | 211.209.20.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| US | 136.143.190.100:443 | accounts.zoho.com | tcp |
| US | 8.8.8.8:53 | fonts.zohowebstatic.com | udp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| GB | 13.224.132.35:443 | fonts.zohowebstatic.com | tcp |
| US | 8.8.8.8:53 | 67.43.141.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.190.143.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.132.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us4-files.zohopublic.com | udp |
| US | 8.8.8.8:53 | css.zohocdn.com | udp |
| US | 8.8.8.8:53 | js.zohocdn.com | udp |
| US | 8.8.8.8:53 | salesiq.zohopublic.com | udp |
| US | 136.143.190.172:443 | us4-files.zohopublic.com | tcp |
| GB | 169.148.129.35:443 | js.zohocdn.com | tcp |
| US | 136.143.182.97:443 | salesiq.zohopublic.com | tcp |
| GB | 169.148.129.35:443 | js.zohocdn.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | tcp |
| GB | 169.148.129.35:443 | js.zohocdn.com | tcp |
| US | 8.8.8.8:53 | fonts.zohostatic.com | udp |
| US | 136.143.190.123:443 | fonts.zohostatic.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | 35.129.148.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.182.143.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.190.143.136.in-addr.arpa | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 104.20.86.8:443 | stats.securebrowser.com | tcp |
| US | 104.20.86.8:443 | stats.securebrowser.com | tcp |
| US | 8.8.8.8:53 | 41.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.190.143.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.86.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | x-synapse.github.io | udp |
| US | 185.199.109.153:443 | x-synapse.github.io | tcp |
| US | 185.199.109.153:443 | x-synapse.github.io | tcp |
| US | 8.8.8.8:53 | synapsex.co | udp |
| US | 8.8.8.8:53 | synapse-x.co | udp |
| US | 104.21.70.188:443 | synapsex.co | tcp |
| US | 104.21.70.188:443 | synapsex.co | tcp |
| US | 103.224.212.214:443 | synapse-x.co | tcp |
| US | 103.224.212.214:443 | synapse-x.co | tcp |
| US | 8.8.8.8:53 | 153.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.70.21.104.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | tcp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 54.88.47.169:443 | install.convertwithwave.com | tcp |
| US | 54.88.47.169:443 | install.convertwithwave.com | tcp |
| US | 8.8.8.8:53 | 169.47.88.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | api.wavebrowser.co | udp |
| GB | 2.16.170.113:443 | use.typekit.net | tcp |
| GB | 2.16.170.113:443 | use.typekit.net | tcp |
| GB | 2.16.170.113:443 | use.typekit.net | tcp |
| GB | 2.16.170.41:443 | p.typekit.net | tcp |
| US | 44.207.181.148:443 | api.wavebrowser.co | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 113.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.181.207.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | app.posthog.com | udp |
| US | 8.8.8.8:53 | app.termly.io | udp |
| US | 44.207.181.148:443 | api.wavebrowser.co | tcp |
| US | 8.8.8.8:53 | api.wavebrowserbase.com | udp |
| US | 104.18.30.234:443 | app.termly.io | tcp |
| US | 172.67.40.50:443 | app.posthog.com | tcp |
| US | 172.67.40.50:443 | app.posthog.com | tcp |
| US | 3.222.199.46:443 | api.wavebrowserbase.com | tcp |
| US | 44.207.181.148:443 | api.wavebrowserbase.com | tcp |
| US | 104.18.30.234:443 | app.termly.io | tcp |
| US | 8.8.8.8:53 | 234.30.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.199.222.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.mywavehome.net | udp |
| US | 3.208.53.127:443 | api.mywavehome.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 127.53.208.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| SG | 74.125.24.120:443 | csi.gstatic.com | tcp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | tcp |
| SG | 74.125.24.120:443 | csi.gstatic.com | tcp |
| SG | 74.125.24.120:443 | csi.gstatic.com | tcp |
| SG | 74.125.24.120:443 | csi.gstatic.com | tcp |
| SG | 74.125.24.120:443 | csi.gstatic.com | tcp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4---sn-aigzrnld.gvt1.com | udp |
| GB | 74.125.97.73:443 | r4---sn-aigzrnld.gvt1.com | udp |
| US | 8.8.8.8:53 | 120.24.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.97.125.74.in-addr.arpa | udp |
| SG | 74.125.24.120:443 | csi.gstatic.com | udp |
| GB | 2.16.170.113:443 | use.typekit.net | tcp |
| US | 3.222.199.46:443 | api.mywavehome.net | tcp |
| US | 8.8.8.8:53 | wav-installers.s3.amazonaws.com | udp |
| US | 3.5.28.180:443 | wav-installers.s3.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 180.28.5.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 185.89.210.180:443 | secure.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 185.89.210.180:443 | secure.adnxs.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | apkladda.net | udp |
| US | 172.67.177.116:443 | apkladda.net | tcp |
| US | 172.67.177.116:443 | apkladda.net | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | 116.177.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn.apkladda.net | udp |
| UA | 176.97.122.159:443 | cdn.apkladda.net | tcp |
| UA | 176.97.122.159:443 | cdn.apkladda.net | tcp |
| US | 8.8.8.8:53 | 159.122.97.176.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | 15.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 719923124ee00fb57378e0ebcbe894f7 |
| SHA1 | cc356a7d27b8b27dc33f21bd4990f286ee13a9f9 |
| SHA256 | aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808 |
| SHA512 | a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc |
\??\pipe\LOCAL\crashpad_4608_TVEOQBYMNZXTDBCL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7114a6cd851f9bf56cf771c37d664a2 |
| SHA1 | 769c5d04fd83e583f15ab1ef659de8f883ecab8a |
| SHA256 | d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e |
| SHA512 | 33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da1229858f398d7b67bc060615556756 |
| SHA1 | d4fa0912457845ccb258792df5d9b98dd4aa3e8d |
| SHA256 | d8c90b4df2710053f471d2d4bc9ea9b237b3ae3ed0ca7d419d81b553f12566d9 |
| SHA512 | adf069abb0b3e237598e1063d02652b4b6c83d6dadf348719c1240a6def661d36e8ae3a52720773d2d1ca2d9cf1731d091b688ef32d19fd6e3753418230360bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | be54331209996a2afabaccc03bb8fc61 |
| SHA1 | ef0ba9b7f09a9afdd61765c20460d11952e7ed55 |
| SHA256 | b052ac6b744625f748004f16bcc27309ac8709b2c4fada673212521af84c1cbc |
| SHA512 | 7c3016002231120cdbe39eef501023031c5c4e5ddd93158c47160ac712716d20617dca21266f8a4264e26f8ff796b1b8003eef25409172b3bb0024c40c78aa4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f954a7734c85a8e3388d51f98d83627a |
| SHA1 | 8bbe2306803818b15efaf4f7fc4382dde98764ec |
| SHA256 | d9fc47b1622f0c3b0b22894ac961c8dc61491a7025767adf28a9075a71a2c237 |
| SHA512 | 282e3d4823d3974d50e7d046037085d2c39347969f6fee3da028aa7ae9f8bd26bda3923ad0e139182de36b076f95b3e9545b0177ef4a71759fb19839c2867069 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c6f768cf33058e55c1108755e928b7a9 |
| SHA1 | 74a459925950f5c4d76583714dc1d92f7acb01c1 |
| SHA256 | 4bb3bfd9800fbcb9558634a2064dea383d92c0f5f4d9063e18fad183d7ae5eaf |
| SHA512 | 6e59f03f1c7089b139688653ace9046483436ec34a404cb81288870320185f7c4651f5c07990124458d976465f758d22462c2e63fe632270aaf1361412cde6ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 493f6cac6ccfb9864ca9f2a7f189af44 |
| SHA1 | 592cd3f32cf94e8886cc6ea599851085914695b1 |
| SHA256 | fab6408384fd474cb8628286a16e47e44e07a4d9541b7cef4c979d308bc9ca63 |
| SHA512 | bc6b4bdf1002bc66e6c84f2379346007ab757ecb9b76fb1fbc6047d3c53fa7fd8b208b1e8a4132f659dc13d20fffbfd19024b344e86159fe9ff79b9b8923219b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce7abdb86a8a35fb1cdb139c5d8c3bb5 |
| SHA1 | 436340c95a5e62553a7cfe224f9895cafb18ac4d |
| SHA256 | 77ccf0d654170815ec8b2aabcad7a25cc8183138c49d9d28bac5e0a737b3d0b7 |
| SHA512 | 7f0de04ce31e3788cad25fcc83a0215f52d12c2c68db3522c84d56c30d3fc42946f988f76f8f9a53e476f6664583fbd7194bd8bbf10a8f91a292a5b383d7041a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581289.TMP
| MD5 | b1e11003393f2d27c27179141a6fca2e |
| SHA1 | 118621362a2c5e37084d9d83848bc0cc6e772459 |
| SHA256 | d5728379240f8ebd2d32e03e9b57552a417669fd39feb4555abb830947ae39b1 |
| SHA512 | 378f9666952bdd2a463839b6db62866cda7251bc1e843f3787d17440b9681b5de8e08a40aa9cd4fd75d6b1b8e30d042538213db30df23d2f8a06a5440dd74a3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7263e828a27c173ded3d788b1d291ae8 |
| SHA1 | 00510c714e692ee5111d5f0456ca8009a6bfe9c7 |
| SHA256 | 6e391ba209d8b2f91e5fbf7cba8208539dafe5ea038fdd38be911571c8050daf |
| SHA512 | d6c717e2ba79d44ef2f73a33b8b09b55ea4f9bfeff09d37f254b64b2f9f0ac8bd4f0c008b688de875fde13ba6d5c044d00b76b66d7f13b2575ddae401e27a296 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 323d1efeda35454cc0d545a8b7dd5ac1 |
| SHA1 | 4fcbbf022b491f6d8213a775d44e78711937199d |
| SHA256 | 8f214abc60e5ca7dce63357cfe028ab43fdb396a6710b69e6d6a9ca1914dc324 |
| SHA512 | cddce31713fb0dd9ea5000468697400ec22f21cc9ca1d05c580c3c0d67f97fbb626906091d1a09e422e30dc19e2d9a08074f9f5d6d48d7aeeb0cc8a64cc13e86 |
C:\Users\Admin\Downloads\Unconfirmed 349371.crdownload
| MD5 | 0dc93e1f58cbb736598ce7fa7ecefa33 |
| SHA1 | 6e539aab5faf7d4ce044c2905a9c27d4393bae30 |
| SHA256 | 4ec941f22985fee21d2f9d2ae590d5dafebed9a4cf55272b688afe472d454d36 |
| SHA512 | 73617da787e51609ee779a12fb75fb9eac6ed6e99fd1f4c5c02ff18109747de91a791b1a389434edfe8b96e5b40340f986b8f7b88eac3a330b683dec565a7eff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | a1afe33ce7442502a96deee597945384 |
| SHA1 | fe34cd78635f5617cf238de6dc746058d6f88899 |
| SHA256 | f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa |
| SHA512 | f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd395aa419a5eeaf_0
| MD5 | 41909a4b932f05bd51b4e4f83b637c5b |
| SHA1 | fb8e409b6fc0f910f2ac2c6b27de1372fc2d6950 |
| SHA256 | 98622669751f87bea153c1c7e3e7c9d50af781a233016acc21c147eb6314f803 |
| SHA512 | cd2bee3196ecb8773dd98d74a32df82ae6edb2562b0abd19e4fcca4fba09f522ae78b89b157c434f6339f9137ad9f87fde16bd120a175755b79e1f9f68fbc0c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Temp\nsc62DF.tmp\jsis.dll
| MD5 | 2027121c3cdeb1a1f8a5f539d1fe2e28 |
| SHA1 | bcf79f49f8fc4c6049f33748ded21ec3471002c2 |
| SHA256 | 1dae8b6de29f2cfc0745d9f2a245b9ecb77f2b272a5b43de1ba5971c43bf73a1 |
| SHA512 | 5b0d9966ecc08bcc2c127b2bd916617b8de2dcbdc28aff7b4b8449a244983bfbe33c56f5c4a53b7cf21faf1dbab4bb845a5894492e7e10f3f517071f7a59727c |
C:\Users\Admin\AppData\Local\Temp\nsc62DF.tmp\nsJSON.dll
| MD5 | f840a9ddd319ee8c3da5190257abde5b |
| SHA1 | 3e868939239a5c6ef9acae10e1af721e4f99f24b |
| SHA256 | ddb6c9f8de72ddd589f009e732040250b2124bca6195aa147aa7aac43fc2c73a |
| SHA512 | 8e12391027af928e4f7dad1ec4ab83e8359b19a7eb0be0372d051dfd2dd643dc0dfa086bd345760a496e5630c17f53db22f6008ae665033b766cbfcdd930881a |
C:\Users\Admin\AppData\Local\Temp\nsc62DF.tmp\JsisPlugins.dll
| MD5 | d21ae3f86fc69c1580175b7177484fa7 |
| SHA1 | 2ed2c1f5c92ff6daa5ea785a44a6085a105ae822 |
| SHA256 | a6241f168cacb431bfcd4345dd77f87b378dd861b5d440ae8d3ffd17b9ceb450 |
| SHA512 | eda08b6ebdb3f0a3b6b43ef755fc275396a8459b8fc8a41eff55473562c394d015e5fe573b3b134eeed72edff2b0f21a3b9ee69a4541fd9738e880b71730303f |
C:\Users\Admin\AppData\Local\Temp\nsc62DF.tmp\StdUtils.dll
| MD5 | 34939c7b38bffedbf9b9ed444d689bc9 |
| SHA1 | 81d844048f7b11cafd7561b7242af56e92825697 |
| SHA256 | b127f3e04429d9f841a03bfd9344a0450594004c770d397fb32a76f6b0eabed0 |
| SHA512 | bc1b347986a5d2107ad03b65e4b9438530033975fb8cc0a63d8ef7d88c1a96f70191c727c902eb7c3e64aa5de9ce6bb04f829ceb627eda278f44ca3dd343a953 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 355d1979f59244bd8da4ddfba5bada92 |
| SHA1 | 9b67a1e5f9c13d3a14adcdb5835b591bdd43484f |
| SHA256 | ea6738a3de43fb62bb2fde6d1359885239acdad21a282e7db51ef3dcee60f5fb |
| SHA512 | 5fc319499a74ddd4edc6c0104a70abee5ddacc5c1a8f2dbfac7e722fc34046d034c7b8252e672277eabe2f9955b01f4adcf119404f1810d53a0d48943723ec47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 090543e1d5fc0f6ba57ff87ac321bfb4 |
| SHA1 | b8a69cb7fe3cd69b1e87d9364f9c1edb2b5062a6 |
| SHA256 | 184273686f5ae24886d3ab9db99463a26d1c72162d605f4674b8cb4d9c1b1388 |
| SHA512 | 7cb46364c84636b379b76137688784d72ac4e4e08425308bd4e8c6f0188e28d5e5bf915a64729d252347ce8cd72e77bce8a12fe5dd9d457bd2ba58e64ea08e87 |
C:\Users\Admin\AppData\Local\Temp\nsc62DF.tmp\thirdparty.dll
| MD5 | 7b4bd3b8ad6e913952f8ed1ceef40cd4 |
| SHA1 | b15c0b90247a5066bd06d094fa41a73f0f931cb8 |
| SHA256 | a49d3e455d7aeca2032c30fc099bfad1b1424a2f55ec7bb0f6acbbf636214754 |
| SHA512 | d7168f9504dd6bbac7ee566c3591bfd7ad4e55bcac463cecb70540197dfe0cd969af96d113c6709d6c8ce6e91f2f5f6542a95c1a149caa78ba4bcb971e0c12a2 |
C:\Users\Admin\AppData\Local\Temp\aj6C35.exe
| MD5 | c79bb78a0bad2559a7037913dd1f1f34 |
| SHA1 | a5b36348ad93fdf971201f31136d8c9b056984a7 |
| SHA256 | f63b47288af395ac9c02c980592691e2d446fe8b4d3813007433ae262af693c3 |
| SHA512 | 1bd81cbe784427e54903159225e0fd94c0fab1d9498c11db177d86268f34129e6835759a9a3e3822c717349043930e13168390fcc2f9a74f9699f14497cfc888 |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\Midex.dll
| MD5 | 2597a829e06eb9616af49fcd8052b8bd |
| SHA1 | 871801aba3a75f95b10701f31303de705cb0bc5a |
| SHA256 | 7359ca1befdb83d480fc1149ac0e8e90354b5224db7420b14b2d96d87cd20a87 |
| SHA512 | 8e5552b2f6e1c531aaa9fd507aa53c6e3d2f1dd63fe19e6350c5b6fbb009c99d353bb064a9eba4c31af6a020b31c0cd519326d32db4c8b651b83952e265ffb35 |
C:\Users\Admin\AppData\Local\Temp\nsg6E76.tmp\CR.History.tmp
| MD5 | f310cf1ff562ae14449e0167a3e1fe46 |
| SHA1 | 85c58afa9049467031c6c2b17f5c12ca73bb2788 |
| SHA256 | e187946249cd390a3c1cf5d4e3b0d8f554f9acdc416bf4e7111fff217bb08855 |
| SHA512 | 1196371de08c964268c44103ccaed530bda6a145df98e0f480d8ee5ad58cb6fb33ca4c9195a52181fe864726dcf52e6a7a466d693af0cda43400a3a7ef125fad |
C:\Users\Admin\AppData\Local\Temp\nsg6E76.tmp\FF.places.tmp
| MD5 | 199d82d11c3c57b35976685dd2c6135f |
| SHA1 | b95c80c6766745ca4049acd19d25e9e60d55871c |
| SHA256 | d1e83b9f571cdd8087d0ba5e2de31ad98ebf2c1156eea86de6ef8dea5fc2adcb |
| SHA512 | 972db73c22a683a2a68043f53a388978b72f20b2c1411bc69b662b1e66c31dbcb60f142748c6960242da7c58dcabac46b056f6c612612d062b54e38dbf44c14b |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\CR.History.tmp
| MD5 | 6518738a3b900945b9c9973a457ebe9c |
| SHA1 | 29a78052f06ecd7f0c6e703f0c644ca29dd37596 |
| SHA256 | caadee75fff05e5dd2dc1f63aeb78f04cef6e00ce6ef30807a94ba5cadad6239 |
| SHA512 | 0c570aa78cf8e0feac210dacebdde675ac6e1530627100fcad6f7701619507fae4bbbc9ffd2bebd8df505450a8ef87ccf47cdf4482ae327157e8647bbf5209af |
C:\Users\Admin\AppData\Local\Temp\nsa77FD.tmp
| MD5 | 92ff3e51f55a2f70720c07f67acd3ca8 |
| SHA1 | 4aaec240b744fa049bd6d2043106e9b5ca138bdd |
| SHA256 | 607783ec67ab3cc77fc9298011d53f2c1bb6b0882504c0164a167f787599532f |
| SHA512 | 47117d866fb6932bb0d6bf00e54a6e26517127be5f84fcdb9759372cbf6da2db4e7faf830793c215ecc94f6d080087b7a28663e4a358c9e1659e0986b3b1b93b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f5d009cc6df1372b984afdbe790d9dd7 |
| SHA1 | d532b2b09430b6567174a8c9394e1cafe38b2bab |
| SHA256 | e0097b7fcf3395851ec9fbfab7406181a1a3d6cd64f6abcd44deffa57abc9585 |
| SHA512 | e7df6c0019aef94b4f5ae8f4b6bca8d9423e7ee1a3001b0ff7601cfae458002002487543ee83ab92a879c8f9ea85a4664d2a4321f750550936361883dcfedf9d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d2a562921bc7463fd7915c5ad10d2c3a |
| SHA1 | bfa7b8b3d5c5e1dfbf016e8aeeaad0acef5a933e |
| SHA256 | 1f60efec9a405df58de1962ab2167fb89949110aad106e86c335ff7bf7adf626 |
| SHA512 | aaa245d164018fd0173fb60c857ad39adee4e1631005f642368b8f3eeb33b49c7f53568f1a7ed5d8f4a11c8ba57e1ed10ae3a6b55e79ce6fab1fe6f4ca0e0e90 |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\sciterui.dll
| MD5 | f40c5626532c77b9b4a6bb384db48bbe |
| SHA1 | d3124b356f6495288fc7ff1785b1932636ba92d3 |
| SHA256 | e6d594047deecb0f3d49898475084d286072b6e3e4a30eb9d0d03e9b3228d60f |
| SHA512 | 8eabf1f5f6561a587026a30258c959a6b3aa4fa2a2d5a993fcd7069bff21b1c25a648feea0ac5896adcf57414308644ac48a4ff4bdc3a5d6e6b91bc735dc1056 |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\reboot.dll
| MD5 | c845234dd1e1cdf6f63ec1b025b75742 |
| SHA1 | 150dc042b54e3dc34172d5a2507125eaf619d14d |
| SHA256 | ca418ce0992368c09827a76b0cca14070b9c518badc95085c7d71034784fce5e |
| SHA512 | b08b899e523da279b9e56306b237eadc6fb91fe460b0872bb6a4b163d3c83480621d2e5e70d1de64fc9d751d8704dd4ab8400d5a901846e4775f4d34977ce605 |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\jsisdl.dll
| MD5 | 5121c566ac9315a53e558bf62600f9b6 |
| SHA1 | 6da036314afefeb8c1dd88cc6eab0efb432a3b4d |
| SHA256 | d88e38df30887c722fb837278ee3782914574414c741cdfd3bd6126799fa3167 |
| SHA512 | 4f6de42af54cec8e63bdfc54ac250a5f5cc09081e9ae85d0cbbcad952f58727cc4cf68501a020474539c51a771537993bc12272496fea5eea924d7058f76fbce |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\inetc.dll
| MD5 | 650e0e39808140a1da5abd3d27880c7e |
| SHA1 | b2ec540caf946ee5353f52227e8c9942cfb42f22 |
| SHA256 | aab155dcaaafebe4b84a9aeec6ffbce9b484a99b316657ee9b7a98b346f9538b |
| SHA512 | 9f00d912c123b1b235f0b63154693d294b7cf2c0571fc9bb462ba5c9ef350aa79680436ba4a094c9e28c867bc79bdeb96b0622d153a107bd8a9631d99e4fa6dd |
C:\Users\Admin\AppData\Local\Temp\nsr6F03.tmp\AccessControl.dll
| MD5 | d4fa24f021f155ce9214dccf812c3b7f |
| SHA1 | 864001ab7d2c87af00b7153cd096e0454b3f4e9f |
| SHA256 | 3b0889281ff6367bb736690229f461bb4ff34b7437f54a5c71b877a104c0f876 |
| SHA512 | de1720af369890df89c8550d49b4e3e2e353e4a21ef30be5ebee9216e312a57ede9f7919e71de592d0bad6e482d48fb759dd1d1323caafa506634e9f877f6213 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 36184d97b14ae7939a82c7f0ffa39945 |
| SHA1 | d7a3cbd4db86d787a694d382289fd6b937966228 |
| SHA256 | 763c608b878b6754d67cb19339d06b51a77b2f8b3902bd3a30f9d267065aed8c |
| SHA512 | 2899780aada5f14c2bfb2df656cbed5d3a7c1bde3fdf6fd1f79db0dc7b1b6c3f2792268e10f8eaa75c621f8de3f9f2d8d0836476ebd172897ce7fae29e2bf2a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 238a07c3ecd1d85c06660df850d013a8 |
| SHA1 | 2cf1f5a2d60af148c1a07f48d9f0d75b2cb35100 |
| SHA256 | e7749b1bab6c6c37e22a4279fa0c71116e010b4912621b242b50354cc8a0f64d |
| SHA512 | ce3217af6dc7c6e69a29e531a4af6b91d9e9196b221d83d2678da8765433bea4a3eb2da278635ad925c22ef189538e8e234ba8e9582845fb1a4515f2fe8922ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f4fcd25098a6d9be44a07c0df04fd923 |
| SHA1 | 574be665425f189394cdeb41c05880f2636fe4d2 |
| SHA256 | cbe948520fdecaf9c290478be19b6e5da140273714319c88e3701f4f850ec2ff |
| SHA512 | 2a484d7ad969a9d0cc847bbf76f57c4c321b8d9bced5689a9ede7b5d587ac5157638f3714ad64b81999412c4e9d35111f6da4c0e0708ab4cafae7a275064cd40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b4bf50681e2ac254e8cb12c264bcb4d0 |
| SHA1 | d42b1412ba9758543d326260a231bd5c1df85633 |
| SHA256 | 8731a630e3d145349e71d669df098aeefd996bbbdedeef20005fd7834fdbcb18 |
| SHA512 | a2f3a698ff1cc4c90cb4bfe50beb6fc3e85f0ece54628626f47e98c476d3c71f740e4f770f1eeaae6b260a4a473b1762488f5b79665a5324ec12293ef3b0d3bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ea3d0d1edff1b2b20a8db064eebb50e8 |
| SHA1 | fe5eb2645b577094f11ee6baaa45c1956d17aaf3 |
| SHA256 | b1a5884faa9fb662cf88ad05a0b771414c208542d13a4071a36347e6153062fe |
| SHA512 | e3a1d965e6693536c9893c6afc996c0bf0e1970bf25f1dbede085ae319a9c08dbcda8f4d415046bd2f68696010353e47c68a3fac994f0f98eeea5be5da16a601 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a61407e4d057fcc1bd96f4ed421068c |
| SHA1 | 0bf93909e7a2c1514eac2e520b0dbdfbd3bd290f |
| SHA256 | 5d3e59286fc0ea1c8ab1eb15c52545f48b183a9a361a77e470daaeb5842f2dfb |
| SHA512 | 75ee697d08e6cf374061f9c1bbfd7e02e89e07e7a586f9be06c18532fed8d390b02c67230572b9d5cfdcfaae02e0b68c979a698ed3832e6d721515f38495790b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008e
| MD5 | 9708e5224c10eb91f435950128a72070 |
| SHA1 | cc66f87dad487f1db80dc78942a7016d26725ae9 |
| SHA256 | 834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d |
| SHA512 | 8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 619d67bbc5eeaf621057f316e61073fe |
| SHA1 | 1079075cccbaa0b19c7543c684e43c22d78a2f18 |
| SHA256 | 5ec67054caf0be85471d49a02eb0867066490e548a166d725a0e5369015d1700 |
| SHA512 | 24eeee0f05ecb5a67ae44c967edb07d584a2994825833f5e89dddb708a64c9bc43c0643586b9f35ccd1dc39ea0e9bdad1fe085cc0fca9f4bfa02642a6de12516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df6ab3f2cf1f105d_0
| MD5 | 0be67db79568d26fef9c8d361d33c474 |
| SHA1 | a03098160fa51febc21ad399ddd77e05fe9118a0 |
| SHA256 | eb8efaeefc9c55c0564b0cc6feb54e28ac683f1eddd973c5b9c075b7e08139fc |
| SHA512 | 10b1554682e2fb6f3dcc1ce97a454baf812dc36c03ecf810d47e552c6a84053c4456bbd28b02186474c894f933fbb07cc1678aeadd70ad36b05b6d5cb9c7c6de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c53b917ad0adf193_0
| MD5 | 2e71c3f91feb933dc50adee5b3d9ee81 |
| SHA1 | a25fb3624dee4db4d665fab2d2825ffef5aa3cef |
| SHA256 | 53a309e24b860d75db0b1a25963c39a8ae8fc686c263c94a1fc51899da8a4bb9 |
| SHA512 | cfb6db46207f9ccc0d549a59da660c573377bab12b04e9fb37343c4fa51aa0c9d050960a728d0c7abefe578752ec1e4fccaa067521b1851472da525c83c4d89d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076
| MD5 | 8fc04f0a1a15bc42f5a832fd31f447a6 |
| SHA1 | 1fdc1cbefb2a9bc601fb299241022d695b3013be |
| SHA256 | 8e5e82e50f588067cd159c159fc88735d4123d3ce180b0708d6e2535b048add8 |
| SHA512 | 2e3d44c486d41ee24ae02e0dd8fd206b3f797885ca304d40777327d61ee494b3fa77ed1c7b8fae1a2df34120efab31fe63e2053ae44b8faa7b2976adeeb094a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078
| MD5 | d2703f7be0a853ff492492d3f2990eb5 |
| SHA1 | 36b48920b63cdf6380a9a07e9506c80126ee7593 |
| SHA256 | 7b63deb9087a0c5a621e44fe584d9afaa23dcade0e4f5a0731da2c02abb6b5a3 |
| SHA512 | d1585122ab24e8b0a1cd9152e44bbe007879bec9adcc0a8d6f9b850e829fa1f040d769cc74a8de99b3c5b279996c3552b8afd85d6243bff3287f6739e4847b70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d0ee576b-598c-4e7c-b765-ee7857d4d546.tmp
| MD5 | 1490183ae6f0c547250cce73afbc4e4e |
| SHA1 | c230332c8d10e14b995c62ef68ad1cbf28b6930e |
| SHA256 | 1bdbb8c493f826f8e11a9f5f251483dc33032f608b22da19c2cfad4923b1cd31 |
| SHA512 | e8a6a0f847200082b264b9c97e1da17e71c270c020fada9ca0412e839ded418ec8af870c8522023d5206655e94f026d6d4d4c8057fc63537f1af005e35a23dd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5c420720-9939-4766-bce4-524f2abc1364.tmp
| MD5 | 257df274aeade2ea8639cc266a253a01 |
| SHA1 | 0fe69b1d6381402ca59779ea56912d2463d0728f |
| SHA256 | bd204fecd31c5e6b64509a9c19e4bf09a6bae180fc580583df2261eeab2a0781 |
| SHA512 | b4e9b5e11ed664a6362cf449e62366a413e189fc10aaa035999ecfa67b6550b9e594cc43fbdb68d59c08ad0dfc3c9a22b1386e778c4b9b66a0a42d5cf7e6346a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d28ab9134a3ee5adb9465531216a652 |
| SHA1 | b58f78efd4185991ad274a474587363bcb949b74 |
| SHA256 | 5dc2e6f71f154d591288825e5c28a0315b99b75029c0ec58788ba508e31b8b7a |
| SHA512 | 88e28b619b264bc1783199366c3ad94b394f3b6cfce21fd031d960e3e24fff2a2caacc4cc42b25d29746d2b4b3cada721275018d7a7c15115516d0f412265dfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f6653850d9968da3dfa788b175865c0a |
| SHA1 | b202aea3bfa259597a78fd6ca61dba47869babba |
| SHA256 | 902fe20396456c8707c3f12c88298c91f7870b3de6cd38b4f32bf3d4c06ed1db |
| SHA512 | e4934903816ec5939eebb66929088a600162ba603eb120ade86549fa97f64c681cefe56688495546ed9448aecfa9785f3da15fa4fb8f1e405c7d0b8c8e9e49f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 99cc892fb7da07cb1954396578adc039 |
| SHA1 | 0aa3be3c88fa96a68012262fe01ccea9a0beb43d |
| SHA256 | 99483f22165f9c9907f3293bcb8dd8c937fa6abfd4fadbc5711dd555ae786eb6 |
| SHA512 | f55596c6f5a794c35689a82162a28db219809a17b7b502f0ace311777e58771602e3a3f6ee012e670668783598b2bf7cd1c74611de9ee871acd666dbe19d0d6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f612d931e8d52514e20485d08613c89f |
| SHA1 | d37bc0fa507d732baf0206b5eae25a6899ae429e |
| SHA256 | 68a97bd13d1972b6bd63d6982724eac91fb0e844efdfd7b0725b64fc7db714d0 |
| SHA512 | 4fbca3f35d231ef3c25c30eb3dc2454872d7b8e06a7728c57bd96094e2a2466134495e7a9047ac5fb2df42a03c10bc074920a30faa777834930c1b7c252760da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e227d6ea1b45a8cd928429a5af18c5f4 |
| SHA1 | a1d3d0bb8f96767f78c8a468aeea9c905c2ae31a |
| SHA256 | d848a9a892df63a7717e4061df24d15330a29cfbfa458d32bf2c9d8c6655bc2c |
| SHA512 | 531761d2ef35c258601db23b5b69f94167d99bbf9c7ddc432010fc1b5994353077e91f072d6bd64b773ca95a42d69d6bbb5e0ac0552a7cd422baf4b5c2904393 |
C:\Users\Admin\Downloads\Unconfirmed 491431.crdownload
| MD5 | c9db6b5c84be13a43ad23cc204e4bc52 |
| SHA1 | 94bd6634303205715fd04f8aa10d75158390e4d9 |
| SHA256 | 77200156d4773175d341aad11ab23bd52445065cd95060348da17d083dc27688 |
| SHA512 | 9273493c5e5ea24b2f5ee219fdf849546e85b3f5cc24c970f1ab6fdcfe961d96ca6fd41c96f9d915892ab24ce7ff409f0f5a6569b0225e95d36afba51615f8d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9a4673b3211f0b886ac6d68f2d4cba2b |
| SHA1 | 84d5cc1a5d3ee58976bd500568917487cf732a25 |
| SHA256 | 27d3839144dbec9ecc796528507b63bfe574a6794c16f04ceb3fd0e5c00facb5 |
| SHA512 | 111f6ddf95d0d00fc323bafb8a039f7877d0aa42e43a5d69d8360a1a4e8c8dba7266507bfc8bc7b19ec121482edaaee277fb5934eeca5c3f15689801c42d3d79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e62da1903775d92eb4379ebe2f3f02a3 |
| SHA1 | 8120eff58815a1ec05dbc22380c45aaa50e453f4 |
| SHA256 | e8efdf7cbee6e03314681b76a715243eb24d35ed70beb156184638216de1af01 |
| SHA512 | 674af5251414af48d485e6be3318237da1aa9f52db70b14f50a2ef8c19f03ef699c2d52c91bba73dc1e81e0f36894f1181ac52c4c11ec7681585d878edb989d9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 6ce28a47da94ff939c432e5ec68ae105 |
| SHA1 | e33a03a3aaa5bf8df781b5dcc8808bcf993ea043 |
| SHA256 | f99e4c643f39e1b0d1ece815bfbea64db7b07fe66024763ae79252bfaab79bd0 |
| SHA512 | 8e4b9959de0518659b38a9a147f53b55cbf465b52c6a8bbbf4924ad1e4496763bd3b6a4fda9da8e4e6f25816af1ba874cc5deb3685fb17cede11ccc8f51692d4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 209198edf9d54cde6328bb5115f66bfe |
| SHA1 | 33a2608616599243f904300126bc803566c04fdf |
| SHA256 | f9228a9822e26660ce6b94b2773e3add82dea8d7a997a0c47efa3092b9b53473 |
| SHA512 | a96e20bbd4032d108c2090fca71cb3018044709fa9540d306a5ea8b59112eef8fa0a7b306547fab0e4ec1271f0d079b13abe46cc85266f1649b9603d18f455a9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 48283caff60269e4343def5374b8ccb8 |
| SHA1 | ea649aa7cc6df0076ee482c50152873013812dc2 |
| SHA256 | f4973ca0ceaf3b3a9dbbd7ec414ce4034f685f88c76f890b31db946714930722 |
| SHA512 | b20d6a3d97dc66b0e93247273509beaf8e66ba0aa505f67b64f290ed8ef8bfd73daf462f97c22190104011f3a990b470b33bd573288af9999533ec90112d27ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8ccded5e6ec6d7ff0cb4fec1ebad268e |
| SHA1 | 6d1862c3c5cab8dfadc892018048b981c27ace07 |
| SHA256 | af6a32b7b13219300aeedf385b9e376b8a6a5089c74f85b61cd60adcc8375c6e |
| SHA512 | 599053066d3b2ad7a5eeb4ba7e01104cd1b76509d003d962091d2c2d8ac4fdd579c4e6807bae1be5cc5fde90c2ee43bf72e911610aac067e7f8fd32ff27facfc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 294273f846f7728b84e18e49d7a6d4b5 |
| SHA1 | 7453b4da805399ebb3ecd11cecb50463da208eb4 |
| SHA256 | 1f04bacc61bb1ead7dd3f9022b897f74bb96b31814f900017d892b23fd39403a |
| SHA512 | b2fb3faff7d0261df10f7da42781a108895bd28bfc2949a5afbd7590a29d4bee1e0bdb8f8d0cb84e2258cf4954bdd0ddb28568dcc202710b1beb9bd7583f9176 |