Analysis Overview
SHA256
5997ccc2847d0f1d63ee84ad5926acb98616d342f17b890f205a3c3005551242
Threat Level: Likely malicious
The file . was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Enumerates connected drives
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Blocklisted process makes network request
Legitimate hosting services abused for malware hosting/C2
Drops file in Program Files directory
Drops file in Windows directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Modifies registry class
NTFS ADS
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-27 07:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-27 07:16
Reported
2024-08-27 07:46
Platform
win10v2004-20240802-en
Max time kernel
1800s
Max time network
1784s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\ProgramData\Solara\Solara.exe | N/A |
| N/A | N/A | C:\Program Files\nodejs\node.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@colors\colors\lib\custom\zalgo.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\events\tests\remove-listeners.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\clean.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tiny-relative-date\lib\factory.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\are-we-there-yet\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-dedupe.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\common-ancestor-path\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-exceptions\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\safer-buffer\safer.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\LICENSE.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-exec.1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\pacote\lib\remote.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ip-regex\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\using-npm\registry.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\strip-ansi\license | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\sign.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\gyp\tools\pretty_vcproj.py | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\color-support\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\configuring-npm\npmrc.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\parse.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-pack.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\node_modules\glob\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\https-proxy-agent\dist\agent.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-dist-tag.1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\fs\lib\with-temp-dir.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\qrcode-terminal\example\callback.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\node_modules\minimatch\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\bin\ideal.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\negotiator\HISTORY.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\identity\oauth.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\identity\issuer.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\bin\virtual.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\mkdir.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\move-file\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\query-selector-all.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\diff\lib\util\array.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\lib\is-windows.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\read\lib\read.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\classes\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\readable-stream\readable-browser.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ignore-walk\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\depd\lib\browser\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\dist\util\stripComments.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tar\lib\mode-fix.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\lib\nopt.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\npx | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-pack.1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\x509\asn1\tag.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\git\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\write-file-atomic\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\promise-inflight\inflight.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmsearch\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\internal\debug.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\arborist\rebuild.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\color-convert\conversions.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\just-diff-apply\index.tests.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-team.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\ranges\max-satisfying.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\config\lib\type-defs.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\ours\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmversion\lib\read-json.js | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA613.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA643.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSID279.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9D36.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9CF7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAE15.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5899ce.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5899ca.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA3C0.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICEDE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5899ca.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9D56.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIADE5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICCF8.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICD85.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\wevtutil.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNpmModules = "EnvironmentPath" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPath | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductIcon = "C:\\Windows\\Installer\\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\\NodeIcon" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000624c7b65d7e4da012283bae9e0e4da01a717c36051f8da0114000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000001000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\DocumentationShortcuts | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNode = "EnvironmentPath" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\PackageName = "node-v18.16.0-x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Downloads" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductName = "Node.js" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\NodeSlot = "7" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\corepack | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 267796.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\SysWOW64\wevtutil.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\SysWOW64\wevtutil.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\wevtutil.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\wevtutil.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff914d546f8,0x7ff914d54708,0x7ff914d54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding EFE0BB9444D5EEEEBDB406D6CC43B475
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 999295F7B3869267188DB05A45C1D005
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 899F24A3AA3B50431775BEA518A623BA E Global\MSI0000
C:\Windows\SysWOW64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Program Files\nodejs\node.exe
"node" "C:\ProgramData\Solara\Monaco\fileaccess\index.js" 0b8c8dd0495a44ee
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4768 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6468 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,16542576674533620028,4290335487510627154,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| GB | 92.123.142.185:443 | www.bing.com | tcp |
| GB | 92.123.142.185:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 185.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | 125.203.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | 27.93.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | clientsettings.roblox.com | udp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| US | 8.8.8.8:53 | 24.19.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.nodejs.org | udp |
| US | 104.20.23.46:443 | www.nodejs.org | tcp |
| US | 8.8.8.8:53 | nodejs.org | udp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| US | 8.8.8.8:53 | 46.23.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c6ff8eb7.solaraweb-alj.pages.dev | udp |
| US | 172.66.44.59:443 | c6ff8eb7.solaraweb-alj.pages.dev | tcp |
| US | 8.8.8.8:53 | 59.44.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:80 | file.io | tcp |
| US | 45.55.107.24:80 | file.io | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| GB | 18.245.218.91:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| US | 151.101.3.42:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 151.101.3.42:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| US | 151.101.193.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.exelator.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 143.204.176.17:443 | cdn.exelator.com | tcp |
| US | 8.8.8.8:53 | 142.47.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mydmp.exelator.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| GB | 108.156.39.27:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | onsite-tag-logs.apps.nielsen.com | udp |
| US | 8.8.8.8:53 | load77.exelator.com | udp |
| US | 54.237.163.72:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| GB | 84.17.50.8:443 | load77.exelator.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.163.237.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 173.222.211.8:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 18.245.189.34:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| IE | 3.248.98.103:443 | track.venatusmedia.com | tcp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.111.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.189.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.tahoe-analytics.publishers.advertising.a2z.com | udp |
| US | 54.70.103.160:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| US | 8.8.8.8:53 | 103.98.248.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.103.70.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 104.18.34.190:443 | elb.the-ozone-project.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 89.149.192.192:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.192:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 147.75.34.177:443 | prebid.a-mo.net | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs-simple.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.93.153.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 142.250.75.226:443 | cm.g.doubleclick.net | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| FR | 142.250.75.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.88.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| GB | 13.224.222.101:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| GB | 92.123.140.19:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 54.90.152.160:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| NL | 81.17.55.123:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| US | 52.2.98.215:443 | api-2-0.spot.im | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 50.31.142.159:443 | b1sync.zemanta.com | tcp |
| US | 50.31.142.159:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| IE | 54.194.101.55:443 | ap.lijit.com | tcp |
| IE | 54.171.130.238:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 101.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.152.90.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.6.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.98.2.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 55.101.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.130.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 7c1810ecfebdbc4a9d35bd318beb5ff0.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| FR | 142.250.179.65:443 | 7c1810ecfebdbc4a9d35bd318beb5ff0.safeframe.googlesyndication.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| FR | 216.58.213.66:443 | ep1.adtrafficquality.google | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| IE | 54.75.251.201:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| FR | 185.93.2.246:443 | cdn1.vntsm.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.251.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| TW | 64.233.187.120:443 | csi.gstatic.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| TW | 64.233.187.120:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.235.87.251:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.121:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.187.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.87.235.185.in-addr.arpa | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| NL | 89.149.192.192:443 | www14.smartadserver.com | tcp |
| NL | 147.75.34.177:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.238:443 | aax-eu.amazon-adsystem.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 92.123.140.113:443 | ced-ns.sascdn.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| US | 8.8.8.8:53 | euw1.smartadserver.com | udp |
| GB | 92.123.143.83:443 | apps.sascdn.com | tcp |
| NL | 89.149.193.96:443 | euw1.smartadserver.com | tcp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.178.250.142.in-addr.arpa | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 92.123.142.195:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 195.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| FR | 216.58.214.162:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 162.214.58.216.in-addr.arpa | udp |
| FR | 216.58.214.162:443 | ade.googlesyndication.com | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 89.149.192.192:443 | euw1.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | udp |
| NL | 89.149.193.96:443 | euw1.smartadserver.com | tcp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| FR | 5.196.111.65:443 | euw2.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 225.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.111.196.5.in-addr.arpa | udp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| FR | 217.182.178.225:443 | euw2.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | udp |
| FR | 5.196.111.65:443 | euw2.smartadserver.com | tcp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| NL | 89.149.193.81:443 | euw1.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| FR | 217.182.178.225:443 | euw2.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www14.smartadserver.com | udp |
| FR | 5.196.111.65:443 | www14.smartadserver.com | tcp |
| FR | 91.134.110.129:443 | www14.smartadserver.com | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 129.110.134.91.in-addr.arpa | udp |
| FR | 91.134.110.129:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| FR | 217.182.178.225:443 | www14.smartadserver.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.210.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| IE | 54.229.112.66:443 | track.venatusmedia.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | www14.smartadserver.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| NL | 89.149.192.240:443 | www14.smartadserver.com | tcp |
| NL | 89.149.192.65:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 193.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.112.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.192.149.89.in-addr.arpa | udp |
| NL | 89.149.192.240:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| NL | 89.149.192.65:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| FR | 142.250.178.130:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| NL | 81.17.55.98:443 | www14.smartadserver.com | tcp |
| NL | 81.17.55.98:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 98.55.17.81.in-addr.arpa | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| NL | 89.149.192.193:443 | www14.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| GB | 18.245.187.73:443 | ib.3lift.com | tcp |
| US | 8.8.8.8:53 | 73.187.245.18.in-addr.arpa | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| NL | 89.149.192.193:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | apps.sascdn.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 89.149.192.240:443 | www14.smartadserver.com | tcp |
| NL | 89.149.192.65:443 | www14.smartadserver.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 32.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 89.149.192.240:443 | www14.smartadserver.com | tcp |
| NL | 89.149.192.65:443 | www14.smartadserver.com | tcp |
| NL | 81.17.55.98:443 | www14.smartadserver.com | tcp |
| NL | 81.17.55.98:443 | www14.smartadserver.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| NL | 89.149.192.193:443 | www14.smartadserver.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | ade.googlesyndication.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 227.210.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.197.32.178.in-addr.arpa | udp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 178.32.197.48:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.177:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 177.25.132.164.in-addr.arpa | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.177:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.177:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| FR | 164.132.25.177:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 112.55.17.81.in-addr.arpa | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 53.171.252.37.in-addr.arpa | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.112:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 176.25.132.164.in-addr.arpa | udp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 81.17.55.98:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| NL | 81.17.55.98:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.98:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 69.166.1.8:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.98:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| FR | 178.32.210.226:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e765f3d75e6b0e4a7119c8b14d47d8da |
| SHA1 | cc9f7c7826c2e1a129e7d98884926076c3714fc0 |
| SHA256 | 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89 |
| SHA512 | a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079 |
\??\pipe\LOCAL\crashpad_3204_XJSVRIPXVTWZFPJI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53bc70ecb115bdbabe67620c416fe9b3 |
| SHA1 | af66ec51a13a59639eaf54d62ff3b4f092bb2fc1 |
| SHA256 | b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771 |
| SHA512 | cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 79974b7decc2be7b59e7c7f3223dfeea |
| SHA1 | 800eb79047d734757419e370aa8b714c329f4499 |
| SHA256 | 38835f1b1688691becf8242705d125e0db39d7730094a989674c5a1fd3177490 |
| SHA512 | 4a306f2993e81e0af27ccc4f088b14d20523e801ba34726599aec8ba89b7e1197c462509c315bc09b55e2888231c454a7a35ea0b63838e52cef6794f38d53eab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3bce2c7ac18e19288a8b27e30d9b9a33 |
| SHA1 | 4cf8a10ea473758c7e3e10ad3677ada71dea0c82 |
| SHA256 | 0ffa3a1666b7f168e6fac453000488c92a3800a6e8834bbdfb2bc55a44fad981 |
| SHA512 | 0f0a305a0d9886f7cb8eddb11ec29be6397d5ea4d62a977e203118c8415b1b4f03971a77d908cd8900de76591082b7458de1f6936661a3c062233fad56610cde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b87052a21a9e81afe4a56275622798f |
| SHA1 | 05df010add4086739c2a06642b55ef81ec424e9f |
| SHA256 | 342ecda06147c9825c2d33fff23057b32f6c8317f75ce1bafdd8201eb3813040 |
| SHA512 | 9fc6a5976d395e0f1e40d9093efaebf14b4d558805b9c91a96b19351add79d35ac800595085c2bebf21a5221f1b5814ace859818f21a7f1e5972302e239b6b4e |
C:\Users\Admin\Downloads\Unconfirmed 267796.crdownload
| MD5 | 4b94b989b0fe7bec6311153b309dfe81 |
| SHA1 | bb50a4bb8a66f0105c5b74f32cd114c672010b22 |
| SHA256 | 7c4283f5e620b2506bcb273f947def4435d95e143ae3067a783fd3adc873a659 |
| SHA512 | fbbe60cf3e5d028d906e7d444b648f7dff8791c333834db8119e0a950532a75fda2e9bd5948f0b210904667923eb7b2c0176140babc497955d227e7d80fb109d |
memory/4528-98-0x00000190209D0000-0x0000019020A9E000-memory.dmp
memory/4528-100-0x000001903AFB0000-0x000001903AFD2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 37478be014f1ad51b0c00ab60d32e4cf |
| SHA1 | 8d854f2902a09050259beb12a287e115a9f5c91f |
| SHA256 | be3dc1b9f54b61c7922356dec55fa19e63690cc2c0a282480a8c0c855018c163 |
| SHA512 | cdfc8fe1c941b0ea91c2d006ee6fcf9bba81f7c37236e5d4270985f0a2e3253936cd71f78292a5cbb0171303a87ae05458e5c89a4c12dce804d8cc27df81842d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5c92258848d9ca33de8700fc04647b1d |
| SHA1 | eadcb10411e84baeb961c16111f6fc1ed03a9142 |
| SHA256 | 7db992da95bb51a60b544d643b3f6c5ddca426f8c6262f20a7b855a3f647b266 |
| SHA512 | 5b17ab60a1e23b9010a7e49d4ab1b5cb3f467a33ac33dcfd2ca28a1f91915134a466249fddc67355e092d3319359aecee183d4d651efebf8c85c1d456cc6821f |
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
C:\Windows\Installer\MSI9CF7.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSI9D56.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Windows\Installer\MSIA613.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 1d51e18a7247f47245b0751f16119498 |
| SHA1 | 78f5d95dd07c0fcee43c6d4feab12d802d194d95 |
| SHA256 | 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f |
| SHA512 | 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Config.Msi\e5899cd.rbs
| MD5 | 0a761f1d915cf56b79d7b78457d94a73 |
| SHA1 | 659220124a3ee298d67e85abb7f125172628ca35 |
| SHA256 | 08d59220ab9eecee842904ae76a97769770d0c243b7265864ff6e8119301a7b0 |
| SHA512 | 57d579ab0c60de68a93aa0af8c78aeb688025a5657bbf856026c086e0f2d663e7b438e6d08cd49da413627c249222bda4b8f929ab9d275bb92e3ea17aad7271b |
memory/4528-2525-0x000001903B1F0000-0x000001903B1FA000-memory.dmp
memory/4528-2530-0x000001903B270000-0x000001903B282000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | becc79fc312d256aa78e73af57847e52 |
| SHA1 | 4fa05efd6ef149f1c623627e0c89970c4d3dbc2c |
| SHA256 | dd5459b94cc7b282ef36cc14b260b44d401d4a3cc676bc9d0eba24613a2e3b42 |
| SHA512 | 253cf2c037cd4b9c6458390f3de61a444281d4219e66e9aa6c060507c9c3fe04f200b03991106c2a76c1fb644bf658ecd6960f342cc5719dd28e07e272b0824e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 72a46af0bbb9e37f111b4aaf491d83c8 |
| SHA1 | 1514a4000719d31ae6c8674aea250c176d477a98 |
| SHA256 | 31e014fd7041ce932e81c3726ed0dc2b9f6632d2d47426c1e7ae0c956193a231 |
| SHA512 | 9d2f7f2d52238656094719731860e5b4b9f8e004f69f4456fede089d523101bdd10af01c66ced6bf5715981d8642c076d64788154a8c669d412f9e2c4d8426c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 71d6b64b33e1c83e2a7716b5951c40a3 |
| SHA1 | 6507aa3115c0cbb20456c33a24d71629b8515551 |
| SHA256 | d505b9cb83986f2fe61e4143f3af8e540745e6b1b8276921afa3224d1f51e4f6 |
| SHA512 | 5268b3489f051e327a0628d89cc807d534fd1b558e093553b4a3b5ed2cfd9d919654cda3b645d6828de8ddc8bb3b7134ed3ee71d35077e3f7dd7103a3dd85228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe590b60.TMP
| MD5 | 661760f65468e15dd28c1fd21fb55e6d |
| SHA1 | 207638003735c9b113b1f47bb043cdcdbf4b0b5f |
| SHA256 | 0a5f22651f8fe6179e924a10a444b7c394c56e1ed6015d3fc336198252984c0e |
| SHA512 | 6454c5f69a2d7d7f0df4f066f539561c365bb6b14c466f282a99bf1116b72d757bef0bf03a0e0c68a7538a02a993fc070c52133ca2162c8496017053194f441c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c81bdc80-7385-46eb-ba3f-72742dc4ca90.tmp
| MD5 | 412244f3a3f46f5fe8ff074d713e7814 |
| SHA1 | 98bd287b508629200db7dbd29cc46072701b93a5 |
| SHA256 | e50a001a8aec266d35a63111d57d446dd700fd996dade05dbb107372f1e4c1da |
| SHA512 | d03013ada4e70b5355ac5c88fa65c1128b08de8cecb2acaf040e489bc61db47ed88bc81a7142ea08eac7fb7a40cd8b1868bb3a2a078845ae20035dc85ec8010f |
C:\ProgramData\Solara\Solara.exe
| MD5 | ddfdd5ff817b39f037284d2f900de407 |
| SHA1 | 8540c39f3c0d133ae7a41581a74183bb887f8363 |
| SHA256 | 3bb95ce8e49260a0ad856feb3bc79fcb0ca94c866c8694c7e302f087e8b712aa |
| SHA512 | 18bb853a124c336870caece45e115c0865f9ce9e7ce3d6e994e9c8ba9789eaf8d6fc77aa17289531920ea8aef36311fa03405965aba0d5fdf4ec251c5dee778f |
memory/5220-3085-0x0000020F78790000-0x0000020F787B4000-memory.dmp
memory/5220-3086-0x0000020F7B300000-0x0000020F7B83C000-memory.dmp
memory/5220-3087-0x0000020F7AF70000-0x0000020F7B02A000-memory.dmp
memory/5220-3088-0x0000020F7B030000-0x0000020F7B0E2000-memory.dmp
memory/5220-3090-0x0000020F7B840000-0x0000020F7B9AA000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 909cb66f8db14e2b822d63c67e7cd263 |
| SHA1 | 8dbeabaec7e080b749fc3964ae21b9c6e06bfab2 |
| SHA256 | 1a6610fb5e8eb50c033da78a71f662fcc435e875745c084d0305a7141decf2da |
| SHA512 | 6166915db8409a0671614769072016b4db2a5b870a76e7a6cf0ab1ba76b303ef93c43fb24d0c5db025924f3971f9e9f2fd8edfe06a7e6ddd92b39582e23a9781 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 14da4bb5d305368b317b34f42a83e2e0 |
| SHA1 | 924e700ae652da205dc6bce665869332ed50db94 |
| SHA256 | 486cc333099411cf104d7ec62790f3c680bb01d7a3386a487743e46a7577f8e8 |
| SHA512 | 4f36cc5668272804899bf7ef829a3c9b2d5c63900a90341745e2554c52ed19bae5598a32a2db63b9cb0294783087909d768c82c5f5256c822df6ce47dd67305a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\df3abcf7-e027-4fa5-ae09-7764f409702a.tmp
| MD5 | f442bcb7b3610541ba137dc5ed3677c0 |
| SHA1 | 52eae44f7cececffcc5934625f4a46b1bef2e637 |
| SHA256 | 69892414d86c8996a19c8f483885c7c929774ec9b53d66126846ce32c0796024 |
| SHA512 | b35ff30a383273a0bf78628c8314f47ba0e6975b64c9dbc069e3aa303922d4e51c2034dac1815c8229a347d14cfdebbac39128796f3024769932cefa2f15ba1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fad70a5802b0bd965f8fe1bf92e18ad3 |
| SHA1 | 4af3d045dbc675dbc35c8ef9d9165cd3c9ae7755 |
| SHA256 | bb8bee5f153f9532e88fc6cdfe9b945fe401e181a19cd2a43507d29e850ba563 |
| SHA512 | d99f01d3e3dca6540346ae6df4dcb269ce54717cdee3559145cd6ae14010d12d6834d76e7c6433ad19e32faf407e9b6c6090785563a44a7033f7b2cdef898ece |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 648b0af0a3641cfeace38865c7c57715 |
| SHA1 | 73f0dd74b177a5a128774043018e707da45b327a |
| SHA256 | 864a9b037414844eb1a594c1fdac3c0c94ae47e654268aa5273a1c522ec64dfd |
| SHA512 | 737e8bccefa94bd976950e7854621204b1e37d0026f26c2da75b9a48a90fa5a256e951a2281830f45c7689e42b15c6f02dbbef70ef620db0e3e9a365a008145a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 60878a552bbdacd4d801027ddc7bbac9 |
| SHA1 | 20fcde5669d562f5d00847755c77b4d8e4067bb0 |
| SHA256 | 6e0b4e4a31c6f3cbcffd440e4631bef390e444315097fc5a96676d7115a76514 |
| SHA512 | 5b87f74bdc3319cb99b89a2ad3fea8db6ae9ffeb35fbd7082ba573453b6afed028130d1999d3fb1113f6ccb1dd0ff1bd4af0ab6a314e7278978aedf0943e23ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ef671c5b64cf6830520d9405ed281e1d |
| SHA1 | b5e16bf307d117a788edb2abe476b0be9d1fef42 |
| SHA256 | 6b96d6042aa35ee73b2123745cea168d6c8bcc40c184409f3de162d5ef35db63 |
| SHA512 | e726bf4611ca793d67948d28068757f94ed2d3f2e9f775d6f320c1d64a872c037943c50adac3113b38f71a28d8bbdfc47a28c9cbc027ccf2fe7afbce319f49ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 681684b98337ff2d590ec8145f8f95d4 |
| SHA1 | a3d12dd3e20be6520c06bda3c188ab58478370e6 |
| SHA256 | 6ed6c1fd7cf2572a27b0de9b5797bda243394eef1cce39c5583b9aa8e9b6ca26 |
| SHA512 | 0743b836ce01b920723eb59e79ceffe2a068ec1dfb55523ac7850ebd9c432788677f0327c9ce8b27aa60d9d8e9294b08bdda53c20651f38f1cb0be073a859a2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6fe3fcb7327778486781a56f5f25a5a6 |
| SHA1 | c0da669afd37e4950584d5d48abff280c23f3be3 |
| SHA256 | d414e85345ecfa0bebab1ebd785b7b3695601c44e9bc4e2211cb4870a9c5f2af |
| SHA512 | b9e65c65bfd0c4b039c81cd7fa24486620eff68782edeffea14d3efef5852ca09aaa2b26eb718c3ffaa80ac100846726d1d5b6fac43f85944258ec1825a80712 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 93b6575e41e26d335de5cfba2f69176a |
| SHA1 | 2cc32d74f38c277836884330fd6e9ce9928ae754 |
| SHA256 | ac3eb91b038b27cb11538a7cb1a6a28c0351058458bb78c3b74559fe15d3f4b3 |
| SHA512 | f8de82efabf6e8c5348817ffd420f1c5603ffb815f094492a0fb3758f0e2a633483999eac7dace74feec4a96f0fb645b8d731cd713993215898a11e4ac44593a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 230ab95d87a717be265134072eb17c25 |
| SHA1 | 71a3d3dd6f952057ba0c6025d39c9792ff606828 |
| SHA256 | 3fdfeaa675697f08f1c7c0fd6b77512f4bf9465e670637e8e332e65ebb9db068 |
| SHA512 | 9b0636421ad14161f211e846521149ab0a7c866e77db309dba79718487835204cee3821c9f4678e48e134614be6a02421c155a34b7c9bc424012137705960b11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | e93848e7f29b9126e8c2ed6b0bc630a7 |
| SHA1 | 10c9807e351a13104c0ee913fe7002f6324199d6 |
| SHA256 | 4e857dc011248d1ccd8fcf8972714cccc44d7045e0b9dcc18e663b2d754e4bc6 |
| SHA512 | 54c9b845fef1dacf236f88e7a7de0d1b36a4a4bd20eb926d81ccb6a3f8e7ff78c04ea24fe757c677a2007249713dde30dbb18edefad38d0ad6888d61aa14fca7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 9b9cca078069425aaa63f1086b92330b |
| SHA1 | 0078f84235027a570801e0b9731682b7dfcd3080 |
| SHA256 | 29019948065649db2327927225c07c6bb220b3c0775fe0d0476e12ad3a5f9503 |
| SHA512 | 0b1b2bde9b39cc9bb4253cc34ffcdd8a0a707bccfd8dcb2c752fe2b74f2ff60777084bb55392fe59f81fb63bf6d934266e29e138affb1d5c7ffb908a7a96ee97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | ae1521b4a8ba6eff65fd2e89f6501af5 |
| SHA1 | 1f286652addedd3cee2eddeda3a201a447167cc3 |
| SHA256 | 7587198d79deef3ef5b9012d300f7ef9807ccd36e830fc1c8290113726da3e6b |
| SHA512 | 96dd9191f8c52b64d266bcdd381d8ca9541c21908d3951f5faf656897cca650df579b26fed4cd910ee010570e8c4cad17e788d81550c41af0b51eec3e6d7f6d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 8ce4f30cd023fed9fb478fa430a17a39 |
| SHA1 | 2ade3f74795174c5580ddb6ceac14daa4b3de212 |
| SHA256 | 8eb84c730e5c5bdb759ce142a7a2605cddc6f8057aa4eb025591375868b4b833 |
| SHA512 | 606d26324e803db60d70c3940071c3e8d4af0075ce8fe00d6547014b5c95552739b6ca9977426622ef92679c18045019eaba6387612dc80d6b1fbf75f8910dea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | aedf50f6fc0accd5fd25ccaf5dd2eff9 |
| SHA1 | 23463a3bcc1e21f72113c1142920272917439017 |
| SHA256 | bb888aa70ecdd34ceb9b9117d6c613566ed08d8367ccf0f2a7a4aafe7d732a41 |
| SHA512 | a5c7f818d3d68664b9a4c4199d62dcba9575afd7b537cdc18c54736ad8fcbd429fd6e430ad5e7f5d5b29d5c48aa1c1063a42c34e4edb0c8178e20b022451a102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | dd508008d4aacf06ec17af92bce37d3e |
| SHA1 | f2b318fa118c65939c6ae623dbc80dacd3d1f2b3 |
| SHA256 | d720b84f23eda4a7f83020bf0a13131b7a618a695bc890a7690088d28af639c9 |
| SHA512 | bc1f26997b5ffb75fc7c1aec2d75f2f8d4545f6c631f730160e87bd32b3e04ca82bd29cd8df4afaffc38b561f2f4e61d857e93c33fee7abfdf72f2479085677b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cdb371858b8dd94c1ac62e1c7ea11b3f |
| SHA1 | f6309fbc7dff639031d96f5e4c793a28ecdf6d3d |
| SHA256 | 6b4c8fb22e4734c77e8cd4cff8a0567d0e70963608c18f3d09debba046f2c281 |
| SHA512 | 07f0cf9d550cd3f4ba5937fa814c4f4b8994ef1d6d886b7e6c33fa5c6b49c524071828ca3077b2a2d1f5ebff4832c2f6c3b97645e83de4397917b83ca5bf3196 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\21860378f362cb34_0
| MD5 | 32856fd69d15eae9d85b20401cb2891b |
| SHA1 | e0f45b22c44e1c396ddcfb15c035895312388956 |
| SHA256 | 22d714353139210a7364e115f231218a9af0a91b83df4b8a6353480426f354a6 |
| SHA512 | 096b962c440d4225e65c4e5d355234cf2aea82c0c531c66a088e9d84d737e999922611f8d596ceb336d815d95b51a0deb9b906b76b4040ee3a7ba6143496453b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb837a8a891343f5_0
| MD5 | 1f14a5933fd2fd9299ce148ad42bb1b8 |
| SHA1 | df4d7a427bbabffebb8a4220e8df4aed49756837 |
| SHA256 | 19d0923bc301505c39edfaa97c85839ad1edcda9536ba7fc4a991425295ba05c |
| SHA512 | 2831f21ec58c64076fb47aa8478521c10cf67f9da270019fb84603d7be398b9d431cf7d0e33c3bc31202b872c8b246591c28c8e2781bde704b9fd3f29bb94550 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d175429a11916275803441f8b51a619a |
| SHA1 | 094a0eb1ba226a7ee166c5301eeb876cc4959ae6 |
| SHA256 | 85e8792f340fd034343c83b8e948bd28bf58385794d7346a67f232adaa26e264 |
| SHA512 | 6e3b1078ae055f3a3918a9c124e0be066cd076db597f0d8c2bd0f8de48101eab805c6cae5019cdc0142f93c6c72668ac014798477e73057b6ee4071303906062 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\efcc4770f74da3b1_0
| MD5 | f420365a73189afbfff2835852855262 |
| SHA1 | 2273629751c96e85129aeb7a1c417afe981b8825 |
| SHA256 | d8d7f1559ea514ece6c5726f36bc6ce30c9e0332de9756ec15884392e30eba75 |
| SHA512 | 69fce7b7356d1be94624e5c6c4f4a527c06037541e407c218ad576e758fda6cf84483fc51ebb538b9282d180a9f4cfba33f2d39c9228a1175ac188f8dde33c1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f61a6913520d4f69_0
| MD5 | d0e9ca3cc5db1d9979efa8e39367995c |
| SHA1 | d1f2c0a56b1815a4459bfc8e5ba01ee705231f8b |
| SHA256 | a65852105eab5faefdb28f231ca8875afaedd6960d9ae2faec61cb7f8dac6f18 |
| SHA512 | 804d587fed9d207bdbd439d07d406808a34a4fac2edc7adcef8c8f2005e6baee18a6e0bee3fcc1a7a26c325b24f7c575fcf0aa8b42f4e87e64cb804fc6ac628a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8639827639832ac2_0
| MD5 | bc9100e119747d476a9f9fb10ec1690c |
| SHA1 | 5158c3e39df6d51e1473efb51cb155ffea37da19 |
| SHA256 | dd26e04a649c436e5abc62dd2161b36cf55f947a337107853ac9f9e2ee1ed81b |
| SHA512 | c54dcac70c446df8d0239134d62c3386d9771adb30cf73e194555f718b09a2794765b3099ad80a3351e745cd042eac9fca3272a06052d78ab3057e15be246b32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5477e535e53740a2c7625c43e1c3294b |
| SHA1 | 14d09ab95ebfdca0eb93b2ebe79c198bc57accec |
| SHA256 | 1007367aec5b58ac416808d112d9392098d0afb6784e3b879028cfe8cdd0824f |
| SHA512 | 2df7a4a1dc2b6ff1b12a984121e28cc9a668dc248f1fb544739a12338a417376f8aa31e13a6e26406d0517e2a8ab6834d4895c60a16d43067ff772b3d6303f79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dab7477a9524ed01_0
| MD5 | 6c9bac3b675d20d1bd64787f629e1b91 |
| SHA1 | ded62c40e8627060d5ae9e79ce8bb9ef8a0f4bbd |
| SHA256 | e6daac8c976d16c0efb2d4a4d7ce89123a87f6b95db95362f932a3c479eb938d |
| SHA512 | 3a974bc2407ad7ec5c8c8d843b32e99bbb546fef707421260fb0cee137644eef9d72a0a93ef0bb825e9f949deb6198560233d4999b52b30cdf6f34bd81fd0acc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2d2db31610c17423_0
| MD5 | 863928b8e25f4290f6b2ab2436b2d121 |
| SHA1 | f32ff2e04c425d45026ded3fbf15e193aebf2349 |
| SHA256 | 23b9e320bbd53407dca86c17a6fee7702121638eed04dbeab5b060b3dccd0ad6 |
| SHA512 | bcff27e57686e6d605890b069b3e9eac7f4cf3c7c98be3476112edc3c155b2d4cdd781aa66c046881f259e0519cecfd27be9d891ca97aa05bf2fd4f5c6b72d00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1b0ce29730ff10fde33aca46fa9ad802 |
| SHA1 | 9f2e38f5b7b42f397ad0561a5ea87598d3ad7603 |
| SHA256 | 5849e2640feb560451614c22872e494db907128abeec1cfc58e716118b92f21f |
| SHA512 | c07b048d3f8b1da46001ce4804b350ae1fa59f4fd228b96b6b81efdd6ad4ca998a280eb245ea580075f63ef3fdda4b226376b76f431ce6a1fce366f814281b18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\afd627069fb06aa9_0
| MD5 | a8a0ef78cbe6210640c1a89904dff745 |
| SHA1 | 2af3832b3e5a0f96e5505bbe3e95f3e5b35ca4c5 |
| SHA256 | b22bec0051cb111c1ed9cb0703fec716782440c3a6aa029f7d6dfc0ef8ac100d |
| SHA512 | ef0f5bd37add6c0f511a337493abfdf85557bd8d70f92494c8d9279f8d8c68f731b810e11570f718d0ae83d70f3e61779e16bd4e8f454404b48590d4462e77cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\32d0e7ce0721af93_0
| MD5 | 80ce844b7c3c9724f587c03dac2a96bb |
| SHA1 | cd5a3b8bacd949c650a0686b5a793de14ad2957b |
| SHA256 | 9dc35cafecfcc3783c31ac022cb1c3a773f1ca20fc5bfb99c3489562d910500d |
| SHA512 | 1d004794bde04c040c581870b3dc08cb686c136c7b2aa1fb2b48c93a59cb8861efa780364dc5ac31928bb675167890122e8af623e6208aa127fda936c9411a0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | ce9c5514037ece9d05e7d1f39ec4dae5 |
| SHA1 | 41cdcc5d6928bdb3dea59f24a93e6c9a5c281d35 |
| SHA256 | 59113f210d047feaec3554d9e554a141f371ca5a8d2fc8e93b8b9ef7013f8c6a |
| SHA512 | 9aec016d6c0bfa3ce4c2ff84a576aacee1118a045e02e42e97dc1ec4eece48f940baa4d99cefb8a5f1d18ca32a4b328e1d6e7887ff4ac704cc157fbf1c7f546a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | c56f3ef6c995c4ee56637412da2d2b5e |
| SHA1 | adb19deb59b1414b441782668b1cfed5aaf8b79b |
| SHA256 | 91fbf4db16e06f03aa69274beaa67eec5b664a4db4a7e60acfc8123edd595d1c |
| SHA512 | a5693c4fe074d25ccb1a522f819fd734d547bfe8813ee705478c0326d9cc82046b8a3646be2848a68263f02b12eff8a82df9565ed8fb1f7ff7e6a5f3d8e0262f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ed5e5801bcd4d97bbef8ba5cb10141e9 |
| SHA1 | a10a47e0bbefabe14dad0664c9740fb7f34cb336 |
| SHA256 | bab320157ec6603f91008aa5510d79fe9ce2ff26bafedb86ff8bc8d847d05a5c |
| SHA512 | 5af14b250f87240149eeccd46731d676ea4cdbd14cf189c19b19dfc8d5d468167c3a2ee24f729c6aff0639dc6e2c67aa96e66d72318660cb663593a85a4017fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8c68b93c17ab6f22c30d77b4461da91b |
| SHA1 | 6b7cdfd606c63842f8a354921bfb60fdaef138e4 |
| SHA256 | 0e9be1859edd472d830b0997f93850ee33f1229c2566b134cab655b0f21e8318 |
| SHA512 | 47fc06f0446e699382cbb94f9c922f82afea8abd5d285b713788c9f38d4fc1ad8dcec8469e8840aca41e8d71c3bf1fa9ec7ea5edad2dfe621566d1055152ac5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7558403077f7d36d0afa12d54a09f57d |
| SHA1 | 118e764882001196e6d38d9c909df28c0e73a022 |
| SHA256 | 16a160c162de791bc43fec71b2e7003daaf0a1ee8c9801a1459bd74e25a0343d |
| SHA512 | 515bbc27b6fe4195386a14855730379b7bde01b0157c0c421d3cbec5106b1abd0d56c970dc7e685f59da14c656a5b6a3dfc3e10a56d7621cd9e53550a56c3184 |