Analysis Overview
Threat Level: Likely malicious
The file http://blx.gg was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
NTFS ADS
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-27 07:07
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-27 07:07
Reported
2024-08-27 07:08
Platform
win10v2004-20240802-en
Max time kernel
53s
Max time network
55s
Command Line
Signatures
Downloads MZ/PE file
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-355097885-2402257403-2971294179-1000\{F26699B5-8B12-49A1-9B5B-D262F2FF07E3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 13511.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://blx.gg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9addf46f8,0x7ff9addf4708,0x7ff9addf4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5340 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5912 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2112,16989395873870883375,9656983276870257088,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | blx.gg | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 31.220.102.218:80 | blx.gg | tcp |
| US | 31.220.102.218:80 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 8.8.8.8:53 | 218.102.220.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 31.220.102.218:443 | blx.gg | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 88.221.135.35:443 | th.bing.com | tcp |
| GB | 88.221.135.42:443 | r.bing.com | tcp |
| GB | 88.221.135.42:443 | r.bing.com | tcp |
| GB | 88.221.135.35:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 42.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox-studio.en.softonic.com | udp |
| US | 151.101.1.91:443 | roblox-studio.en.softonic.com | tcp |
| US | 151.101.1.91:443 | roblox-studio.en.softonic.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | udp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| FR | 142.250.201.187:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.148.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| FR | 142.250.201.187:443 | storage.googleapis.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 108.156.39.61:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.26.7.141:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| GB | 108.138.233.27:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | 6ba73c9f287d0f60065f2c471ead6936.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | udp |
| FR | 142.250.179.65:443 | 6ba73c9f287d0f60065f2c471ead6936.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 108.128.4.40:443 | ap.lijit.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| IE | 18.203.108.247:443 | ad.360yield.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| IE | 54.75.251.201:443 | id.crwdcntrl.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| FR | 142.250.201.162:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.201.162:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 173.222.211.58:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| FR | 142.250.179.78:443 | ampcid.google.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 27.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.4.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.108.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.251.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| FR | 185.235.86.9:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.194:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | track.scoota.co | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 216.239.38.21:443 | track.scoota.co | tcp |
| US | 8.8.8.8:53 | assets.scoota.co | udp |
| GB | 18.154.84.88:443 | assets.scoota.co | tcp |
| GB | 18.154.84.88:443 | assets.scoota.co | tcp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| IE | 63.34.217.234:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| GB | 18.245.253.90:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 21.38.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.217.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 92.123.142.195:443 | acdn.adnxs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| IE | 52.48.241.16:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 3.212.19.99:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| NL | 89.149.193.117:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 23.22.234.152:443 | api-2-0.spot.im | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 23.22.234.152:443 | api-2-0.spot.im | tcp |
| US | 54.211.52.44:443 | sync.srv.stackadapt.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 54.211.52.44:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.241.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.19.212.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.6.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| US | 3.230.234.56:443 | dt.adsafeprotected.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.52.211.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.234.22.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.234.230.3.in-addr.arpa | udp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| FR | 149.202.238.104:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.212:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 63.35.37.71:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | cdn-download.avgbrowser.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| GB | 92.123.142.201:443 | cdn-download.avgbrowser.com | tcp |
| GB | 92.123.142.201:443 | cdn-download.avgbrowser.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 216.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.37.35.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| DE | 162.55.236.225:443 | sync.richaudience.com | tcp |
| DE | 162.55.236.225:443 | sync.richaudience.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.236.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dc1a9f2f3f8c3cfe51bb29b078166c5 |
| SHA1 | eaf3c3dad3c8dc6f18dc3e055b415da78b704402 |
| SHA256 | dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa |
| SHA512 | 682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25 |
\??\pipe\LOCAL\crashpad_5104_BACGOAJRGEHIPTBF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e4f80e7950cbd3bb11257d2000cb885e |
| SHA1 | 10ac643904d539042d8f7aa4a312b13ec2106035 |
| SHA256 | 1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124 |
| SHA512 | 2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fe7378f0d4e1c5109aded4c65a23470 |
| SHA1 | bb286ea8eee23a3e34d2d957128d805338cebf44 |
| SHA256 | 5bb13c672b57a6315c806f54c5198cbf0a4ce55f17e014f27ff40efafc6ce257 |
| SHA512 | dcd10aed0a17ef1686dca31fae12291a66cffc1a00f845f1c0ac5d5252ca4bfcde7a6f78a820461614bcacf9022af427c5787e03ed8efd7028dde0dcabd6fc03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6bedf3f696749fd9a0f41396774b206a |
| SHA1 | faaff79d7a93ab075bcdbe13a395daf4cb2ec5f8 |
| SHA256 | 701188cc97a522395fab3e2df8022970030ea4ee67ec7854ed77d574f4764350 |
| SHA512 | f6ef70148cb776f5e6f6a2163efe03e169067f519ed1b96eb8d964d0af2dfb0020b3fa49740fe435f1343f142e82e2cf331dc775b0c4819a820d0e88dc9a2ee9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 387e141792e20e749b1db9dc882161f3 |
| SHA1 | 122ca4d143aedd775e80ceb596b8f494a570b8f8 |
| SHA256 | ff267f328266f45672f618a79dd576f9562c97f5bc1147a6a81adae984ef8dbd |
| SHA512 | 595bc7794b3639a5eee10119b20be7d98bd8eadf6ec52e5d5985f7cdb1afef48d8428806b8a661a1fca695d2ed92e6d4f8c8baa93ff4dda244fbb10a63d97f1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 351a9721c016ebf84781c2a316f65ebe |
| SHA1 | 969ceb27f2bc39e0bc44ed5e8627167d5cb75575 |
| SHA256 | 7dc199713421b354e9a948109633922700d50fc597112f41b50c9114d19f8ca6 |
| SHA512 | 86f628f118b4b00b48f642491c805c6b6687d3c22d50a0144e423a78fe8b730df01bb34d18a79feb726fe2d54e466101c211d04aa36e2e5b35794525a5f6c824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f1e2.TMP
| MD5 | c7c0b3992a80dca1bc44a2e4926e7089 |
| SHA1 | fa94c83b434c7189de13ea8cf7275a83fd27b8f3 |
| SHA256 | 1028b0e5770327f9687c29942d7d6b4c9a50ca10358b73944830db1bf8c9cd02 |
| SHA512 | 96cc2f135f6f26b9e563ef9fa1af606a19520fc6000ea7aeb031f1c15ddb3515f547c3a98ec458029f1421661e3b42361bb200b4b5673bfa161ae7b572fc5443 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bfcf7a120f33185dbce467686323dd90 |
| SHA1 | c6ed5439d68f05de8c5c2f7d76ac7b0bfb0e7db5 |
| SHA256 | 38eebd7120e448dcd9798a50d648b62bb7f07e2deb02cac3a463d74fd94662e8 |
| SHA512 | b36c14e8fd9db5d01742df225dae5fd07892670d2ff55087e2e3393d1acc185aa313dec3b81ea0b506be38bbb205e5be603e46d957c9f396834a0229f6164393 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 5e6f83cf268f0f61ebe3ff8c8bc8e8f4 |
| SHA1 | ca8e6a5fb11c6770ca15b4048423b026c2039cbd |
| SHA256 | 6c9c6cb5ba68bf49796f9264b2d55bbad19bd4f3c9959fa6a8de8535de273bf1 |
| SHA512 | 3a5ebb30c06ec163adaf5499ac6b237b9351ee697c0d4f361e1aef659dd33a7087b16886dad5288383e33850dd5b70f882dfef3170a48dab472d495b3953e312 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 319023a10899a5d2749b57950a8c3c49 |
| SHA1 | 7b8d7e280647e96131a1470c94d3fc5aebffab86 |
| SHA256 | 87cb4e31c6cc18894e228200a80d1d9c945a8d2afb0e4d8e46c8817b7ef09bff |
| SHA512 | e934a82d3fbd100b07a0b2ccceddd9a490e100ca34091ee0e94c3e99a14fab95b1e64eb47ce2aad67e4468225e0ee420467e051226f7423a304ae4bc2dea8d55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7aff382b191e2b327908af92a1908165 |
| SHA1 | 01c85fcd200b7ef7cfabb174def60dec85502696 |
| SHA256 | 48cfbccce24f0a6f4c1bb1e94fe8c61fea1c665edff0822bb9b15bf080967a4a |
| SHA512 | a7c701b55086e646fe4bfa518b508ea2727848c0f93f72c635e28dad92f6efed1d8273d131d2d9a37f855684dfa5b3ea1540c50fdbde604f17ef10234b2defd3 |
C:\Users\Admin\Downloads\Unconfirmed 13511.crdownload
| MD5 | 0dc93e1f58cbb736598ce7fa7ecefa33 |
| SHA1 | 6e539aab5faf7d4ce044c2905a9c27d4393bae30 |
| SHA256 | 4ec941f22985fee21d2f9d2ae590d5dafebed9a4cf55272b688afe472d454d36 |
| SHA512 | 73617da787e51609ee779a12fb75fb9eac6ed6e99fd1f4c5c02ff18109747de91a791b1a389434edfe8b96e5b40340f986b8f7b88eac3a330b683dec565a7eff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7ee35165d2d73d3ebb999dd69f50510b |
| SHA1 | 08322163e8e7ce248f278452e4d23cbc24b14814 |
| SHA256 | 46f3a9104382900ccfdb7aa2272fb00a89efee48f1600e1d6b0e5bb24ee9fac9 |
| SHA512 | 50a4ea379fadf5f3205e7132f41ca5752639a5dc8c716479fe76d44e44805994750c04b830ff93e2c98acb78b6f15a1dd9186003681290d495a711748ff14265 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c966c63ab3d62b1978254c412f0da994 |
| SHA1 | d52ac3edda3b2e56aa677d3b84539e81b2b2809b |
| SHA256 | 7fabe35601ae8cb33a66c80c29deaedee294302b3812b3d866669488fa0675d0 |
| SHA512 | 509f7bd2f650f3a76b153445efdbf3e339ba00beb89523b222f7ae492b4aabbb6a2ce1c3f74dfd0a9d713c7e0eaf10df64aa3c5639bf94b4e56fee6db99e9268 |