Malware Analysis Report

2024-10-19 11:15

Sample ID 240906-s1qdasvckf
Target http://roblox.ht/groups/151199088652/ManageFounds
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file http://roblox.ht/groups/151199088652/ManageFounds was found to be: Known bad.

Malicious Activity Summary

discovery

Legitimate hosting services abused for malware hosting/C2

Browser Information Discovery

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-06 15:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-06 15:35

Reported

2024-09-06 15:45

Platform

win10v2004-20240802-en

Max time kernel

572s

Max time network

574s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://roblox.ht/groups/151199088652/ManageFounds

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2718105630-359604950-2820636825-1000\{38D8EBF6-5427-4F6C-A84F-378470BCF358} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4336 wrote to memory of 2172 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 2172 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 3776 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 5032 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 5032 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4336 wrote to memory of 1612 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://roblox.ht/groups/151199088652/ManageFounds

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9099546f8,0x7ff909954708,0x7ff909954718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3576 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2880 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6172 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5896 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\curl.exe

curl "https://api.injuries.lu/v3/authentication" -H "authority: api.injuries.lu" -H "x-proxy: TTkvaDBlWW1ZckUwS0RkV2d6SExuUHl3dHlrMWpUMFVQMU5mZUxlNFY2Mk5aWkgyT1BVbzZwY2R4QWZmaEhqaHAwaWgwN3U2MGUwPQ==" -H "x-retry-attempt: 1" -H "dnt: 1" -H "x-token: Y01Xc2o3OTZJdmRKZlR0ZGdUekVudUdnKzJFbm16UXVmR3BPTGZmekRQeU5OcHltT2J4N29NeE4veCtEMGplaXFBempndTMv" -H "sec-ch-ua-mobile: ?0" -H "rblx-challenge-id: 6d0411af-eeee-4e8e-bd88-091e974cc003" -H "content-type: application/json;charset=UTF-8" -H "rblx-challenge-metadata: eyJyZWRlbXB0aW9uVG9rZW4iOiJkMTc1ZGEzZS1kNTkyLTRmN2MtOGExYy1mYzcxOWFkNGNmNjYifQ==" -H "accept: application/json, text/plain, */*" -H "x-csrf-token: hMyxo8nRy8Bd" -H "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67" -H "rblx-challenge-type: proofofspace" -H "sec-ch-ua: ^\^"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Microsoft Edge\";v=\"92\"" ^

C:\Windows\system32\curl.exe

curl "https://api.injuries.lu/v3/authentication" -H "authority: api.injuries.lu" -H "x-proxy: TTkvaDBlWW1ZckUwS0RkV2d6SExuUHl3dHlrMWpUMFVQMU5mZUxlNFY2Mk5aWkgyT1BVbzZwY2R4QWZmaEhqaHAwaWgwN3U2MGUwPQ==" -H "x-retry-attempt: 1" -H "dnt: 1" -H "x-token: Y01Xc2o3OTZJdmRKZlR0ZGdUekVudUdnKzJFbm16UXVmR3BPTGZmekRQeU5OcHltT2J4N29NeE4veCtEMGplaXFBempndTMv" -H "sec-ch-ua-mobile: ?0" -H "rblx-challenge-id: 6d0411af-eeee-4e8e-bd88-091e974cc003" -H "content-type: application/json;charset=UTF-8" -H "rblx-challenge-metadata: eyJyZWRlbXB0aW9uVG9rZW4iOiJkMTc1ZGEzZS1kNTkyLTRmN2MtOGExYy1mYzcxOWFkNGNmNjYifQ==" -H "accept: application/json, text/plain, */*" -H "x-csrf-token: hMyxo8nRy8Bd" -H "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67" -H "rblx-challenge-type: proofofspace" -H "sec-ch-ua: ^\^"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Microsoft Edge\";v=\"92\"" ^

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9788992560798692974,7317908331197504549,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 roblox.ht udp
US 154.216.17.234:80 roblox.ht tcp
US 154.216.17.234:80 roblox.ht tcp
US 154.216.17.234:443 roblox.ht tcp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 234.17.216.154.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 app.injuries.lu udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 104.26.15.135:443 app.injuries.lu tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
US 205.234.175.102:443 static.rbxcdn.com tcp
US 8.8.8.8:53 135.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 58.170.16.2.in-addr.arpa udp
US 8.8.8.8:53 145.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
GB 2.16.170.58:443 css.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 metrics.roblox.com udp
GB 2.16.170.58:443 css.rbxcdn.com tcp
GB 2.16.170.58:443 css.rbxcdn.com tcp
DE 128.116.123.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 roblox.com tcp
US 8.8.8.8:53 api.injuries.lu udp
US 104.26.14.135:443 api.injuries.lu tcp
US 8.8.8.8:53 ncs.roblox.com udp
DE 128.116.123.4:443 ncs.roblox.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 135.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 94.12.20.2.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.ht udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 assetgame.roblox.ht udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 assetgame.roblox.ht udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 92.123.142.25:443 www.bing.com tcp
GB 92.123.142.25:443 www.bing.com tcp
GB 92.123.142.25:443 www.bing.com tcp
GB 92.123.142.25:443 www.bing.com tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 25.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 2.17.209.34:443 th.bing.com tcp
GB 92.123.142.49:443 r.bing.com tcp
GB 92.123.142.49:443 r.bing.com tcp
GB 2.17.209.34:443 th.bing.com tcp
US 8.8.8.8:53 34.209.17.2.in-addr.arpa udp
US 8.8.8.8:53 49.142.123.92.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 login.microsoftonline.com udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 assetgame.roblox.ht udp
DE 128.116.123.4:443 accountsettings.roblox.com tcp
DE 128.116.123.4:443 accountsettings.roblox.com tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 assetgame.roblox.ht udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
GB 92.123.140.17:443 css.rbxcdn.com tcp
US 8.8.8.8:53 app.injuries.lu udp
DE 65.9.66.37:443 js.rbxcdn.com tcp
DE 108.138.7.25:443 static.rbxcdn.com tcp
US 8.8.8.8:53 17.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 37.66.9.65.in-addr.arpa udp
US 8.8.8.8:53 25.7.138.108.in-addr.arpa udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 119.82.161.3.in-addr.arpa udp
US 13.107.253.64:443 devtools.azureedge.net tcp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 92.123.142.200:443 images.rbxcdn.com tcp
US 8.8.8.8:53 200.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 214.80.50.20.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 assetgame.roblox.ht udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 ncs.roblox.com udp
DE 128.116.123.4:443 ncs.roblox.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 api.injuries.lu udp
N/A 127.0.0.1:9229 tcp
US 104.26.14.135:443 api.injuries.lu tcp
US 8.8.8.8:53 c.pki.goog udp
NL 142.250.27.94:80 c.pki.goog tcp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 104.26.14.135:443 api.injuries.lu tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 92.123.143.146:443 www.bing.com tcp
US 8.8.8.8:53 146.143.123.92.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 pastebin.com udp
US 104.20.4.235:80 pastebin.com tcp
US 104.20.4.235:80 pastebin.com tcp
US 104.20.4.235:443 pastebin.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 services.vlitag.com udp
US 104.22.58.199:443 services.vlitag.com tcp
US 8.8.8.8:53 235.4.20.104.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 97.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 104.22.58.199:443 services.vlitag.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 199.58.22.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 dsp.vlitag.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 s3.vlitag.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
NL 142.250.27.156:443 securepubads.g.doubleclick.net tcp
NL 142.250.102.95:443 imasdk.googleapis.com tcp
DE 13.224.186.120:443 c.amazon-adsystem.com tcp
NL 18.239.36.42:443 cmp.inmobi.com tcp
NL 142.250.27.156:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
DE 18.245.31.9:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 156.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 120.186.224.13.in-addr.arpa udp
US 8.8.8.8:53 42.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 9.31.245.18.in-addr.arpa udp
DE 3.124.222.217:443 api.cmp.inmobi.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 script.4dex.io udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 useast.quantumdex.io udp
US 8.8.8.8:53 prebid-eu.creativecdn.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 px.vliplatform.com udp
US 8.8.8.8:53 cadmus.script.ac udp
US 172.67.23.234:443 a.ad.gt tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
US 104.22.37.96:443 useast.quantumdex.io tcp
US 104.22.37.96:443 useast.quantumdex.io tcp
US 104.22.37.96:443 useast.quantumdex.io tcp
US 104.22.37.96:443 useast.quantumdex.io tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 141.101.120.10:443 px.vliplatform.com tcp
US 104.18.23.145:443 cadmus.script.ac tcp
IE 63.34.35.72:443 ap.lijit.com tcp
IE 63.34.35.72:443 ap.lijit.com tcp
US 8.8.8.8:53 217.222.124.3.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 apps.identrust.com udp
GB 92.123.143.218:80 apps.identrust.com tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ac7817c22dd55ac5a58d7e955828a7c5.safeframe.googlesyndication.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
DE 79.127.216.47:443 id.a-mx.com tcp
NL 142.250.27.132:443 ac7817c22dd55ac5a58d7e955828a7c5.safeframe.googlesyndication.com tcp
NL 142.250.102.155:443 ep1.adtrafficquality.google tcp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 142.250.102.95:443 imasdk.googleapis.com udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 96.37.22.104.in-addr.arpa udp
US 8.8.8.8:53 10.120.101.141.in-addr.arpa udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 72.35.34.63.in-addr.arpa udp
US 8.8.8.8:53 218.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 132.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
NL 142.250.102.149:443 s0.2mdn.net tcp
NL 142.250.102.132:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 adsystem.pocpoc.io udp
US 8.8.8.8:53 px.pocpoc.io udp
US 104.26.15.167:443 px.pocpoc.io tcp
US 104.26.15.167:443 px.pocpoc.io tcp
US 104.26.15.167:443 px.pocpoc.io tcp
US 104.26.15.167:443 px.pocpoc.io tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.102.132:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 static.vliplatform.com udp
US 8.8.8.8:53 quantumsyndication.com udp
US 142.251.32.99:443 csi.gstatic.com tcp
US 142.251.32.99:443 csi.gstatic.com tcp
US 142.251.32.99:443 csi.gstatic.com tcp
US 104.26.7.132:443 quantumsyndication.com tcp
US 104.26.7.132:443 quantumsyndication.com tcp
US 104.26.7.132:443 quantumsyndication.com tcp
US 8.8.8.8:53 odb.outbrain.com udp
US 151.101.2.132:443 odb.outbrain.com tcp
NL 142.250.102.132:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 rtb-useast-v4.infinityexplorers.com udp
US 198.134.116.50:443 rtb-useast-v4.infinityexplorers.com tcp
US 198.134.116.50:443 rtb-useast-v4.infinityexplorers.com tcp
US 198.134.116.50:443 rtb-useast-v4.infinityexplorers.com tcp
US 8.8.8.8:53 149.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 167.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 132.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.7.26.104.in-addr.arpa udp
US 8.8.8.8:53 99.32.251.142.in-addr.arpa udp
US 8.8.8.8:53 132.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 widgets.outbrain.com udp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 2.16.233.118:443 widgets.outbrain.com tcp
GB 2.16.233.118:443 widgets.outbrain.com tcp
GB 104.120.141.195:443 images.outbrainimg.com tcp
US 142.251.32.99:443 csi.gstatic.com udp
US 8.8.8.8:53 rtb2-useast.xaprio.net udp
US 174.137.133.49:443 rtb2-useast.xaprio.net tcp
US 8.8.8.8:53 50.116.134.198.in-addr.arpa udp
US 8.8.8.8:53 118.233.16.2.in-addr.arpa udp
US 8.8.8.8:53 195.141.120.104.in-addr.arpa udp
US 8.8.8.8:53 49.133.137.174.in-addr.arpa udp
US 104.26.7.132:443 quantumsyndication.com tcp
US 198.134.116.50:443 rtb-useast-v4.infinityexplorers.com tcp
US 8.8.8.8:53 vid-rtb.xapads.com udp
US 104.26.7.132:443 quantumsyndication.com tcp
US 198.134.116.50:443 vid-rtb.xapads.com tcp
US 198.134.116.50:443 vid-rtb.xapads.com tcp
US 198.134.116.50:443 vid-rtb.xapads.com tcp
US 8.8.8.8:53 sync.quantumdex.io udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
IE 99.80.199.252:443 ce.lijit.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
US 174.137.133.49:443 rtb2-useast.xaprio.net tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 sync.adkernel.com udp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
NL 77.245.57.72:443 sync.adkernel.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 18.214.104.119:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 eb2.3lift.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 13.248.245.213:443 eb2.3lift.com tcp
GB 2.16.232.228:443 ads.pubmatic.com tcp
US 8.8.8.8:53 108.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 252.199.80.99.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 72.57.245.77.in-addr.arpa udp
DE 51.89.9.254:443 onetag-sys.com udp
US 8.8.8.8:53 ads.betweendigital.com udp
NL 188.42.189.231:443 ads.betweendigital.com tcp
US 8.8.8.8:53 ssp.disqus.com udp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 44.195.166.39:443 ssp.disqus.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 id5-sync.com udp
DE 13.32.27.67:443 s.ad.smaato.net tcp
DE 141.95.98.64:443 id5-sync.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 119.104.214.18.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 228.232.16.2.in-addr.arpa udp
US 8.8.8.8:53 231.189.42.188.in-addr.arpa udp
US 8.8.8.8:53 39.166.195.44.in-addr.arpa udp
US 8.8.8.8:53 67.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
US 8.8.8.8:53 adsdk.microsoft.com udp
US 8.8.8.8:53 cdn.adnxs.com udp
US 8.8.8.8:53 fra1-ib.adnxs.com udp
US 13.107.246.64:443 adsdk.microsoft.com tcp
GB 2.20.12.75:443 cdn.adnxs.com tcp
US 8.8.8.8:53 cdn.adnxs-simple.com udp
GB 92.123.143.146:443 www.bing.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 75.12.20.2.in-addr.arpa udp
GB 2.20.12.75:443 cdn.adnxs-simple.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
DE 18.244.15.236:443 aax.amazon-adsystem.com tcp
NL 185.89.210.122:443 ib.adnxs-simple.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
US 8.8.8.8:53 122.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 236.15.244.18.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 157.27.250.142.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 sync.richaudience.com udp
DE 162.55.236.225:443 sync.richaudience.com tcp
DE 162.55.236.225:443 sync.richaudience.com tcp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 167.99.22.253:443 exchange.cootlogix.com tcp
US 8.8.8.8:53 253.22.99.167.in-addr.arpa udp
US 142.251.32.99:443 csi.gstatic.com udp
NL 142.250.102.132:443 tpc.googlesyndication.com udp
NL 142.250.102.95:443 imasdk.googleapis.com udp
US 8.8.8.8:53 ams3-ib.adnxs-simple.com udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 sync.cootlogix.com udp
US 8.8.8.8:53 225.236.55.162.in-addr.arpa udp
US 159.89.50.93:443 sync.cootlogix.com tcp
US 8.8.8.8:53 93.50.89.159.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 23.73.137.233:443 aefd.nelreports.net tcp
US 8.8.8.8:53 log.outbrainimg.com udp
US 8.8.8.8:53 mcdp-chidc2.outbrain.com udp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 50.31.142.191:443 log.outbrainimg.com tcp
US 50.31.142.191:443 log.outbrainimg.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 233.137.73.23.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 191.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 31.236.74.64.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 region1.google-analytics.com udp
DE 37.252.171.21:443 fra1-ib.adnxs.com tcp
NL 185.89.210.122:443 ams3-ib.adnxs-simple.com tcp
DE 37.252.171.21:443 fra1-ib.adnxs.com tcp
NL 185.89.210.122:443 ams3-ib.adnxs-simple.com tcp
N/A 127.0.0.1:9229 tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 21.171.252.37.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9eb20214ae533fa98dfbfdc8128e6393
SHA1 c6b5b44c9f4fff2662968c050af58957d4649b61
SHA256 b2be14a1372115d7f53c2e179b50655e0d0b06b447a9d084b13629df7eec24ab
SHA512 58648305f6a38f477d98fcc1e525b82fc0d08fb1ab7f871d20bd2977650fa7dafa3a50d9f32e07d61bd462c294e7b651dc82b6a333752ca81682329a389ae8c6

\??\pipe\LOCAL\crashpad_4336_MXNCYQSXNFTRCBSW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d18f79790bd369cd4e40987ee28ebbe8
SHA1 01d68c57e72a6c7e512c56e9d45eb57cf439e6ba
SHA256 c286da52a17e50b6ae4126e15ecb9ff580939c51bf51ae1dda8cec3de503d48b
SHA512 82376b4550c0de80d3bf0bb4fd742a2f7b48eb1eae0796e0e822cb9b1c6044a0062163de56c8afa71364a298a39c2627325c5c69e310ca94e1f1346e429ff6ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5e5c0ac3f39e187822c0e8e7a96a09c
SHA1 371b719de267129b424bb0335622020dd5276855
SHA256 ec7afbaaa3e5902bc1334dd23176e025827ee84d01abd43ac893b71d1d3be151
SHA512 ae07510a69a14f2923064e07c66eefcb820878edbd135864799c5772be4546094ec380f384dff6936249c8e321ac06e74acb08dcbdcbdee1abb7780df8e728d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d6596641c9241f19fc91f2a6e75075f6
SHA1 1e5dace1f1c025f9fd0928db5214b53d14f12280
SHA256 5adf1b69b3fb987d79b5a0ad8f2f72cd25584f581653900d890313ca903803ec
SHA512 7b73a1fb7c6311d478466924d947f8c35a3527f7dd870ae8b05347c6624747fc75a554547f3bf70153917848067e0d344082fb9094c4c09d58deda1d27e879e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d372453ecd0d59fc7182454bb831ac6c
SHA1 798fa2bd585181b55eea77df69b0c4d015d0c62b
SHA256 50df560e8731112c912cd2911af2addd0baee00cd81c3436ac159fb9373b6d9a
SHA512 e096973020f8689e64bfff973cbeb4386af209f8f2bd0e8752bb4a6e49bc623ea098b827febb0bb90da7acf7f61236dca376dc571a188816f02290c0d59a71ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 6be217d826ff7c4aa81d39663a38dc10
SHA1 b32f46cf12fc4821f702880382f18ef3714eec66
SHA256 754dca9404f119306b757d135efbab8856521366fe9a3961c5373dda2a57becd
SHA512 306a06b11f079ad10db885200c0bbe37b56bd9687024e18fa84cfb95663f8fb00debebb381e030d5e6c4daca8eddcf180a37668745ec4972ef732dcb0bd4296d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f973.TMP

MD5 cc2992d6827655874718789c3766c87a
SHA1 29001271b2c0d8593b0df6bdd9f3ebf5c60acd1f
SHA256 fe0fe5245fa71c0a24f61ed5e7ddfee71383541db40a91ea562a646531a6a181
SHA512 7ea5c3b0b564fbc655428245c0c67294511bb6be4c82cc1c4588437181f0d28505780b7c72fc590d3384e94a5d1cf3a36d438a92af54db8421e8f1f9a721169c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e927cb1e5ec24be63e1927df3318653b
SHA1 c1356a549bc2938ea5a4d7af84a6fe12b8502223
SHA256 720cba869f571640c344d2f4a185eb10bc4398d99c567f9d0d75cbcf5562fc62
SHA512 7e55cf20df1ccdcd0c7bd375326c868b9d5b3f2050612c91d12a9dc9de2c11bbcc7ac050640734526f341c73b02ae04b062d4c98bfa182c9d345cc7f5b022019

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 481c66c21e40b0cf5ee122b09125b53c
SHA1 f28681e3aabc0e787a4469a5cdeb15a93b8d6eec
SHA256 f032f6837df779514c7ca533914144e9593ca20caf2241475880c6eab84c8862
SHA512 534c1fb68537af0e97c2480e06561c63aea649255b91f057ea633de5846b2a9136f505d9552c7effb15fd2df84acdc17a66d5bf390bf252dab489aaee7eb3f6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2f26180f6d8de1df21bf21329c77e0b3
SHA1 788cdd513c09ede08d08a97b21a79dc86cd8da0b
SHA256 ef55fbb0154bfd08d45019b227b7115445a648988280641754850273bf74b1d9
SHA512 c3e00cb153ea1948d4defc77bca5534adc8cb8566c7744969f829417e72eb49eb914caa4bbed9d33b2350fac332f64292f86173ae9b1ef841ac01eaf933b3d88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5217cf22c8f4a99444fb21083457ae20
SHA1 0bbb56f206dcc0d17d389fae5cd5c5df169564bd
SHA256 ef8812d5a722265b1b99e447e5775df5081f71b7bdd609132c2f4bb8baf85eb9
SHA512 a5a2d9307228c08dc50244ab03a918e43758fd231df2e895fbed7c2666b2ebde3408497f4660bb85228af1798f6f22221f112a1413fe5ca3efaf11b1bb110092

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb6a6350b2468ead1c3281daf5b36177
SHA1 d63ab1b71123fe28b9930d5b2596c535fd25a4ad
SHA256 763a1c693e4e3c44fd3514590c60c48f953e2c648e9bf45daede5b50eecb6624
SHA512 0b57eb9253350bbe25b72b8599d55189a5e2d2e64b08240a06b408c6519bf3081d351b2c151ea7214f0a9a8ebf5d78785de77acbd2c1254ccb504ec54015bc82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 fdf09c3c067041ffdefcc9e1bdea9718
SHA1 e31cf28187466b23af697eedc92c542589b6c148
SHA256 144754d90b3eaad27d8a11c86faadb24da4ddc251bead8e43b9ed515fafb84da
SHA512 9e32b294cfc17fd52fbdd62732571f4ee57dc0308d62af476331887d0e2446b483ceac06ba4617cfbb1c347d771c0f7ea12108bc384e93f69b180c7ca1a92268

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3e2e1bd42612ba9c017c99e4ba40c992
SHA1 842d5d4c5da54022155804b036109854ad8f8c99
SHA256 de98c31ff0fa994131405929706bdffc5205d757f95f640475e949b558663efc
SHA512 a8136afef599b7c0168cb8a5ab9f218921a4731f4cd520729722a3867d4d0de17241f201b905a33d90b4ff1a3352f24983f9b89d724de751d681ee00f1f7f571

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3a3ea7c0536a3deddb40136478897254
SHA1 a0deac847d4bdc228d3088f7c3067aeabc23a6ad
SHA256 53ff947563e4478a2e9fac19c381d253536972e3dbc6cd0ada5e1384b9fadcae
SHA512 690d5bcb28f87a01f041d2cbba542a75442aedefb859b0ad09549003be603e90aece9faac788ba991a72536dd70ff7b7848138b52eddbfdc69e7667aae9726b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ec5ac48cb87947957047491e9d515d0b
SHA1 c1137cd30e0136c4166b52d4e60d81ace9e6d03a
SHA256 25defbe490ffa6fefbf862ce8905ba83b2c21171cb0807f789b493b0a6a2cf94
SHA512 c9235b57286efa7b165500b3f11a571870f34049f1f6e5deba7b3e3312dc41e47a210deed2e146062b72931a1a8407ca1de8b48bafcf136f43b0fdd77f9c90b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a600d92f28eefdb0a64b116d1929462b
SHA1 8cab3cc5ae677ceea0453adccf93a3af10967ecf
SHA256 294b36009f438abb2d8c893deea8d7902a98c12a52d55836a35217393c90c934
SHA512 ff583e0819cbac51d85efe16fc19f3c41aa89fd4dfeb21e9c3425b83059bb424889bb301b9a39016b8fc1dabfd5d191774566b642f237f7095805c775fcc5426

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4023301d858055a6013b14eb31fe4a8f
SHA1 bec26d517a9e6e752d204f1bdc5777376fcbd439
SHA256 6c2d1b799b4d7e43f2ddf9a06943b1cfee8216484a57338a2a54fc2720bc0831
SHA512 a627dab05399470dd3e6c67ee39cdae8ba927aed0e90d5cdee2072d1ca3d573286be8e32015debb1ab8ceaee96e8828c1080d8b8aea5601b9b4daa3bbd2eb369

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8eaca69f1f56884ee1befa531dc0878e
SHA1 81d13284ff1c5ca014e0d30ae1c2b32afba2c687
SHA256 3dd7a06013832af0cb3c502213f4507e0d9a2db8035962cfe3269da3c19f6629
SHA512 61b49a93acbf98334f003623ca451abc2ac6fc84df613c527d7acd8ab305e8d891eb5e0f5306e07c81cd054190935b6c939c382155bac000b1d26a9194975392

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3bed66a9b33b753d823915852fa0ffc5
SHA1 f2d3605a75bafea933eedafab155ed4d54d23e0f
SHA256 ef0656751ec93e7551f4ffbd3af49243160d6f2586a5bcee1163a903957eaf5c
SHA512 2b54ee79b51fd1099c74fc380b4f147337e2d816c043b1a1438bfd43d83ecf022ea89427c5ee2297c45eb362ef6c297b63055a24f4cd5f835c4880f399b21d76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c765aa3052374fc922c2acee36cd48bd
SHA1 a77a20f32c6c27710f4d9057e206f48233ef00a1
SHA256 b1f76774bb0c3111371453e9a3deb05e16c47c9c4ae6c179fd82570acf695934
SHA512 4003d980a8b2cc8da4e3ef36fe8f8e1d101cb692b7cfe6d89a561c237805c674438f50908f9d87d737605806312db292ab4d05f59cf3037b898a2a4d5c0fa476

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6be53a8a9d7e437e5e63f08cf2a49d2
SHA1 be2af7c95005e54c680345755ddc2cc553211640
SHA256 83db24b8bb00ae6bc725fea23da7dcd0d2a13081d32b4b51aebd89379bb2aafc
SHA512 2e4829c771d47a2253a1bc5e7a3f4824ec87e954f0ff35300db13b1487ca22e2cc122b6391178486f3d97f929955ff248536052a3a722f0b7a862f335a88f35d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5835d89f89f50d7bfffa9e6fa02192c1
SHA1 3386780fa3a5a812bec0e4b73b8b60c140956d31
SHA256 00c4e309f4eeacc113dbcdc7839fd35ddcb7446273cf3c10238638cf878300b6
SHA512 ad8b0b0660e2064054ac9858b1927c58e6586353b72a36c9ce6dcc23fde40e30fef9d90e827ae87afe93eec0e8abab40acd41e81ffdc41e7718e3e9ec3d474a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b815d287b7e7cd6cceb4ae75a79b25aa
SHA1 9285525745ab882bb0b38784c30bb4aa8605c5c4
SHA256 753a4547d447f2fb90695b435b85ac595978d2e3b78f9d416745057b8e555c34
SHA512 16e529dd614c8d57806f7491d8d5ab53da63f1670ed0004b637b068de2db09fdd92b7ee7eb4760bbf06c200dbb5059303739ae01b3685b911298f63a1368f22d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ce3720142f7a908182451291071228dd
SHA1 32d3ba959c4fbf0aa3c32313cb5b34d225c58ffc
SHA256 d07abd6d84f3a33f3352759cc9222bb298c0abbb0b128d4e7994f544df852eaf
SHA512 ae4f743fd984e6a851f3ce4dd1ed76031b827ddfd078ff617ea41e7802b831d8354bc9de0250628894366868900bff54b5808f06d2e931e677ee690ad9a65539

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 97b464b7b353bc474b232b8e4e7903e7
SHA1 f6aca6b604672b1cbbbe4bf5f8a5e65cba14fdd0
SHA256 1f16d0fc0a33baa2ca5e28389b35eba304b9684761795ccf90882e38985dd290
SHA512 87c3cd412693400850e406f047f7819c086c692c5d0cea95aa48919cec3a2c33a8c00f2d68cca6e5ac5f4f7ebafb268d2b4ff70567e83696dc6a0378d984102f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 88264fc34217473c3966c2dd109413c5
SHA1 4b35887e52848e229c894be841f163b31083c608
SHA256 5d5dfd9767c78a9c6f09c18f34dc1b80e19af89c5907b3cf9d022425000b403b
SHA512 61ee053c3fbbded7d6e0bfa01d21ae301a71c1d7d20f166653ba713ff7be364c88ea21dc5946a968a086ba5347dd16c14e3c9581ee95a85b4c787b0b801a0174

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 80055ffc69b04f48fffcc6cfc7bd1467
SHA1 15ae6e86f2ed3bbc63946100f7a2e7e61e3c146d
SHA256 8525c5def5d6bb3e13dd0df2a970b0562d5432cf6549e9e2c15e5d822effcdab
SHA512 5c3f62ff5282760dc14df80360bdb8de4241132f93b0c25d2dee0cc66a0d508ffa29d83efd52f8dbaddd70a6d6532627e9dd4070f87ef079836f0298f0ab735d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6ab8f3761b289f8411255ec0bf204359
SHA1 1fa3ea1416b732c0726089fe4335fea94cf8453e
SHA256 679d9dacebe7d0add7d23b97cf07082889c616f4d9b6693e3984fb7e8852c8ac
SHA512 3897533a63da87de9b9b88a9829ec274708f1a9106b0b7f8666601010f0517922dcf8981dd662789663185108c873d6e4ef1fe5373a58082f1c5ce5090a22916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b1f13756e6b332025cf0ceb792095b96
SHA1 f47c651a75b5e30e0c28ddf21a83d2cefe811937
SHA256 03abee4e8af46d8ac526db0ac559b01ff1db2445505782b4d91fd830064ef2ac
SHA512 f7943a22dfe9f51452ddbdfb8f7a10f3b3f719546f3837e1ef05e0bfd5cbbb0e30eb80a7e06d5a04fc60dacffbc36675d9ce81419f1a9dfa5bc5c1193e93546e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4a39741b92fa0aee734a7c1505242067
SHA1 e2b0ef39730e012589f577f80878b3a220eb53f8
SHA256 354da0fad7468be29e18aac484dd807504179992c8e3665b574a8fa3844b959a
SHA512 c86dae8a7602c0532ad7b3562bcfaa6effd398a437611f4fc7ed24400be1982254e26965a9e6ad2de30e2da05aa151482d002c9cb581bd82584ea3732539c398

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6c2cb2e0ee2c553d1fd7f714623c1f3
SHA1 a8d837d9d560b6d7d8b67d5fd63fde4c4e2fe39d
SHA256 830f9ef9ce9490220bc35d9afe5b67b83d7f001e77f7f82d1f797aa6fdf5d8a0
SHA512 1661658c78dd7a13393d3c365cd1655a77c0da0cf0e752ef00a2d4050bb36566b0d6eeff135aeb013eef3d08663684c64016f3fb4c60602d67c006d1beb8bcac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e909208915be69a0ccdbfbf3b2d17d36
SHA1 0353be8fb87d55e46b9dc6172f44e2e7ed7e7742
SHA256 ec1df783ce19664ae724122daaa004fea4ebf8cb06bb5135e3e6d976ccc762eb
SHA512 67061605870a6557bdc69862e2ff3ef775619bc2ce8f5581cae336fc027784c6bc1078e8fae2818d82fa5fce49d536683b19e687a5e3c71268f0f1eeaecdbdd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 67a52344d63350bcf878ce35d9e0a4af
SHA1 fcd55fefd02aab11efe5f364080f0419678a5764
SHA256 4bd816255b61403c9589272bd53c84e1a5cba88114d4e0d22d83d99296303b14
SHA512 77b9aa9e9cb5ab8db4fee158c8c59e910c1c69484bb8684288aaf73303c9432ca9b96046008c66fd5cd0576995e76263f012b938dc146b4ab4893e77742b602c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 84bae5159ece78251f9c6a1116a6eefd
SHA1 c25345037960179b4dc172a3345739c10f6caacb
SHA256 19e53f16883db09f023fdb60f66ad9d6fc80dbd51f4e1791ea99ace18984bc7b
SHA512 d0a8441de70fc1b639aee834d052922619402fc0bbd1ea6d1a1b909850668eb61621fe012cc5d8fa630190e04057b8265e1148f8d42733a5e4036014746173ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ec9bf3218dbf7808feeaf813bdea5707
SHA1 501ce966f22866b2fdfd88526a6a0a8e8e7e7097
SHA256 38a0ac3f0cf5c46b5e229b808606c02372a071169fb10239509033885eff3fd4
SHA512 b306b9806ce8f49e9500dee4e7a3d03d85b3c172a7406b0fd45bc4b0e7e42a1b12aaf32a4e1910d9cb3a761e0093d7b40b7efa8a7d22b0f9226d7642c241a13e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 478c1914ba2493541dec10048de80fd0
SHA1 7a368bde074160f5e51786f5bf2bcb4a212c327e
SHA256 a5858653b0e41b7cfc7ecb53bbff3f92adaf7294e05ef231f55f3d4e251e9045
SHA512 5f92575af44d800c35406cd7ca4f71b2e88f757d640b32ce29bf40d982be578624cbfd1314d226c12d4b05b4716a025032e9f766529895e56d100961b7d9c6c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cc5e2b8b491801e323467a5c1535f33e
SHA1 19120eb008330059d8602ccc9b9c8b2287023864
SHA256 3cf5286ae6e9309b9e364280e5d01b4c9846b7f81a240da4c21ce7b494517a86
SHA512 0e253489df37b396e1a0e98adcedef28a3c803c4d2b2d0ee88eb2661e7413e95c71d305912034606a85386648bb9d006f5106d3724250f34a361508b599c37a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c4da1da1dad7d4665171639d1696342c
SHA1 fc9ea8bcd2e084cdce422a31ccf4004b54f943f0
SHA256 f909ee78823d0850e3276656ab6feb8b69ac59dfaced02e05a98354fd71dd984
SHA512 f66e62ac4a163d77fd7198eb410d9c27a8e0a31446997877ca67fcc648d6cc2c0aa5090ca44fb5ae535932eca887be0d033ee3727e18c83ee269738c4448ebee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8fc62b6c5a55af05f0af12aee546799c
SHA1 3141083a1b23829b3dc1e2fff45eb6b164c1bcbc
SHA256 cbfa6a35088c02459903aec5c9eb1a77f5689de058a68b2573c830328d50bc56
SHA512 64cd066ea1ef3782cac628a8916cd6ed7bf0ea7eac8244ded22d09f2143a5dbb75e727e7b2e70d102692bca9fd824f1ec72c56cd3ea8b2a9638bf79814ff8737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

MD5 7a4c6579e85e7687b7caeff56326b359
SHA1 b39f533c843aaefbac0058eafc4e6b6b05d09aa2
SHA256 4ae263098c462e6e6b2243f5a3a69df9de80d09c341c137dac3b7318b2038b50
SHA512 686c78f37b70b6eb8ce3728208cfd280d784511882487284d53da9a34e6ed6e5ac366d0200629c9f77c84899166feeb976b95e8a095a13bd0191665a06b6d17f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b1b3d70621196229181f14274ab61da
SHA1 56a3e14a491f9a4c322313f9836cb96afcf0bc43
SHA256 f42e57db02bc4d7b0ba4ea1d8723c4b9e5861fee9fab519b3f82ea4fd43c5501
SHA512 52bea56e8dd5ae1ac8a3a26f568c116e4996ef39417104a421662aaf16f46414f380343cbce7792c8c18363b30d5aeddf3a66c10038689b0cce81c702b30cc34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 acde41a4e1ce4c09231966951fa88bf1
SHA1 ef5ae144497409b0c2ada987bc7978a1e82c22cd
SHA256 ccd92099f05a096a51f04ad1576662a051b602ec21750f2eb4d9c2c98baa1236
SHA512 da6e44597720f3409d0bf8e54073248b2d6896d41d472274f0718e8c3091e62c874cfbddc1359c0fe6f66741b080f2d2871647caa332c6751a25789cf3131016

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fdcff2650257ad992d77f87d16dfe87b
SHA1 5fe4cb7301e11b4228a25ac107c1baccd9fc0d9b
SHA256 08801ba0dd99e5c3fbf5a189b5e61735027db7b6cfb8e3d5aeb52cdbb936ce77
SHA512 9fe71d326aea9939941dc753f1589b969a452c089c6b155914528cb84d46a2cdfb5b864091761b1ebda7d637e42fe10e488db22489877280c0fc9ef807e4248f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 90dcd296c012c25eeb4065a82a5845cd
SHA1 4ef7350255b73cea1698c8c5fa81bb41591e7a27
SHA256 4f51a8ad2cd46dfc8ef5240933f345c95c258be47b75cad3079e6926ab5997fe
SHA512 42f1c3de3cb96476c2b7033315930497ca5360e854ef8a9ca8a0366d8c5f5b79a83566b104979aa2ce302def24cf1c13a660670e08f1e175826ed524c9c1c43f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

MD5 3e4a0ce60ef774a371322c5c67243ae1
SHA1 072cafc1b7d5bdf3f27751d3abb6e868271476bb
SHA256 2b5ab4aa62e03347e8b37460ccf322a4d08f697d04a191a7812d9c7ad59c53b0
SHA512 45cd6396c661fa380327236f07fe3ffe62d692ff5d1eb33c450375f1693c7467b01c983ae41763dc7558d0f142726df08d1b2d1a19bb960dd89864b2233d77ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

MD5 98877c6d433720859443428f38e41528
SHA1 0e3902458ab3b06edb384b10804ba37b1894be70
SHA256 1c3177a6ddaed0f971b2a13f58f2e2d7a0784ac4292fd0d936335cc522a54ad9
SHA512 5942332cd3b2f9e30e073d6e16fb3de59f6c0de8583a35f2f800bcfaf8e0574f87da956b4c82734b2f844e19a715dd9802482ae2c269d5a43bb748be020291b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 75c1a0b6455aad1a526008e0817ca533
SHA1 4ec50c0f4400ad849f063f94a12c49c7e117dd57
SHA256 03911e9d2904ea631be6c01d373d9080e46b5eff7a3ca71aa5ea65e19859870c
SHA512 ab7ae5e86b206815ceb83a6d9d93f27e8090baa4c43310648d46e75cf7bbd4de9809c037b4116364a6fd10fb1d03fb62de21848e748c3c91b2cee4f63c0d75a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fd40ae8734ce3a75bf367e6f92da8d3c
SHA1 352ebd470be4ee077292c886130f63279e3392ae
SHA256 ccd8c9b0ad66cb15499b96f7db5118c4f89eefb94ce44ed8b899ea148ec791c6
SHA512 cd0afdb3cab0a7be9c8b9e0edeb35d54cca4417eecee1e49596391a99f0058868c43890b0270fbf644305c7035d9deccfd076447a9fabbcdfe04734e561182b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 81a7440c361bf8cfaae6e035a588de55
SHA1 f2a5d9936a50168368582d01385fe4a981af295e
SHA256 4e16474c03ad6c0981e063ed14fd4e12a1e540be36a54680ba820d3aba8eca39
SHA512 2a24ee1b622831ac70566c4236644d287bcf1e1bca88c514abbb0563756a2c6b78dd2f7c91ee188cb9791f8994a09765103af35ff69449315b61a8c481a26190

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 80286e54ba511d56cae52a30634f876a
SHA1 2c28c17b81b64ba0646232a215ae03765e3582ab
SHA256 f5f3c7a2842306585fbcf8daf63b0c023b4a09a03c67794f91bde2522692d5e2
SHA512 d73027b7ef9c4ef1b193e764b5198db3f6bac423c4714e5467899f7dda29d58e428ae40b7baed7fe2b5308e4e0c23ae6d553c1b26a8c45a8c5cfe7f4aaa16027