Analysis Overview
SHA256
6d1703bd786779f40dbb4cfd0de3e39ed7f09afcb8e3555aabc1bf6839ccb4da
Threat Level: Known bad
The file FPS+.exe was found to be: Known bad.
Malicious Activity Summary
Discord RAT
Discordrat family
Browser Information Discovery
Unsigned PE
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-08 07:27
Signatures
Discordrat family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-08 07:27
Reported
2024-09-08 07:30
Platform
win7-20240729-en
Max time kernel
118s
Max time network
119s
Command Line
Signatures
Discord RAT
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2488 wrote to memory of 2644 | N/A | C:\Users\Admin\AppData\Local\Temp\FPS+.exe | C:\Windows\system32\WerFault.exe |
| PID 2488 wrote to memory of 2644 | N/A | C:\Users\Admin\AppData\Local\Temp\FPS+.exe | C:\Windows\system32\WerFault.exe |
| PID 2488 wrote to memory of 2644 | N/A | C:\Users\Admin\AppData\Local\Temp\FPS+.exe | C:\Windows\system32\WerFault.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\FPS+.exe
"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2488 -s 596
Network
Files
memory/2488-0-0x000007FEF4EE3000-0x000007FEF4EE4000-memory.dmp
memory/2488-1-0x000000013FD80000-0x000000013FD98000-memory.dmp
memory/2488-2-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp
memory/2488-3-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-09-08 07:27
Reported
2024-09-08 07:30
Platform
win10v2004-20240802-en
Max time kernel
148s
Max time network
151s
Command Line
Signatures
Discord RAT
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\FPS+.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\FPS+.exe
"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff3eca46f8,0x7fff3eca4708,0x7fff3eca4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6152 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.142.51:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 51.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:80 | file.io | tcp |
| US | 45.55.107.24:80 | file.io | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| GB | 18.245.218.41:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 104.22.46.142:443 | hb.vntsm.io | tcp |
| US | 151.101.193.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | 41.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.46.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.exelator.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| NL | 142.250.27.156:443 | securepubads.g.doubleclick.net | tcp |
| GB | 143.204.176.91:443 | cdn.exelator.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| GB | 143.204.68.58:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| NL | 142.250.27.156:443 | securepubads.g.doubleclick.net | udp |
| GB | 52.84.90.86:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.68.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 142.250.27.138:443 | fundingchoicesmessages.google.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| NL | 142.250.27.138:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 142.250.102.132:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mydmp.exelator.com | udp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| US | 8.8.8.8:53 | onsite-tag-logs.apps.nielsen.com | udp |
| US | 8.8.8.8:53 | load77.exelator.com | udp |
| US | 3.92.35.19:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| GB | 84.17.50.8:443 | load77.exelator.com | tcp |
| US | 8.8.8.8:53 | 8.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.35.92.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 18.245.250.165:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| GB | 2.18.190.80:80 | apps.identrust.com | tcp |
| IE | 52.208.192.13:443 | track.venatusmedia.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.250.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.111.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.192.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs-simple.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 104.18.34.190:443 | elb.the-ozone-project.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.93.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| GB | 23.214.142.107:443 | tg1.aniview.com | tcp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | track4.aniview.com | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 95.101.143.160:443 | feed.avplayer.com | tcp |
| GB | 88.221.134.35:443 | player.avplayer.com | tcp |
| GB | 88.221.134.35:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | 32.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.142.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| GB | 88.221.134.35:443 | content1.avplayer.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| GB | 23.214.142.107:443 | play.aniview.com | tcp |
| US | 8.8.8.8:53 | go1.aniview.com | udp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| US | 8.8.8.8:53 | 51.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| GB | 88.221.134.51:443 | content1.avplayer.com | udp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | 81.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| NL | 81.17.55.109:443 | ssbsync.smartadserver.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| NL | 81.17.55.109:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 104.82.143.163:443 | secure-assets.rubiconproject.com | tcp |
| IE | 52.211.55.97:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| IE | 52.211.55.97:443 | ap.lijit.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 104.82.143.163:443 | secure-assets.rubiconproject.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 52.203.108.61:443 | ssp.disqus.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 52.203.108.61:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.143.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.55.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| NL | 142.250.102.156:443 | cm.g.doubleclick.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 70.42.32.191:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 142.250.102.95:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | 198.88.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.108.203.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 142.250.102.95:443 | imasdk.googleapis.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| NL | 142.250.102.95:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| NL | 142.250.102.148:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | 61.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| GB | 13.224.222.60:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 216.58.201.99:443 | csi.gstatic.com | tcp |
| GB | 216.58.201.99:443 | csi.gstatic.com | tcp |
| GB | 216.58.201.99:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 44.213.160.10:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.160.213.44.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | csi.gstatic.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 70.42.32.191:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 18.213.23.44:443 | api-2-0.spot.im | tcp |
| US | 172.111.38.86:443 | tracker.open-adsyield.com | tcp |
| IE | 99.81.34.69:443 | jadserve.postrelease.com | tcp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| IE | 52.18.171.13:443 | match.prod.bidr.io | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 18.213.23.44:443 | api-2-0.spot.im | tcp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| IE | 52.18.171.13:443 | match.prod.bidr.io | tcp |
| US | 172.111.38.86:443 | tracker.open-adsyield.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.34.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.23.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 246.211.90.157.in-addr.arpa | udp |
| NL | 142.250.27.138:443 | fundingchoicesmessages.google.com | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | p.cpx.to | udp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| IE | 52.49.227.192:443 | p.cpx.to | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| DE | 91.228.74.166:443 | secure.quantserve.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| IE | 54.76.106.86:443 | bcp.crwdcntrl.net | tcp |
| GB | 18.245.187.55:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | s.cpx.to | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| IE | 52.49.227.192:443 | s.cpx.to | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.166.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.227.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.187.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.106.76.54.in-addr.arpa | udp |
| IE | 54.239.33.158:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | b77b60347770878d379ee154199caa87.safeframe.googlesyndication.com | udp |
| NL | 142.250.27.132:443 | b77b60347770878d379ee154199caa87.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.102.154:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.102.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.27.104:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| FR | 185.93.2.251:443 | cdn1.vntsm.com | tcp |
| US | 8.8.8.8:53 | 158.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| NL | 185.235.87.182:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.159:443 | ag.gbc.criteo.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | 182.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.87.235.185.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| NL | 81.17.55.109:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | stx-match.dotomi.com | udp |
| IE | 52.18.171.13:443 | match.prod.bidr.io | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| DK | 37.157.5.84:443 | c1.adform.net | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| NL | 64.158.223.137:443 | stx-match.dotomi.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 70.42.32.191:443 | b1sync.zemanta.com | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| IE | 52.18.171.13:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.119.184.18.in-addr.arpa | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | equativ-match.dotomi.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| NL | 63.215.202.172:443 | equativ-match.dotomi.com | tcp |
| GB | 108.156.39.117:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 117.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 105.238.202.149.in-addr.arpa | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 69.166.1.32:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| GB | 143.204.68.118:443 | ib.3lift.com | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| US | 8.8.8.8:53 | 118.68.204.143.in-addr.arpa | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | staticassets-creator-design.criteo.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| NL | 178.250.1.22:443 | staticassets-creator-design.criteo.net | tcp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.1.250.178.in-addr.arpa | udp |
Files
memory/4928-1-0x0000022BFD950000-0x0000022BFD968000-memory.dmp
memory/4928-0-0x00007FFF42593000-0x00007FFF42595000-memory.dmp
memory/4928-2-0x0000022C001D0000-0x0000022C00392000-memory.dmp
memory/4928-3-0x00007FFF42590000-0x00007FFF43051000-memory.dmp
memory/4928-4-0x0000022B986A0000-0x0000022B98BC8000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 847d47008dbea51cb1732d54861ba9c9 |
| SHA1 | f2099242027dccb88d6f05760b57f7c89d926c0d |
| SHA256 | 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1 |
| SHA512 | bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f |
\??\pipe\LOCAL\crashpad_2416_RXYARBEWXWZVZORW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f9664c896e19205022c094d725f820b6 |
| SHA1 | f8f1baf648df755ba64b412d512446baf88c0184 |
| SHA256 | 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e |
| SHA512 | 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 088297568271616b128316e0952dba38 |
| SHA1 | 80c80be46ff7f512a2a2f559fdff12781d5ff7ee |
| SHA256 | 0e32804b26fd9f9f77a68638d966d924664c71bb2f42057338731bc78cffae9c |
| SHA512 | 132452b6e46b5a3a5906b0a9c066665d57166d452c726c87edcddc9cb5f4b84fb049e3a2554e2ebfbd5994e359d3c5584b348e1de1d32b9881b5f023003b6aad |
memory/4928-29-0x00007FFF42590000-0x00007FFF43051000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4374fe5034f0bc4ca6a10767df3520f1 |
| SHA1 | 28aef11eee0dfaaf9bf114b31b9e7c498fa76040 |
| SHA256 | b5c7b60d6283933197be37af640873945a4ab91dde6680ed5255b4d9a0cdfc4a |
| SHA512 | 41d2a1e4082b3793f4e762b7944bf11e8ccea2b1b4bfd7fb0d2e69d0f2b2f62b7cf1d02cfe69d85d401df090cc3dd5d210451d2a9bb00092873713ed6573c804 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | caa4019e639784dfe3b2b7a45b0295a9 |
| SHA1 | 47cf7a97e283dff2254300d881b8d3134c314928 |
| SHA256 | 2b0f325aa64ee612713db42e14d40f79e5f72d1156892934f6d99f3682f4ca05 |
| SHA512 | f7d82e700ac5d849ef114debd8a8b88edd27342e60dd3efac41ca056c06c3678aa4b0e2b3e5662623692b920a548e1c71f79949a1c087cb79872ece8be788b08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\337dfc13-0d1a-4877-9949-32a45ee483a5.tmp
| MD5 | 8b711f551343a8bb1c86cd28d1a1b82c |
| SHA1 | e1020eef15f042f340518e395f381d8027415a74 |
| SHA256 | e9bf2396064490ec25ec4e29593b911f2d4a97792c0c13b6fe4677d7b8fd8dbe |
| SHA512 | effa5c7ad62d8395702247d89eab72092a3442969c9c78667aa7a401bfd687d79cb5a7628f597fed26ae90bf3317451a66e2f183019196a0d46cf9de36a07ad7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 034d3bc8df893aea9a2684b24ef9188f |
| SHA1 | 6887f66119b02cfd1673371d712999bc905ffc58 |
| SHA256 | 301db5a6f5a4dbb592548c4fcc8734a3dd72a0c56b520f17b424e2be8de2aa43 |
| SHA512 | c10745db8b01e00bed7cf3fd17ade6bfd48e6ed771a6d9a5db67142200baa2b7cec25d8d81fd72b892e7b6c48eec2ddd29099e4897767203aa4ff566eb20c772 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | edf7f976a0e30d0d080c8116344841f0 |
| SHA1 | 19079213325967d1b112adf02ccc1ce6ee595d6e |
| SHA256 | 90fed2b7b01dd2bf9db9877449337a28263a7c2c4fe79b49fe6304376afa5abc |
| SHA512 | c992330f560caaba354129b8040849fefef640708df6097fbf1b935cd8697ec71bca34167d1b4338e01c50eede66a61a7ac697c78dbd03d3082f34bf2dfe3720 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | 7a4c6579e85e7687b7caeff56326b359 |
| SHA1 | b39f533c843aaefbac0058eafc4e6b6b05d09aa2 |
| SHA256 | 4ae263098c462e6e6b2243f5a3a69df9de80d09c341c137dac3b7318b2038b50 |
| SHA512 | 686c78f37b70b6eb8ce3728208cfd280d784511882487284d53da9a34e6ed6e5ac366d0200629c9f77c84899166feeb976b95e8a095a13bd0191665a06b6d17f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 022187b85a4fff81d560b4d18cec2ec1 |
| SHA1 | 958e0f89696ea17c506f1dbb4d9908fe5c9ef9bd |
| SHA256 | e4c67562ac48ca4113e41bc4666ad9b39de648028a13069d09291ede15f28cdc |
| SHA512 | c4d6bdb34076552dbcf22aba8854936ecc5641b02f55e532b8cd2fbcfbffb8a530dbeb06b010f41295e68be286d5f49ee03d21ea894560a906ecde9a421da71e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe593714.TMP
| MD5 | 9eb2a1a722a18084241a3ef79d7e1d4d |
| SHA1 | bcdbed4cb229397b17774ddb3e6c5405cafa9f28 |
| SHA256 | b050304dbbc78e36db0748ef01c067a9dd95f1a6cace12322de9fdc1c324fc31 |
| SHA512 | 05c26c08218435f3fd34323b5319da06a77a009e74df1374e1ac0494b0c5ea74518bf9d62fd87de2650b1890d64cd22d1c3ba126a0fa0691b335a5410d1083e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 5a69247e8c86c887d3d1b973c8bff7d1 |
| SHA1 | 13f0a5c7aaf7847cc3463d0c85ba8720ea012dc0 |
| SHA256 | 7d628488b5a607df805e9bc059c59cd49125b681f6cc47ad485f627f37f9771e |
| SHA512 | 497fbf6aede322dc8eb02ce7407ca5ca48e0d78b671c10372663683d13f79f98e30c6c87a7fe1a971aba64a37ac17f39b30a73f30a296a1240dd9131c33b2100 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | ee5d7349d05a3812ff8b0a0db5b3b9a6 |
| SHA1 | 51c61cb259391be7ea5f1eeb4eee874831549512 |
| SHA256 | 229a0b3488ca7a7a1436ebc8677d745f39608f19e5456e2912d090a0e56830ce |
| SHA512 | 7401c87fad8d305e2b90c5915eef217a479c13cbb0b62b6b8a6571e4f18a61ab6e92e298566c3a44c97356b4ff3d2d6a7b7fe03cb79d85d14fbb68172bca52a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9da15306fe535dd0b18d55c6aaf7bcc3 |
| SHA1 | 3ae866fbae00a9b22b1ecf3761502e0ae2c79748 |
| SHA256 | a19420eb449f951e0ff08a9adae27912693200b4226206ccb76235cf1fb11e95 |
| SHA512 | 1e14b76dfa0a197d09dca3d65f83dc8ec0f1b60f448381488bb55b9dd515a532827e5acb8d2d32a6ea02dd8d2dc8ce724fa71544ddce465bed74fb1d860305ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8132dd6e45c4ff260a654c43e2b3fbbd |
| SHA1 | 9558391c8c06a217388caf7b2185d4b9cd7e46d1 |
| SHA256 | a7b68a88e1ed882f6ceb358f1b5b690a5f400a602b589e98db834b2e7d37e162 |
| SHA512 | 6b8b22474af22b7ac11130399e39a3d01ecc6abc0053d3f641565fa036cf0a5d9440e4da2c1b93f430961945ccbbb448cda45f188b8c42e1adc16c90ed4b8bfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ca2260a7a6aa9154b7d9e4aaf1fb1e35 |
| SHA1 | 3499ef350866dea29b97d6514ee72cfd091ab044 |
| SHA256 | 79d99ff83a7fed6717cc7d3fab8b5f34f642c91f9956114c18a9c82fdf38993f |
| SHA512 | 1cec647ce637d3511bf56b74518c44de6255a986516915e525f273906245e9d9f65c7353b8a90de653fd9cf1293fa9c650e5af4617d06438c7c112899e3a9e80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cbf97b7372bd3606e89e6492a4420caf |
| SHA1 | f9c234e886fdc934ce1fbc1701de2b8f57e935d6 |
| SHA256 | e13e438ed6344c853f2173952943549fe32a6cfd0bc8175eb89da74d84777adf |
| SHA512 | 2ac013fc44cf5c361516e39442676d2737dcdf946b253706900dc7d65fbd4457c78a4bb6109c147867f890ed2bcae0405cebced082fc72602cd4d62b6fac8dee |