Malware Analysis Report

2024-11-16 13:03

Sample ID 240908-jagh2atcpp
Target FPS+.exe
SHA256 6d1703bd786779f40dbb4cfd0de3e39ed7f09afcb8e3555aabc1bf6839ccb4da
Tags
discordrat persistence rat rootkit stealer discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

6d1703bd786779f40dbb4cfd0de3e39ed7f09afcb8e3555aabc1bf6839ccb4da

Threat Level: Known bad

The file FPS+.exe was found to be: Known bad.

Malicious Activity Summary

discordrat persistence rat rootkit stealer discovery

Discord RAT

Discordrat family

Browser Information Discovery

Unsigned PE

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-08 07:27

Signatures

Discordrat family

discordrat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-08 07:27

Reported

2024-09-08 07:30

Platform

win7-20240729-en

Max time kernel

118s

Max time network

119s

Command Line

"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2488 wrote to memory of 2644 N/A C:\Users\Admin\AppData\Local\Temp\FPS+.exe C:\Windows\system32\WerFault.exe
PID 2488 wrote to memory of 2644 N/A C:\Users\Admin\AppData\Local\Temp\FPS+.exe C:\Windows\system32\WerFault.exe
PID 2488 wrote to memory of 2644 N/A C:\Users\Admin\AppData\Local\Temp\FPS+.exe C:\Windows\system32\WerFault.exe

Processes

C:\Users\Admin\AppData\Local\Temp\FPS+.exe

"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 2488 -s 596

Network

N/A

Files

memory/2488-0-0x000007FEF4EE3000-0x000007FEF4EE4000-memory.dmp

memory/2488-1-0x000000013FD80000-0x000000013FD98000-memory.dmp

memory/2488-2-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp

memory/2488-3-0x000007FEF4EE0000-0x000007FEF58CC000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-09-08 07:27

Reported

2024-09-08 07:30

Platform

win10v2004-20240802-en

Max time kernel

148s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\FPS+.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2416 wrote to memory of 3912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 3912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 1064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2416 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\FPS+.exe

"C:\Users\Admin\AppData\Local\Temp\FPS+.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff3eca46f8,0x7fff3eca4708,0x7fff3eca4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5496 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,14915954961364251899,10193439028370239355,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6152 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.134.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.134.159.162.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 92.123.142.51:443 www.bing.com tcp
US 8.8.8.8:53 51.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 file.io udp
US 45.55.107.24:80 file.io tcp
US 45.55.107.24:80 file.io tcp
US 45.55.107.24:443 file.io tcp
US 8.8.8.8:53 24.107.55.45.in-addr.arpa udp
US 8.8.8.8:53 www.file.io udp
GB 18.245.218.41:443 www.file.io tcp
US 8.8.8.8:53 hb.vntsm.com udp
GB 79.127.237.132:443 hb.vntsm.com tcp
GB 79.127.237.132:443 hb.vntsm.com tcp
US 8.8.8.8:53 hb.vntsm.io udp
US 8.8.8.8:53 hb-vntsm-com.global.ssl.fastly.net udp
US 104.22.46.142:443 hb.vntsm.io tcp
US 151.101.193.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 8.8.8.8:53 41.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 6.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 132.237.127.79.in-addr.arpa udp
US 8.8.8.8:53 97.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 142.46.22.104.in-addr.arpa udp
US 8.8.8.8:53 194.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
NL 142.250.102.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.exelator.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
NL 142.250.27.156:443 securepubads.g.doubleclick.net tcp
GB 143.204.176.91:443 cdn.exelator.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
GB 143.204.68.58:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
NL 142.250.27.156:443 securepubads.g.doubleclick.net udp
GB 52.84.90.86:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 8.8.8.8:53 133.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 139.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 91.176.204.143.in-addr.arpa udp
US 8.8.8.8:53 156.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 58.68.204.143.in-addr.arpa udp
US 8.8.8.8:53 156.174.53.23.in-addr.arpa udp
US 8.8.8.8:53 86.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
NL 142.250.27.138:443 fundingchoicesmessages.google.com tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
NL 64.158.223.146:443 proc.ad.cpe.dotomi.com tcp
NL 142.250.27.138:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 a.ad.gt udp
US 172.67.23.234:443 a.ad.gt tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
NL 142.250.102.132:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 138.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 146.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 95.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 mydmp.exelator.com udp
IE 34.254.143.3:443 mydmp.exelator.com tcp
US 8.8.8.8:53 onsite-tag-logs.apps.nielsen.com udp
US 8.8.8.8:53 load77.exelator.com udp
US 3.92.35.19:443 onsite-tag-logs.apps.nielsen.com tcp
GB 84.17.50.8:443 load77.exelator.com tcp
US 8.8.8.8:53 8.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 3.143.254.34.in-addr.arpa udp
US 8.8.8.8:53 19.35.92.3.in-addr.arpa udp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.18.23.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.edkt.io udp
US 8.8.8.8:53 apps.identrust.com udp
GB 18.245.250.165:443 aax.amazon-adsystem.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
US 8.8.8.8:53 track.venatusmedia.com udp
GB 2.18.190.80:80 apps.identrust.com tcp
IE 52.208.192.13:443 track.venatusmedia.com tcp
US 8.8.8.8:53 i.clean.gg udp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 165.250.245.18.in-addr.arpa udp
US 8.8.8.8:53 33.111.120.34.in-addr.arpa udp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 13.192.208.52.in-addr.arpa udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 34.95.69.49:443 i.clean.gg udp
US 8.8.8.8:53 script.4dex.io udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 elb.the-ozone-project.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
NL 185.89.210.244:443 ib.adnxs-simple.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
US 104.18.34.190:443 elb.the-ozone-project.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 163.5.194.36:443 prebid.a-mo.net tcp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 190.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 224.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 36.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 150.93.78.3.in-addr.arpa udp
US 8.8.8.8:53 tg1.aniview.com udp
GB 23.214.142.107:443 tg1.aniview.com tcp
US 8.8.8.8:53 feed.avplayer.com udp
US 8.8.8.8:53 track4.aniview.com udp
US 8.8.8.8:53 player.avplayer.com udp
US 172.240.45.75:443 track4.aniview.com tcp
GB 95.101.143.160:443 feed.avplayer.com tcp
GB 88.221.134.35:443 player.avplayer.com tcp
GB 88.221.134.35:443 player.avplayer.com tcp
US 8.8.8.8:53 32.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 107.142.214.23.in-addr.arpa udp
US 8.8.8.8:53 160.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 35.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 75.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 content1.avplayer.com udp
US 8.8.8.8:53 play.aniview.com udp
GB 88.221.134.35:443 content1.avplayer.com tcp
GB 88.221.134.51:443 content1.avplayer.com tcp
GB 23.214.142.107:443 play.aniview.com tcp
US 8.8.8.8:53 go1.aniview.com udp
US 172.240.45.81:443 go1.aniview.com tcp
US 8.8.8.8:53 51.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 ssp.disqus.com udp
US 8.8.8.8:53 cs.krushmedia.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 sync.1rx.io udp
GB 88.221.134.51:443 content1.avplayer.com udp
GB 88.221.134.51:443 content1.avplayer.com tcp
GB 88.221.134.51:443 content1.avplayer.com tcp
GB 88.221.134.51:443 content1.avplayer.com tcp
GB 88.221.134.51:443 content1.avplayer.com tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 81.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 eb2.3lift.com udp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 104.82.143.163:443 secure-assets.rubiconproject.com tcp
IE 52.211.55.97:443 ap.lijit.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 sync.mathtag.com udp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
IE 52.211.55.97:443 ap.lijit.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 104.82.143.163:443 secure-assets.rubiconproject.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 34.98.64.218:443 u.openx.net tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 3.33.220.150:443 match.adsrvr.org tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 52.203.108.61:443 ssp.disqus.com tcp
US 216.200.232.249:443 sync.mathtag.com tcp
US 52.71.88.198:443 sync.srv.stackadapt.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 52.71.88.198:443 sync.srv.stackadapt.com tcp
US 216.200.232.249:443 sync.mathtag.com tcp
US 52.203.108.61:443 ssp.disqus.com tcp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 109.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 163.143.82.104.in-addr.arpa udp
US 8.8.8.8:53 97.55.211.52.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
DE 37.252.172.123:443 secure.adnxs.com tcp
DE 51.38.120.206:443 onetag-sys.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 172.240.45.78:443 sync.aniview.com tcp
NL 142.250.102.156:443 cm.g.doubleclick.net udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 70.42.32.191:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
GB 108.138.217.61:443 hb.yellowblue.io tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 142.250.102.95:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 198.88.71.52.in-addr.arpa udp
US 8.8.8.8:53 61.108.203.52.in-addr.arpa udp
US 8.8.8.8:53 249.232.200.216.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 206.120.38.51.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 34.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 191.32.42.70.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 142.250.102.95:443 imasdk.googleapis.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 eexsync.com udp
US 80.77.87.108:443 eexsync.com tcp
NL 142.250.102.95:443 imasdk.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
NL 142.250.102.148:443 s0.2mdn.net tcp
US 8.8.8.8:53 track1.avplayer.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 172.240.45.76:443 track1.avplayer.com tcp
US 8.8.8.8:53 s.company-target.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.96.71.22:443 s.company-target.com tcp
US 8.8.8.8:53 61.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 115.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 108.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 148.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
US 172.240.45.76:443 track1.avplayer.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.96.71.22:443 s.company-target.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
DE 51.38.120.206:443 onetag-sys.com udp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
GB 13.224.222.60:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 216.58.201.99:443 csi.gstatic.com tcp
GB 216.58.201.99:443 csi.gstatic.com tcp
GB 216.58.201.99:443 csi.gstatic.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 44.213.160.10:443 cs-server-s2s.yellowblue.io tcp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 178.32.197.56:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 22.71.96.34.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 60.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 56.197.32.178.in-addr.arpa udp
US 8.8.8.8:53 10.160.213.44.in-addr.arpa udp
GB 216.58.201.99:443 csi.gstatic.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 70.42.32.191:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 18.213.23.44:443 api-2-0.spot.im tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
IE 99.81.34.69:443 jadserve.postrelease.com tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
IE 52.18.171.13:443 match.prod.bidr.io tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 18.213.23.44:443 api-2-0.spot.im tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
IE 52.18.171.13:443 match.prod.bidr.io tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 69.34.81.99.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 44.23.213.18.in-addr.arpa udp
US 8.8.8.8:53 86.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 69.166.1.32:443 apex.go.sonobi.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 246.211.90.157.in-addr.arpa udp
NL 142.250.27.138:443 fundingchoicesmessages.google.com udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 p.cpx.to udp
US 8.8.8.8:53 pub.doubleverify.com udp
US 8.8.8.8:53 secure.quantserve.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
IE 52.49.227.192:443 p.cpx.to tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
DE 91.228.74.166:443 secure.quantserve.com tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 rules.quantcount.com udp
DE 37.252.171.52:443 ib.adnxs.com tcp
DE 37.252.171.52:443 ib.adnxs.com tcp
IE 54.76.106.86:443 bcp.crwdcntrl.net tcp
GB 18.245.187.55:443 rules.quantcount.com tcp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 s.cpx.to udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 api.edkt.io udp
IE 52.49.227.192:443 s.cpx.to tcp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 224.166.18.104.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 58.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 192.227.49.52.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 55.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 52.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 86.106.76.54.in-addr.arpa udp
IE 54.239.33.158:443 aax-eu.amazon-adsystem.com tcp
US 34.120.111.33:443 api.edkt.io tcp
US 34.120.111.33:443 api.edkt.io udp
US 8.8.8.8:53 b77b60347770878d379ee154199caa87.safeframe.googlesyndication.com udp
NL 142.250.27.132:443 b77b60347770878d379ee154199caa87.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.102.154:443 googleads.g.doubleclick.net tcp
NL 142.250.102.132:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.104:443 www.google.com tcp
US 8.8.8.8:53 cdn1.vntsm.com udp
FR 185.93.2.251:443 cdn1.vntsm.com tcp
US 8.8.8.8:53 158.33.239.54.in-addr.arpa udp
US 8.8.8.8:53 132.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 154.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 251.2.93.185.in-addr.arpa udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
NL 185.235.87.182:443 gem.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
NL 185.235.87.159:443 ag.gbc.criteo.com tcp
US 34.120.111.33:443 api.edkt.io udp
US 8.8.8.8:53 182.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 159.87.235.185.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 stx-match.dotomi.com udp
IE 52.18.171.13:443 match.prod.bidr.io tcp
US 52.71.88.198:443 sync.srv.stackadapt.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
DK 37.157.5.84:443 c1.adform.net tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
NL 64.158.223.137:443 stx-match.dotomi.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 70.42.32.191:443 b1sync.zemanta.com tcp
US 52.71.88.198:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
IE 52.18.171.13:443 match.prod.bidr.io tcp
US 8.8.8.8:53 match.sharethrough.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 8.8.8.8:53 108.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 84.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 72.119.184.18.in-addr.arpa udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 equativ-match.dotomi.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
NL 63.215.202.172:443 equativ-match.dotomi.com tcp
GB 108.156.39.117:443 s.ad.smaato.net tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 117.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 172.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 105.238.202.149.in-addr.arpa udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
DE 37.252.171.52:443 ib.adnxs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
US 8.8.8.8:53 ib.3lift.com udp
GB 143.204.68.118:443 ib.3lift.com tcp
US 8.8.8.8:53 www.file.io udp
US 8.8.8.8:53 ads.eu.criteo.com udp
US 8.8.8.8:53 118.68.204.143.in-addr.arpa udp
NL 178.250.1.17:443 ads.eu.criteo.com tcp
NL 178.250.1.17:443 ads.eu.criteo.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 widget.nl3.eu.criteo.com udp
US 8.8.8.8:53 cat.nl3.eu.criteo.com udp
NL 178.250.1.9:443 widget.nl3.eu.criteo.com tcp
NL 178.250.1.6:443 cat.nl3.eu.criteo.com tcp
US 8.8.8.8:53 17.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 6.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 csm.eu.criteo.net udp
US 8.8.8.8:53 imageproxy.eu.criteo.net udp
NL 178.250.1.25:443 csm.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 staticassets-creator-design.criteo.net udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
NL 178.250.1.22:443 staticassets-creator-design.criteo.net tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 15.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 22.1.250.178.in-addr.arpa udp

Files

memory/4928-1-0x0000022BFD950000-0x0000022BFD968000-memory.dmp

memory/4928-0-0x00007FFF42593000-0x00007FFF42595000-memory.dmp

memory/4928-2-0x0000022C001D0000-0x0000022C00392000-memory.dmp

memory/4928-3-0x00007FFF42590000-0x00007FFF43051000-memory.dmp

memory/4928-4-0x0000022B986A0000-0x0000022B98BC8000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 847d47008dbea51cb1732d54861ba9c9
SHA1 f2099242027dccb88d6f05760b57f7c89d926c0d
SHA256 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512 bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

\??\pipe\LOCAL\crashpad_2416_RXYARBEWXWZVZORW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f9664c896e19205022c094d725f820b6
SHA1 f8f1baf648df755ba64b412d512446baf88c0184
SHA256 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA512 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 088297568271616b128316e0952dba38
SHA1 80c80be46ff7f512a2a2f559fdff12781d5ff7ee
SHA256 0e32804b26fd9f9f77a68638d966d924664c71bb2f42057338731bc78cffae9c
SHA512 132452b6e46b5a3a5906b0a9c066665d57166d452c726c87edcddc9cb5f4b84fb049e3a2554e2ebfbd5994e359d3c5584b348e1de1d32b9881b5f023003b6aad

memory/4928-29-0x00007FFF42590000-0x00007FFF43051000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4374fe5034f0bc4ca6a10767df3520f1
SHA1 28aef11eee0dfaaf9bf114b31b9e7c498fa76040
SHA256 b5c7b60d6283933197be37af640873945a4ab91dde6680ed5255b4d9a0cdfc4a
SHA512 41d2a1e4082b3793f4e762b7944bf11e8ccea2b1b4bfd7fb0d2e69d0f2b2f62b7cf1d02cfe69d85d401df090cc3dd5d210451d2a9bb00092873713ed6573c804

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 caa4019e639784dfe3b2b7a45b0295a9
SHA1 47cf7a97e283dff2254300d881b8d3134c314928
SHA256 2b0f325aa64ee612713db42e14d40f79e5f72d1156892934f6d99f3682f4ca05
SHA512 f7d82e700ac5d849ef114debd8a8b88edd27342e60dd3efac41ca056c06c3678aa4b0e2b3e5662623692b920a548e1c71f79949a1c087cb79872ece8be788b08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\337dfc13-0d1a-4877-9949-32a45ee483a5.tmp

MD5 8b711f551343a8bb1c86cd28d1a1b82c
SHA1 e1020eef15f042f340518e395f381d8027415a74
SHA256 e9bf2396064490ec25ec4e29593b911f2d4a97792c0c13b6fe4677d7b8fd8dbe
SHA512 effa5c7ad62d8395702247d89eab72092a3442969c9c78667aa7a401bfd687d79cb5a7628f597fed26ae90bf3317451a66e2f183019196a0d46cf9de36a07ad7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 034d3bc8df893aea9a2684b24ef9188f
SHA1 6887f66119b02cfd1673371d712999bc905ffc58
SHA256 301db5a6f5a4dbb592548c4fcc8734a3dd72a0c56b520f17b424e2be8de2aa43
SHA512 c10745db8b01e00bed7cf3fd17ade6bfd48e6ed771a6d9a5db67142200baa2b7cec25d8d81fd72b892e7b6c48eec2ddd29099e4897767203aa4ff566eb20c772

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 edf7f976a0e30d0d080c8116344841f0
SHA1 19079213325967d1b112adf02ccc1ce6ee595d6e
SHA256 90fed2b7b01dd2bf9db9877449337a28263a7c2c4fe79b49fe6304376afa5abc
SHA512 c992330f560caaba354129b8040849fefef640708df6097fbf1b935cd8697ec71bca34167d1b4338e01c50eede66a61a7ac697c78dbd03d3082f34bf2dfe3720

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 7a4c6579e85e7687b7caeff56326b359
SHA1 b39f533c843aaefbac0058eafc4e6b6b05d09aa2
SHA256 4ae263098c462e6e6b2243f5a3a69df9de80d09c341c137dac3b7318b2038b50
SHA512 686c78f37b70b6eb8ce3728208cfd280d784511882487284d53da9a34e6ed6e5ac366d0200629c9f77c84899166feeb976b95e8a095a13bd0191665a06b6d17f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 022187b85a4fff81d560b4d18cec2ec1
SHA1 958e0f89696ea17c506f1dbb4d9908fe5c9ef9bd
SHA256 e4c67562ac48ca4113e41bc4666ad9b39de648028a13069d09291ede15f28cdc
SHA512 c4d6bdb34076552dbcf22aba8854936ecc5641b02f55e532b8cd2fbcfbffb8a530dbeb06b010f41295e68be286d5f49ee03d21ea894560a906ecde9a421da71e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe593714.TMP

MD5 9eb2a1a722a18084241a3ef79d7e1d4d
SHA1 bcdbed4cb229397b17774ddb3e6c5405cafa9f28
SHA256 b050304dbbc78e36db0748ef01c067a9dd95f1a6cace12322de9fdc1c324fc31
SHA512 05c26c08218435f3fd34323b5319da06a77a009e74df1374e1ac0494b0c5ea74518bf9d62fd87de2650b1890d64cd22d1c3ba126a0fa0691b335a5410d1083e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 5a69247e8c86c887d3d1b973c8bff7d1
SHA1 13f0a5c7aaf7847cc3463d0c85ba8720ea012dc0
SHA256 7d628488b5a607df805e9bc059c59cd49125b681f6cc47ad485f627f37f9771e
SHA512 497fbf6aede322dc8eb02ce7407ca5ca48e0d78b671c10372663683d13f79f98e30c6c87a7fe1a971aba64a37ac17f39b30a73f30a296a1240dd9131c33b2100

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 ee5d7349d05a3812ff8b0a0db5b3b9a6
SHA1 51c61cb259391be7ea5f1eeb4eee874831549512
SHA256 229a0b3488ca7a7a1436ebc8677d745f39608f19e5456e2912d090a0e56830ce
SHA512 7401c87fad8d305e2b90c5915eef217a479c13cbb0b62b6b8a6571e4f18a61ab6e92e298566c3a44c97356b4ff3d2d6a7b7fe03cb79d85d14fbb68172bca52a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9da15306fe535dd0b18d55c6aaf7bcc3
SHA1 3ae866fbae00a9b22b1ecf3761502e0ae2c79748
SHA256 a19420eb449f951e0ff08a9adae27912693200b4226206ccb76235cf1fb11e95
SHA512 1e14b76dfa0a197d09dca3d65f83dc8ec0f1b60f448381488bb55b9dd515a532827e5acb8d2d32a6ea02dd8d2dc8ce724fa71544ddce465bed74fb1d860305ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8132dd6e45c4ff260a654c43e2b3fbbd
SHA1 9558391c8c06a217388caf7b2185d4b9cd7e46d1
SHA256 a7b68a88e1ed882f6ceb358f1b5b690a5f400a602b589e98db834b2e7d37e162
SHA512 6b8b22474af22b7ac11130399e39a3d01ecc6abc0053d3f641565fa036cf0a5d9440e4da2c1b93f430961945ccbbb448cda45f188b8c42e1adc16c90ed4b8bfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca2260a7a6aa9154b7d9e4aaf1fb1e35
SHA1 3499ef350866dea29b97d6514ee72cfd091ab044
SHA256 79d99ff83a7fed6717cc7d3fab8b5f34f642c91f9956114c18a9c82fdf38993f
SHA512 1cec647ce637d3511bf56b74518c44de6255a986516915e525f273906245e9d9f65c7353b8a90de653fd9cf1293fa9c650e5af4617d06438c7c112899e3a9e80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cbf97b7372bd3606e89e6492a4420caf
SHA1 f9c234e886fdc934ce1fbc1701de2b8f57e935d6
SHA256 e13e438ed6344c853f2173952943549fe32a6cfd0bc8175eb89da74d84777adf
SHA512 2ac013fc44cf5c361516e39442676d2737dcdf946b253706900dc7d65fbd4457c78a4bb6109c147867f890ed2bcae0405cebced082fc72602cd4d62b6fac8dee