Analysis Overview
SHA256
d3f0b6a5e1797be376a82e6887f414cfb448e4fcc87d9d42c2672b387f0e1f3c
Threat Level: Likely malicious
The file Spotify.exe was found to be: Likely malicious.
Malicious Activity Summary
Deletes shadow copies
VMProtect packed file
Checks computer location settings
Enumerates physical storage devices
Browser Information Discovery
Unsigned PE
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Interacts with shadow copies
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Uses Volume Shadow Copy service COM API
Gathers network information
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 23:36
Signatures
VMProtect packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 23:36
Reported
2024-11-13 23:39
Platform
win7-20241010-en
Max time kernel
14s
Max time network
19s
Command Line
Signatures
VMProtect packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 392 wrote to memory of 2816 | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | C:\Windows\system32\WerFault.exe |
| PID 392 wrote to memory of 2816 | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | C:\Windows\system32\WerFault.exe |
| PID 392 wrote to memory of 2816 | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | C:\Windows\system32\WerFault.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\Spotify.exe
"C:\Users\Admin\AppData\Local\Temp\Spotify.exe"
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 392 -s 852
Network
Files
memory/392-0-0x000007FEF5E03000-0x000007FEF5E04000-memory.dmp
memory/392-1-0x0000000000E40000-0x00000000013FE000-memory.dmp
memory/392-2-0x000007FEF5E00000-0x000007FEF67EC000-memory.dmp
memory/392-4-0x000007FEF5E00000-0x000007FEF67EC000-memory.dmp
memory/392-3-0x000000001CA70000-0x000000001CBEC000-memory.dmp
memory/392-5-0x000007FEF5E00000-0x000007FEF67EC000-memory.dmp
memory/392-6-0x0000000000880000-0x0000000000890000-memory.dmp
memory/392-7-0x000007FEF5E00000-0x000007FEF67EC000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-13 23:36
Reported
2024-11-13 23:40
Platform
win10v2004-20241007-en
Max time kernel
207s
Max time network
211s
Command Line
Signatures
Deletes shadow copies
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
VMProtect packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\vssadmin.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Spotify.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Spotify.exe
"C:\Users\Admin\AppData\Local\Temp\Spotify.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /for=C: /quiet & exit
C:\Windows\system32\vssadmin.exe
vssadmin delete shadows /for=C: /quiet
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C ipconfig /flushdns & exit
C:\Windows\system32\ipconfig.exe
ipconfig /flushdns
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C FSUTIL USN DELETEJOURNAL /D C: & exit
C:\Windows\system32\fsutil.exe
FSUTIL USN DELETEJOURNAL /D C:
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb2a3d46f8,0x7ffb2a3d4708,0x7ffb2a3d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2032026464526698605,3956731947244640981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7924 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| GB | 95.101.143.219:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 219.143.101.95.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 143.244.215.221:443 | file.io | tcp |
| US | 143.244.215.221:443 | file.io | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| FR | 3.165.113.125:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| US | 151.101.131.42:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | 221.215.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| US | 151.101.131.42:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 151.101.1.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 104.22.46.142:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 173.194.76.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 42.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.46.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.76.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.exelator.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 13.249.9.21:443 | cdn.exelator.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| FR | 52.84.174.6:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | mydmp.exelator.com | udp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | onsite-tag-logs.apps.nielsen.com | udp |
| US | 8.8.8.8:53 | load77.exelator.com | udp |
| US | 44.207.166.221:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| GB | 89.187.167.38:443 | load77.exelator.com | tcp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| GB | 216.58.212.238:443 | fundingchoicesmessages.google.com | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.166.207.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.179.225:443 | lh3.googleusercontent.com | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| FR | 18.245.199.156:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| IE | 63.33.29.152:443 | track.venatusmedia.com | tcp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.111.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.29.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| FR | 18.155.129.56:443 | tags.crwdcntrl.net | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | ex.ingage.tech | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 172.64.153.66:443 | elb.the-ozone-project.com | tcp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| IE | 54.194.120.205:443 | bcp.crwdcntrl.net | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.146.150:443 | ex.ingage.tech | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.120.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.93.153.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 172.64.146.150:443 | ex.ingage.tech | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 8e4b8987992fda02cee2f71407280a2d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| GB | 142.250.200.1:443 | 8e4b8987992fda02cee2f71407280a2d.safeframe.googlesyndication.com | tcp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | tcp |
| GB | 104.82.233.61:443 | tg1.aniview.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.233.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | track4.aniview.com | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 2.20.12.106:443 | player.avplayer.com | tcp |
| FR | 185.235.86.153:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.237:443 | gem.gbc.criteo.com | tcp |
| GB | 95.101.143.160:443 | feed.avplayer.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 2.20.12.106:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| GB | 2.20.12.106:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| GB | 104.82.233.61:443 | play.aniview.com | tcp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | scripts.webcontentassessor.com | udp |
| US | 151.101.66.217:443 | scripts.webcontentassessor.com | tcp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| NL | 185.64.189.221:443 | st.pubmatic.com | tcp |
| US | 8.8.8.8:53 | go1.aniview.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 81.17.55.108:443 | ssbsync.smartadserver.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| IE | 18.200.140.103:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | 81.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 80.77.87.216:443 | cs.krushmedia.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| DK | 37.157.6.254:443 | c1.adform.net | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | inv-nets.admixer.net | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 2.20.12.106:443 | content1.avplayer.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| GB | 142.250.179.226:443 | cm.g.doubleclick.net | tcp |
| FR | 217.182.178.229:443 | ssbsync-global.smartadserver.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| US | 8.8.8.8:53 | s2s.aniview.com | udp |
| US | 8.8.8.8:53 | cs.ingage.tech | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.140.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| GB | 2.20.12.69:443 | acdn.adnxs.com | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 34.195.202.207:443 | cs.ingage.tech | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | optimized-by.rubiconproject.com | udp |
| US | 8.8.8.8:53 | delivery.redpineapplemedia.com | udp |
| FR | 163.5.194.34:443 | sync.a-mo.net | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| DE | 52.58.43.76:443 | optimized-by.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.167.202.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| IE | 52.18.189.240:443 | delivery.redpineapplemedia.com | tcp |
| IE | 52.18.189.240:443 | delivery.redpineapplemedia.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 52.204.245.185:443 | sync.srv.stackadapt.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 104.18.6.198:443 | gum.aidemsrv.com | tcp |
| GB | 142.250.179.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 52.204.245.185:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 69.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.202.195.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.43.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.189.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 54.147.159.241:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.245.204.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.6.18.104.in-addr.arpa | udp |
| IE | 54.155.94.181:443 | jadserve.postrelease.com | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| US | 54.83.39.146:443 | api-2-0.spot.im | tcp |
| DE | 148.251.40.147:443 | sync.richaudience.com | tcp |
| NL | 35.214.130.46:443 | csync.loopme.me | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| FR | 18.244.28.8:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| GB | 216.58.213.10:443 | imasdk.googleapis.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | cacerts.geotrust.com | udp |
| SE | 192.229.221.95:80 | cacerts.geotrust.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | b36d3910ccb1f3b25b4b77bb91670520.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | udp |
| GB | 216.58.213.10:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.159.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.94.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.130.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.156.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.39.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 142.250.187.230:443 | s0.2mdn.net | tcp |
| GB | 142.250.178.2:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 209.85.144.120:443 | csi.gstatic.com | tcp |
| US | 209.85.144.120:443 | csi.gstatic.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| GB | 142.250.178.2:443 | pubads.g.doubleclick.net | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | equativ-match.dotomi.com | udp |
| NL | 64.158.223.140:443 | equativ-match.dotomi.com | tcp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | udp |
| US | 209.85.144.120:443 | csi.gstatic.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.144.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.223.37:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 37.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.179.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | tcp |
| US | 8.8.8.8:53 | 84.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | img.3lift.com | udp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| FR | 52.222.149.104:443 | img.3lift.com | tcp |
| US | 8.8.8.8:53 | 822a2c7459a3bcdb501861ec9e1ccd80.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.149.222.52.in-addr.arpa | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 0c14be16f14188ce037010ecd5c242c8.safeframe.googlesyndication.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| GB | 2.20.12.75:443 | cdn.adnxs-simple.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 650827bef22a7d575156e41709681624.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.12.20.2.in-addr.arpa | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eb299b9a948f0f7598359caba18058ab.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 224.199.156.18.in-addr.arpa | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e0ed989efa1df22e92255d96c406f788.safeframe.googlesyndication.com | udp |
Files
memory/5056-0-0x00007FFB29E63000-0x00007FFB29E65000-memory.dmp
memory/5056-1-0x000001CD54680000-0x000001CD54C3E000-memory.dmp
memory/5056-2-0x000001CD6F140000-0x000001CD6F2BC000-memory.dmp
memory/5056-3-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-4-0x000001CD55070000-0x000001CD55080000-memory.dmp
memory/5056-5-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-6-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-7-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-8-0x00007FFB29E63000-0x00007FFB29E65000-memory.dmp
memory/5056-9-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-10-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-11-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-12-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-13-0x000001CD56A60000-0x000001CD56A6C000-memory.dmp
memory/5056-14-0x000001CD70020000-0x000001CD7003A000-memory.dmp
memory/5056-15-0x000001CD6F310000-0x000001CD6F318000-memory.dmp
memory/5056-16-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-19-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
memory/5056-21-0x00007FFB29E60000-0x00007FFB2A921000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e443ee4336fcf13c698b8ab5f3c173d0 |
| SHA1 | 9bf70b16f03820cbe3158e1f1396b07b8ac9d75a |
| SHA256 | 79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b |
| SHA512 | cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd |
\??\pipe\LOCAL\crashpad_1780_OSUSZECNFYBTXKJP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56a4f78e21616a6e19da57228569489b |
| SHA1 | 21bfabbfc294d5f2aa1da825c5590d760483bc76 |
| SHA256 | d036661e765ee8fd18978a2b5501e8df6b220e4bca531d9860407555294c96fb |
| SHA512 | c2c3cd1152bb486028fe75ab3ce0d0bc9d64c4ca7eb8860ddd934b2f6e0140d2c913af4fa082b88e92a6a6d20fd483a1cb9813209f371a0f56374bc97d7f863b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ff8d7f904cdc7691c4ec51c936e2fd92 |
| SHA1 | 107fc057b0d4bb531cd1171601c43df7223c405d |
| SHA256 | af80b363de392e7ad536676ee06fe3804e9bb32a12964bac955af4f12ba389c3 |
| SHA512 | 950b8cb93a1db7f6d6529b18dd49bad50d91a84031168f668bc843e27573a1c7c9a43193b0bcc5faa23170d88401ca09a23ef4479bb82f512956165797e221ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 66e93bd30b849e5a0397e6be13c3d365 |
| SHA1 | 042bd8cd6895929bc8b89f3318e9129cda673a74 |
| SHA256 | feff22b64307d00b7a9b0f3b69f182b06a7a8f5968524c697a5d16673bdda2ff |
| SHA512 | 76022668bf68e7517c1d2261a29002c468adf29786d403985188e59aabc53b09c0d714fb2167c9a2ce55d02724f19a5d385509aee0fb660a653f6329ee8d97fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 89017a4b7f48a008e02ad57f163ca058 |
| SHA1 | 7419cd5fe2fb5f77f30cc1d96bafdea4a6a581b1 |
| SHA256 | 1ac7f818795d85b059ef81408b5eade17886cd92f6de9c484e918e5dea9195f0 |
| SHA512 | 36b1deca526bb77d2f19875fa3e36a6d6bf33a937cbc03c11f25460204093b60223e862293dee3a63a4de5f2f307420aa8572af130a99f8c27073727f8dbe03d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9a5e8d2606827193ac4fd82ee4b3fc5a |
| SHA1 | a9035cd61e40be873d2cc8b4a1d30ebee72f5005 |
| SHA256 | 48b991e99093d8fab9390b3184a6e8a720e23cd73d71fa82e49f0b875c1a996e |
| SHA512 | 2f7c0ab744e419479db58224195782937c14d8276a55761425cdd5502ccaa548deed789f80cefa041c7a42f306f61313d8f7d762a932e62cabda509de62c496a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 722a5c8e9a28cf3220825f4e555176a3 |
| SHA1 | c662f0371ee534a0e20b1b9e6a5f49e4609fb86d |
| SHA256 | 21b7757220221262068a3943e4c7ac09e690e65c40403f3a20af4f58d1e5cf81 |
| SHA512 | 0a9cc0a324b3bbc7046be76103ea9c909d6bce6017cfb7c409344d7610b8d720be6e115775ff56b4ade6e304e69cdd944482d5f2511865dd30bd60afd0282291 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 161c27855fd0e1806cc54f741d30998f |
| SHA1 | 54756901b6d434cfb78a0c191ead72421920ad25 |
| SHA256 | 70a62ed293036ff32ad3a2a962d3236a410f366e472862d95a21be9453f371bb |
| SHA512 | 694940cede247919b3b405be8796df02876b7166afa644cd5e8525f5396a2f1c48c1c441b537f3e1d78a9958f7dc215c6faabe89f1e93ed1f064529511afa5c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59624a.TMP
| MD5 | 24f3b77149b718fde960daaa6b48b1e5 |
| SHA1 | c62961abdf29259912ee80467061acc7ae94a2d3 |
| SHA256 | fd617a09aad2171489c9b0a8304f8437367192b87b60e0060c31280efc35b706 |
| SHA512 | f279864f49bbc51b2207d79094c7a93e048d0a29ccd80f9794a9fa904afdeac506eddf984669d7f1c195716b8698266fb5e9e78e87d85f4174a4c278473c7aeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be48eea7381dd753b06d44b6964ada1e |
| SHA1 | c86686bcce3f125a102f8678d38739ba155f1267 |
| SHA256 | d798db7e60e8eebca0b6640bda8deab1b43d868445704b6b8fc66a12e4aef569 |
| SHA512 | d3fa53e96d12d08b5e90ffc775bcd5a0e4f53ead662fc6b0d580a4ceae9929c31f7fb34eb0dd9d526f2b0dfb8ba8171fc28d4619d56b2a161f1447ea0cabda0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d19d965de05c62cdf84e672856b7413c |
| SHA1 | 0e8b411772fa54b39d5058ad75c30b35a57ac0f1 |
| SHA256 | 2eebe19f49e396ac2750c9f2894481b2cc8e94371974560a3032ab09538b2055 |
| SHA512 | ff07ec25f10b1735f697ec5a758ecd46e4b659f252f035d0a88e08b7c8b12af5a91ff5299fd3025a59274b3c11827056372e7f591454fd23c2de054bfc23f92d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 2aca15e13367d6f3ae1f4279b0ad0865 |
| SHA1 | d861dee4c0530e5925f54fb1309b770a354a8e98 |
| SHA256 | fd9287b10ee0b5ad853ab0f13c5c10280ad2b1cd5fb6dc479cc25d9c143a750d |
| SHA512 | 9d8bdffc792861f46c60f0461f9c68696f534648af47aa195936d0ab2e045ed94684c642ea3be1802d9055a19a67e43d35cf077035be412b2d365943a7b2c488 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | a0c9ebf3249a327364d7f308a70be16d |
| SHA1 | aa349f19c9a500e3491826a38fe3a35f3520b1b9 |
| SHA256 | 51ef8ed7e5bd269770c46c4dd04253c0370c01dc95069da6f4558777e43ba902 |
| SHA512 | dc40dcbde2e0f0aa8eaa33faf7bf00094f2ad24691cd3bcd09d45de6a07be88878508562dd7fc1e6adafb8fc2231e18cc21a07daedb08fd9390fcaa9ff649dc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | db9832619d845c52663295d9263f5f5f |
| SHA1 | a849772f84b6f933963c1f44819689f8d1355824 |
| SHA256 | 96a06fce3693f4998fdaecf4d32b8fd99b9b643652b7b3960f8c4cd4daa738e8 |
| SHA512 | 1424eb4bf5f803e41d59c4d7785a276eaea68fee2621958f20c127c50bed50bf1bd16a2b0e50fdeb1e7f6a5b8312f792bbd91f5f02ec49d7213d7bc9c1e45ea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 2abd079be1223e68fdd6f520afe8fab7 |
| SHA1 | 0f52ef825e632aa99b80724e2fc419fe1413ff39 |
| SHA256 | fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75 |
| SHA512 | 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa2a66586ce2ead9365656a79012a5cc |
| SHA1 | fdea9c73b2a53671e86ad9e9ea75b15389753189 |
| SHA256 | ec919b856ba29cc3c722bd53db66819b057ce698e969593ceca3f644512a78a2 |
| SHA512 | c6cd1e682f878bbcb52ce30afb89b201fd2d614881e5f18fc73e5bc2dcfad76945c250489f4a365b6e996e1e72917733db4fe303b5b254f25ec635bfc84abc58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd0baf7887df1045a6fff84d6603a39d |
| SHA1 | a9d16605eeaffdbc927f8cf8f3062cf28bf14e48 |
| SHA256 | 1fe60c78c9aac20a6d1b72fd6aee41fc2c5dc790a9569d683d070bb658ac40e0 |
| SHA512 | b8ad0f50854e1a44f1eaaa00e2729e2c0e083459271ef3c7bcf245f5faefb88914a6b3f97a27749d76a8f3448e78d89352067c3ceab0611b491291fea5098855 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | f79882e12fe87d482fe216d30ef3c93a |
| SHA1 | e3031f2d694529705d8634b397815cd907fec24d |
| SHA256 | c95d79ddd197080d143fdbaf458ce6d653621088f2d16827b3037f4417a32f61 |
| SHA512 | 075f20268aa1b46fd322da5220b1705e42076d6ee681417bc95d5e900c6ed9929eca102796757e5db387db56ed2e97937e074b5af75840e55b018623c0a845c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | c03ff64e7985603de96e7f84ec7dd438 |
| SHA1 | dfc067c6cb07b81281561fdfe995aca09c18d0e9 |
| SHA256 | 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526 |
| SHA512 | bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\364fcb75f18341ab_0
| MD5 | 3413596655d9c8a958054d4037bc5387 |
| SHA1 | 7a534f98a00dfb0f9b16345714ffe7cc6655ec5a |
| SHA256 | 04f14bd1e83f725b80d3fab960757ce22b5130ced72fd083f6d1fb1dbf1b2ffa |
| SHA512 | 19d66b8edfd0411b4362f3015d0c003d6d553b05a4a51d93d479fa047d91e4a42ef27e136e5ab4c9421b36e5979658b98c60cb7da11f4e376fea2bbd0706f69a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5ad678fe92cf20c081bd7640926403b9 |
| SHA1 | 18161dd611d804cd51e0a7c882bd08517aad4d95 |
| SHA256 | dfbde2c8f7cad9257622d0f296f555873c9270dd1dd3f45909f619d44948d574 |
| SHA512 | ea8485dfb15da322a59be70adbfe496376a6d3fefd6895fe108889e6f037fc93d546c8cb105ce7c72aa9579a99d1be726b610bdfc787756e19698d2c8788450b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6ad1a5bef090b736_0
| MD5 | a9533cf8b72775580a195292040ec092 |
| SHA1 | bbc1aaa0e4f1af4714f8d4e1cd48829606fcec65 |
| SHA256 | daebb2cc5c7a4ab06cfba284857b1a370a5c0949a441e306b5555c92758edf1c |
| SHA512 | 68ed392f003b09cd47dffb7c1dc87c0f04c0a909496d8667971dd0f8d99235137d8fbd6d91280431dd25a3dd86999086d468763f6e729368522294ea71c99ca9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c73ddd9a6378ff91b0896f373fc71459 |
| SHA1 | fd3c3da5c46a214d3065e268aa458349a909eb95 |
| SHA256 | 2fb1e8db8a28961143eeb4cf063dbc26eeb6d96e93b2fcafedc225834fb050f9 |
| SHA512 | 2886da318ccd07a312bf0eb800679e5733063edbfbba9e6429aa114092f6c4b42497e3075362d882bba023ef1e51681410c34935e9c50cc2524f39347d991d78 |