Analysis Overview
Threat Level: Likely malicious
The file https://piratebay.party was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: prebid-universal-creative@latest
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Enumerates connected drives
Adds Run key to start application
System Binary Proxy Execution: Verclsid
Drops file in System32 directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Uses Task Scheduler COM API
Checks processor information in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Modifies registry class
NTFS ADS
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 00:49
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 00:49
Reported
2024-11-13 01:35
Platform
win7-20240903-en
Max time kernel
2617s
Max time network
2285s
Command Line
Signatures
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: prebid-universal-creative@latest
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| N/A | N/A | C:\Program Files\Notepad++\notepad++.exe | N/A |
| N/A | N/A | C:\Program Files\Notepad++\updater\gup.exe | N/A |
| N/A | N/A | C:\Program Files\Notepad++\notepad++.exe | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Windows\CurrentVersion\Run\RESTART_STICKY_NOTES = "C:\\Windows\\system32\\StikyNot.exe" | C:\Windows\system32\StikyNot.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\Z: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\mstsc.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\mstsc.exe | N/A |
System Binary Proxy Execution: Verclsid
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\verclsid.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Windows\system32\SearchProtocolHost.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Notepad++\autoCompletion\cobol.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\contextMenu.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\notepad++.exe | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\BaanC.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\php.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\xml.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\rust.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\LICENSE | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\cpp.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\gdscript.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Solarized-light.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\DansLeRuSH-Dark.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\actionscript.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\inno.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\plugins\Config\nppPluginList.dll | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\ini.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\gdscript.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\overrideMap.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Navajo.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Plastic Code Wrap.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Vibrant Ink.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Bespin.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\updater\LICENSE | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\cobol-free.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\haskell.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\plugins\mimeTools\mimeTools.dll | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\khaki.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\vb.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\javascript.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\asm.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\lua.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\updater\README.md | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\sql.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\langs.model.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\c.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\css.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\python.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\cs.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\bash.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\coffee.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\baanc.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\fortran77.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\localization\english.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Deep Black.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\rc.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\c.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\vhdl.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Hello Kitty.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\uninstall.exe | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\krl.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\powershell.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\ada.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\updater\updater.ico | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\contextMenu\NppShell.msix | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\perl.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\tex.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\virus.bat | C:\Program Files\Notepad++\notepad++.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\java.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\autoCompletion\batch.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Ruby Blue.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\sinumerik.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\functionList\javascript.js.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\updater\gup.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| File created | C:\Program Files\Notepad++\themes\Zenburn.xml | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%systemroot%\system32\XpsRchVw.exe,-103 = "View, digitally sign, and set permissions for XPS documents" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{1E589E9D-8A8D-46D9-A2F9-E6D4F8161EE9} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF = 0100000000000000300d11836735db01 | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\SwagBitsPerSecond = "19922944" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%systemroot%\system32\Msinfo32.exe,-130 = "Display detailed information about your computer." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\miguiresource.dll,-101 = "Event Viewer" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\SampleRes.dll,-108 = "Penguins" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\System32\searchfolder.dll,-9023 = "Saved Search" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe,-291 = "Math Input Panel" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@gameux.dll,-10056 = "Hearts" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\FileGrowthQuantumSeconds = "180" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\gameux.dll,-10057 = "Minesweeper" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\notepad.exe,-469 = "Text Document" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\System32\acppage.dll,-6003 = "Windows Command Script" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@searchfolder.dll,-32820 = "Indexed Locations" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@gameux.dll,-10059 = "Mahjong Titans" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\SampleRes.dll,-103 = "Hydrangeas" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\ActiveMovie\devenum 64-bit | C:\Windows\system32\SearchFilterHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\ActiveMovie | C:\Windows\system32\SearchFilterHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\CacheLongPageCount = "32" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%windir%\system32\miguiresource.dll,-102 = "View monitoring and troubleshooting messages from windows and other programs." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\gameux.dll,-10209 = "More Games from Microsoft" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\System32\ieframe.dll,-912 = "HTML Document" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\MCTRes.dll,-200017 = "GobiernoUSA.gov" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe,-102 = "Windows PowerShell ISE (x86)" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\system32\gameux.dll,-10303 = "Enjoy the classic strategy game of Chess. Play against the computer, or compete against a friend. The winner is the first to capture the opponent’s king." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%systemroot%\syswow64\unregmp2.exe,-155 = "Play digital media including music, videos, CDs, and DVDs." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\C:\Windows\system32,@elscore.dll,-8 = "Microsoft Malayalam to Latin Transliteration" | C:\Windows\system32\SearchIndexer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\eHome\ehepgres.dll,-312 = "Sample Media" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\gameux.dll,-10060 = "Solitaire" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\system32\gameux.dll,-10306 = "Overturn blank squares and avoid those that conceal hidden mines in this simple game of memory and reasoning. Once you click on a mine, the game is over." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\system32\gameux.dll,-10300 = "Play the classic strategy game of Checkers against online opponents. Be the first to capture all your opponent’s pieces, or leave them with no more moves, to win the game." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Program Files\Windows Sidebar\sidebar.exe,-1005 = "Desktop Gadget Gallery" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\MCTRes.dll,-200005 = "Websites for United States" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\MPEG2Demultiplexer | C:\Windows\system32\SearchFilterHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\wdc.dll,-10021 = "Performance Monitor" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\system32\gameux.dll,-10307 = "Purble Place is an educational and entertaining game that comprises three distinct games that help teach colors, shapes and pattern recognition." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\gameux.dll,-10056 = "Hearts" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Program Files\Common Files\system\wab32res.dll,-10100 = "Contacts" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{E2FB4720-F45F-4A3C-8CB2-2060E12425C3} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF = 0100000000000000b09f62886735db01 | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%systemroot%\system32\pmcsnap.dll,-710 = "Manages local printers and remote print servers." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\system32\gameux.dll,-10311 = "More Games from Microsoft" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%windir%\system32\migwiz\wet.dll,-590 = "Transfers files and settings from one computer to another" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\SampleRes.dll,-106 = "Tulips" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\System32\acppage.dll,-6002 = "Windows Batch File" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\LogMinJobWaitTimeMs = "3000" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\eHome\ehepgres.dll,-308 = "Landscapes" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\msinfo32.exe,-100 = "System Information" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\filemgmt.dll,-2204 = "Services" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{F81B1B56-7613-4EE4-BC05-1FAB5DE5C07E} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF = 010000000000000070b46b8c6735db01 | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%windir%\system32\mblctr.exe,-1004 = "Opens the Windows Mobility Center so you can adjust display brightness, volume, power options, and other mobile PC settings." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{97E467B4-98C6-4F19-9588-161B7773D6F6} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF = 0100000000000000f03855806735db01 | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\ShadowFileMaxClients = "32" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%windir%\system32\migwiz\wet.dll,-601 = "View reports from transfers you've performed" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\System32\AuthFWGP.dll,-20 = "Windows Firewall with Advanced Security" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\C:\Windows\system32,@elscore.dll,-1 = "Microsoft Language Detection" | C:\Windows\system32\SearchIndexer.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SBE\SAL\NvpRecCount = "32" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{E46787A1-4629-4423-A693-BE1F003B2742} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF = 0100000000000000d0653d8b6735db01 | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%SystemRoot%\System32\authFWGP.dll,-21 = "Configure policies that provide enhanced network security for Windows computers." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\iscsicpl.dll,-5001 = "iSCSI Initiator" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@%windir%\system32\odbcint.dll,-1312 = "Maintains ODBC data sources and drivers." | C:\Windows\system32\SearchProtocolHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\@C:\Windows\system32\gameux.dll,-10061 = "Spider Solitaire" | C:\Windows\system32\SearchProtocolHost.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}\InProcServer32\ = "C:\\Program Files\\Notepad++\\contextMenu\\NppShell.dll" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_Classes\Local Settings | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = 00000000ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shell\ANotepad++64\ = "Notepad++ Context menu" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}\ = "notepad++" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = 00000000ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 = 58003100000000006d59fc0610004e4f544550417e310000400008000400efbe6d59fc066d59fc062a000000bbcc01000000040000000000000000000000000000004e006f00740065007000610064002b002b00000018000000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\NodeSlot = "1" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 = 88003100000000006d59fc06110050524f4752417e310000700008000400efbeee3a851a6d59fc062a0000003c000000000001000000000000000000460000000000500072006f006700720061006d002000460069006c0065007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370038003100000018000000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\MRUListEx = ffffffff | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shell\ANotepad++64\NeverDefault | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}\InProcServer32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}\InProcServer32\ThreadingModel = "Apartment" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\*\shell\ANotepad++64 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shell\ANotepad++64\ExplorerCommandHandler = "{B298D29A-A6ED-11DE-BA8C-A68E55D89593}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Notepad++\notepad++.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files\Notepad++\notepad++.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\Notepad.exe | N/A |
| N/A | N/A | C:\Windows\System32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\System32\NOTEPAD.EXE | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mstsc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mstsc.exe | N/A |
| N/A | N/A | C:\Program Files\Notepad++\notepad++.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://piratebay.party"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://piratebay.party
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.0.1086455560\971022385" -parentBuildID 20221007134813 -prefsHandle 1244 -prefMapHandle 1240 -prefsLen 20847 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9594e3d-8ecf-430b-9fae-2b473bb2f86d} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 1340 110d7158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.1.566698949\729813961" -parentBuildID 20221007134813 -prefsHandle 1544 -prefMapHandle 1540 -prefsLen 21708 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b436b0c4-7149-42e1-824c-9e577f68d20e} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 1556 fdec258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.2.2661361\223243287" -childID 1 -isForBrowser -prefsHandle 1976 -prefMapHandle 1972 -prefsLen 21746 -prefMapSize 233444 -jsInitHandle 640 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b92bd7a-a0e9-4f1f-92b5-77ef79dd091d} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 1988 1105cb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.3.335219292\329330096" -childID 2 -isForBrowser -prefsHandle 2876 -prefMapHandle 2872 -prefsLen 26216 -prefMapSize 233444 -jsInitHandle 640 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e75443b0-1b47-400e-b1e4-decba7185568} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 2888 1d5a0058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.4.133927465\2003691797" -childID 3 -isForBrowser -prefsHandle 3800 -prefMapHandle 3788 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 640 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {810bab93-fc0c-4c70-bc20-e184a817721e} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 3812 20375558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.5.2096944836\1871670744" -childID 4 -isForBrowser -prefsHandle 3924 -prefMapHandle 3928 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 640 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {34d35638-a879-4a20-96b8-8c485f39e500} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 3916 20376a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2468.6.847416861\445357757" -childID 5 -isForBrowser -prefsHandle 4084 -prefMapHandle 4088 -prefsLen 26450 -prefMapSize 233444 -jsInitHandle 640 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc0b0314-fdbd-4d8a-9fe3-c86ec68dc179} 2468 "\\.\pipe\gecko-crash-server-pipe.2468" 4072 20376d58 tab
C:\Windows\system32\mstsc.exe
"C:\Windows\system32\mstsc.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.0.88967125\191519761" -parentBuildID 20221007134813 -prefsHandle 1216 -prefMapHandle 1208 -prefsLen 20971 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2d1cd6f-68bf-4330-a805-28b09500e37e} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 1280 120d5e58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.1.1544326306\710591159" -parentBuildID 20221007134813 -prefsHandle 1460 -prefMapHandle 1456 -prefsLen 21052 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {50fa68c5-b540-4aff-8b3b-de9fe80f6f54} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 1488 d72e58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.2.904992609\814283340" -childID 1 -isForBrowser -prefsHandle 1716 -prefMapHandle 1824 -prefsLen 21155 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {11f1a32d-5d69-4dc6-8a58-bb1995da519c} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 1800 1a434b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.3.1261051780\1742306131" -childID 2 -isForBrowser -prefsHandle 664 -prefMapHandle 2436 -prefsLen 26340 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13483feb-c4ca-414a-95b2-dd68364f52ea} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 1648 d70d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.4.1834441877\1748555584" -childID 3 -isForBrowser -prefsHandle 2624 -prefMapHandle 2620 -prefsLen 26340 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b89d0a0e-c73a-4ab0-a234-3889917c130f} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 2636 d68458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.5.215279055\1713128763" -childID 4 -isForBrowser -prefsHandle 3320 -prefMapHandle 3328 -prefsLen 26340 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e784a67-684c-4dcf-a745-1258639bf087} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 3140 1dd9f758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.6.908605632\1022177361" -childID 5 -isForBrowser -prefsHandle 3396 -prefMapHandle 3452 -prefsLen 26340 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9c05e4fb-cfb5-4e4e-ac1c-fe92a5080f4e} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 3440 1dd9e858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.7.2049485249\2122971855" -childID 6 -isForBrowser -prefsHandle 3640 -prefMapHandle 3644 -prefsLen 26340 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bda7fedd-aa12-459f-aa56-f938b480586c} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 3632 2098f258 tab
C:\Windows\system32\StikyNot.exe
"C:\Windows\system32\StikyNot.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.8.459117429\1582909260" -childID 7 -isForBrowser -prefsHandle 4232 -prefMapHandle 4236 -prefsLen 27296 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e2b99a1c-9146-450c-b2a5-7d8e4503e344} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 4184 223e1c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.9.251194684\506990609" -childID 8 -isForBrowser -prefsHandle 4512 -prefMapHandle 4504 -prefsLen 27296 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a83d8bb-7682-4062-8e2e-33d76d11a30b} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 4524 21f92558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.10.135676142\435956800" -childID 9 -isForBrowser -prefsHandle 4736 -prefMapHandle 4764 -prefsLen 27305 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8e3f5179-5614-4a6e-8373-31e158247398} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 8756 11a88258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.11.831781526\1274227373" -childID 10 -isForBrowser -prefsHandle 8660 -prefMapHandle 8656 -prefsLen 27305 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9cb45813-1fb9-459d-a91c-53f7ee5939aa} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 8672 11a89a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2376.12.1549466770\547913998" -childID 11 -isForBrowser -prefsHandle 8488 -prefMapHandle 8484 -prefsLen 27305 -prefMapSize 233496 -jsInitHandle 860 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6b945c0-ece1-4ab3-a09e-cbe8cdc264f6} 2376 "\\.\pipe\gecko-crash-server-pipe.2376" 8500 11a88b58 tab
C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe
"C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Notepad++\contextMenu\NppShell.dll"
C:\Windows\explorer.exe
"C:\Windows\explorer.exe" "C:\Program Files\Notepad++\notepad++.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Program Files\Notepad++\notepad++.exe
"C:\Program Files\Notepad++\notepad++.exe"
C:\Program Files\Notepad++\updater\gup.exe
"C:\Program Files\Notepad++\updater\gup.exe" -v8.6 -px64
C:\Program Files\Notepad++\notepad++.exe
"C:\Program Files\Notepad++\notepad++.exe" "C:\Program Files\Notepad++\change.log"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x48c
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\SearchProtocolHost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\Notepad.exe
"C:\Windows\System32\Notepad.exe" C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.0.2090348029\1467089401" -parentBuildID 20221007134813 -prefsHandle 1092 -prefMapHandle 1088 -prefsLen 21678 -prefMapSize 233932 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2cd3a5c1-4108-4995-aaab-3d77bc62f1d5} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 1192 effc658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.1.569024585\408515766" -parentBuildID 20221007134813 -prefsHandle 1332 -prefMapHandle 1328 -prefsLen 21723 -prefMapSize 233932 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14d33572-4bfc-42a9-858f-06b141a2b23a} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 1348 de1e58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.2.1745812482\188502048" -childID 1 -isForBrowser -prefsHandle 1956 -prefMapHandle 2056 -prefsLen 22184 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e13d897-de5e-469d-b326-66df3ae674e1} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 1920 1a948558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.3.619048378\492041106" -childID 2 -isForBrowser -prefsHandle 2620 -prefMapHandle 2616 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8cee7c44-3a2c-4929-be6c-60db452e271c} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 2632 d62b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.4.684460769\1032188564" -childID 3 -isForBrowser -prefsHandle 2780 -prefMapHandle 2776 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {84afbf18-f3e1-45ab-908d-2f823e414fac} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 2792 1c9b4258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.5.1690294923\216887735" -childID 4 -isForBrowser -prefsHandle 3284 -prefMapHandle 3332 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5e545ae-0aaf-4131-815c-29bc8790707d} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 3268 1e681358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.6.259335750\169328674" -childID 5 -isForBrowser -prefsHandle 3520 -prefMapHandle 3524 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43d43935-8212-4ecf-90db-e02930aaeff6} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 3512 1e886758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.7.1353354132\631464036" -childID 6 -isForBrowser -prefsHandle 3700 -prefMapHandle 3704 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56f6b750-2330-4587-9392-009f1469d4c0} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 3692 1e888b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.8.1770561539\457515866" -childID 7 -isForBrowser -prefsHandle 4104 -prefMapHandle 4012 -prefsLen 27369 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fbeece68-7bcf-4dc8-9f15-b303cadd9365} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 4008 2241cb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.9.965285572\438084942" -childID 8 -isForBrowser -prefsHandle 4428 -prefMapHandle 4424 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c20ee89-a575-4dbe-b8bc-11ba9c3fe8da} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 4436 1c7b8b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.10.1355858637\876054006" -childID 9 -isForBrowser -prefsHandle 8588 -prefMapHandle 8592 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d17ee203-16a3-432a-9144-c304ec344f60} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8576 2231bb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.11.864370430\1360209209" -childID 10 -isForBrowser -prefsHandle 8232 -prefMapHandle 8236 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8dcb1f05-2e5d-4308-8b10-49f8dbc346d8} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8220 231a6458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.12.1386274107\1521114415" -childID 11 -isForBrowser -prefsHandle 8496 -prefMapHandle 8552 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {23110408-3ce6-496b-a2f0-038675bb2466} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8500 23c69558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.13.1424134082\1121156135" -childID 12 -isForBrowser -prefsHandle 8004 -prefMapHandle 8000 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdb57ad7-423c-4d81-8004-35cd9a3fc8da} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8440 23f91258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.14.312030758\951020460" -childID 13 -isForBrowser -prefsHandle 8104 -prefMapHandle 7848 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1346ef5-33ec-42e5-917f-edba3abeb8c9} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7828 221f5258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.15.364163460\404767121" -childID 14 -isForBrowser -prefsHandle 7684 -prefMapHandle 7828 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {897d14de-9cb5-4153-8db3-164436abba52} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7696 245b7358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.16.211659354\922513505" -childID 15 -isForBrowser -prefsHandle 7512 -prefMapHandle 7508 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ac69545-1b08-4a7c-985d-0c3a100a1e3e} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7520 246b5058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.17.1900403366\86981596" -childID 16 -isForBrowser -prefsHandle 4048 -prefMapHandle 7540 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {979a6b61-fc63-42c9-be6d-8e9968ecbf5f} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7412 246b5958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.18.773485410\1974809133" -childID 17 -isForBrowser -prefsHandle 7172 -prefMapHandle 7164 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6f0185b-ae19-4bf1-86d8-ff1576dad28d} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7184 241c1358 tab
C:\Windows\system32\SearchProtocolHost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.19.596941209\546693312" -childID 18 -isForBrowser -prefsHandle 8008 -prefMapHandle 8228 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ef3be36-9ad4-4106-b175-b36de0e8e7b6} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7248 25a13b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.20.1903715005\777626573" -childID 19 -isForBrowser -prefsHandle 8104 -prefMapHandle 7848 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ea2c9a0-3b1e-4d3a-9061-5b9a3b3c4bcf} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 7660 25b49c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.21.1578483518\283167136" -childID 20 -isForBrowser -prefsHandle 6980 -prefMapHandle 7056 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {70f2cc60-4196-4ebb-9a6d-7efac2170d0a} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6968 25868558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.22.80143726\1702150303" -childID 21 -isForBrowser -prefsHandle 6704 -prefMapHandle 6700 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5edfa56f-fb97-41b4-9047-a885e56ad156} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6716 2586a058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.23.459607235\1168363995" -childID 22 -isForBrowser -prefsHandle 6888 -prefMapHandle 6884 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd3e025a-f92a-40a8-8544-1ca32e9b6164} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6612 25dadd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.24.145391528\906915155" -childID 23 -isForBrowser -prefsHandle 6296 -prefMapHandle 6636 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b1c07c6-a235-472b-90a6-46081c499aad} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6284 27748b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.25.1050999202\962228889" -childID 24 -isForBrowser -prefsHandle 6176 -prefMapHandle 6172 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e92ec3fb-fdf5-42b9-8ef1-32f761621f40} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6188 27749158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.26.718415045\528966118" -childID 25 -isForBrowser -prefsHandle 5992 -prefMapHandle 5988 -prefsLen 27378 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eccc606f-6ac3-4d49-b045-ed5d9f337bba} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 6004 2774bb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.27.1163860589\1577204300" -childID 26 -isForBrowser -prefsHandle 6672 -prefMapHandle 8324 -prefsLen 27387 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8bad3732-572d-4fd4-9a7f-31496470fac7} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8180 23f6de58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.28.1112665310\1036515396" -childID 27 -isForBrowser -prefsHandle 4604 -prefMapHandle 4608 -prefsLen 27387 -prefMapSize 233932 -jsInitHandle 688 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {305f0726-a2bd-4038-8c15-0e904fc057f1} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 8592 23f6d258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.29.1206847427\1794480305" -parentBuildID 20221007134813 -prefsHandle 8224 -prefMapHandle 6888 -prefsLen 27445 -prefMapSize 233932 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56586a82-3722-4564-8977-cb9d4fae6541} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 1348 2333e858 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3740.30.1847281518\1921433826" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 8348 -prefMapHandle 8184 -prefsLen 27445 -prefMapSize 233932 -appDir "C:\Program Files\Mozilla Firefox\browser" - {babeb301-090e-4509-9b49-f19b5224230c} 3740 "\\.\pipe\gecko-crash-server-pipe.3740" 3336 29b9ba58 utility
C:\Windows\system32\SearchProtocolHost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Desktop\BSOD.bat" "
C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Desktop\BSOD.bat" "
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\Desktop\BSOD.bat"
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\BSOD.bat
C:\Windows\system32\SearchProtocolHost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\SearchFilterHost.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Desktop\BSOD.bat" "
C:\Windows\system32\cmd.exe
cmd
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\BSOD.bat
C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Desktop\BSOD.bat" "
C:\Windows\system32\cmd.exe
cmd
C:\Windows\system32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {9E175B8B-F52A-11D8-B9A5-505054503030} /I {0C733A8A-2A1C-11CE-ADE5-00AA0044773D} /X 0x401
C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
"C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe"
C:\Windows\system32\cmd.exe
cmd /c ""C:\Users\Admin\Desktop\BSOD.bat" "
C:\Windows\system32\cmd.exe
cmd
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\RETROTECHANTIVIRUS.vbs"
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49187 | tcp | |
| US | 8.8.8.8:53 | piratebay.party | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 104.21.14.160:443 | piratebay.party | tcp |
| US | 8.8.8.8:53 | piratebay.party | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | piratebay.party | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 104.21.14.160:443 | piratebay.party | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:49194 | tcp | |
| US | 107.125.168.41:3389 | tcp | |
| N/A | 127.0.0.1:49401 | tcp | |
| N/A | 127.0.0.1:49416 | tcp | |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| DE | 23.55.161.211:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigl6nsd.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigl6nsd.gvt1.com | udp |
| GB | 74.125.105.41:443 | r4.sn-aigl6nsd.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigl6nsd.gvt1.com | udp |
| GB | 74.125.105.41:443 | r4.sn-aigl6nsd.gvt1.com | udp |
| US | 8.8.8.8:53 | ac.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | ac.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | notepad-plus-plus.org | udp |
| GB | 91.108.103.126:443 | notepad-plus-plus.org | tcp |
| US | 8.8.8.8:53 | notepad-plus-plus.org | udp |
| US | 8.8.8.8:53 | notepad-plus-plus.org | udp |
| GB | 91.108.103.126:443 | notepad-plus-plus.org | udp |
| US | 8.8.8.8:53 | cdn.carbonads.com | udp |
| US | 8.8.8.8:53 | d2w5yq7htjp2h0.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2w5yq7htjp2h0.cloudfront.net | udp |
| FR | 18.245.175.95:443 | d2w5yq7htjp2h0.cloudfront.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | srv.carbonads.net | udp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| BE | 142.250.110.155:443 | stats.g.doubleclick.net | tcp |
| BE | 142.250.110.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | ovh.commander1.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | segment.prod.bidr.io | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ovh.commander1.com | udp |
| FR | 141.94.2.147:443 | ovh.commander1.com | tcp |
| US | 8.8.8.8:53 | segment.prod.bidr.io | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ovh.commander1.com | udp |
| US | 8.8.8.8:53 | segment.prod.bidr.io | udp |
| IE | 34.252.216.250:443 | segment.prod.bidr.io | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | m.servedby-buysellads.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| FR | 52.222.201.35:443 | m.servedby-buysellads.com | tcp |
| US | 8.8.8.8:53 | d2yy6p64xsttp1.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2yy6p64xsttp1.cloudfront.net | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 216.58.204.78:443 | www3.l.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 216.58.204.78:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | notepad-plus-plus.org | udp |
| GB | 89.116.109.212:443 | notepad-plus-plus.org | tcp |
| N/A | 127.0.0.1:50627 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| N/A | 127.0.0.1:51237 | tcp | |
| N/A | 127.0.0.1:51240 | tcp | |
| US | 8.8.8.8:53 | ac.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 151.101.193.91:443 | www.wikihow.com | tcp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 151.101.193.91:443 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| FR | 18.245.199.62:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.212.193:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.212.193:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 216.58.212.193:443 | googlehosted.l.googleusercontent.com | udp |
| FR | 18.245.199.62:443 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 104.22.60.119:443 | edge.aditude.io | tcp |
| US | 8.8.8.8:53 | geo-location.prebid.cloud | udp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 104.22.60.119:443 | raven-edge.aditude.io | tcp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.22.35.123:443 | static.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| FR | 52.222.201.64:443 | geo-location.prebid.cloud | tcp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 8.8.8.8:53 | geo-location.prebid.cloud | udp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 8.8.8.8:53 | geo-location.prebid.cloud | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| US | 104.22.61.119:443 | raven-static.aditude.io | tcp |
| FR | 52.222.201.64:443 | geo-location.prebid.cloud | udp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| FR | 52.222.169.106:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | production-raven.infra.aditude.cloud | udp |
| US | 8.8.8.8:53 | production-raven.infra.aditude.cloud | udp |
| FR | 13.32.145.19:443 | production-raven.infra.aditude.cloud | tcp |
| US | 8.8.8.8:53 | production-raven.infra.aditude.cloud | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www-alv.google-analytics.com | udp |
| US | 8.8.8.8:53 | www-alv.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | gtrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | track.kueezrtb.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 172.67.21.232:443 | track.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | track.kueezrtb.com | udp |
| FR | 52.222.201.64:443 | geo-location.prebid.cloud | udp |
| US | 104.22.34.123:443 | track.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | gtrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | track.kueezrtb.com | udp |
| US | 8.8.8.8:53 | gtrack.kueezrtb.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | otrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 104.22.34.123:443 | u.kueezrtb.com | tcp |
| US | 104.22.34.123:443 | u.kueezrtb.com | tcp |
| US | 104.22.34.123:443 | u.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | otrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 104.22.34.123:443 | u.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | otrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 216.58.201.110:443 | www3.l.google.com | udp |
| GB | 216.58.201.110:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | sync.kueezrtb.com | udp |
| US | 8.8.8.8:53 | hj5ozcalb.puzztake.com | udp |
| US | 67.207.80.131:443 | sync.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | hj5ozcalb.puzztake.com | udp |
| US | 67.207.80.131:443 | sync.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 131.153.232.245:443 | event-ingestor.judy.pnap.aditude.cloud | tcp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| FR | 18.155.129.56:443 | tags.crwdcntrl.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| IE | 18.202.187.23:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | esp.rtbhouse.com | udp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | tcp |
| US | 8.8.8.8:53 | esp.rtbhouse.com | udp |
| US | 8.8.8.8:53 | esp.rtbhouse.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | udp |
| NL | 185.235.87.76:443 | gbc2.nl3.eu.criteo.com | tcp |
| NL | 185.235.87.237:443 | gbc8.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| FR | 18.245.194.122:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| DE | 141.95.33.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| FR | 52.84.174.6:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| FR | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| IE | 52.209.74.102:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 52.209.74.102:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| IE | 52.209.74.102:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 52.209.74.102:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| IE | 52.209.74.102:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| IE | 52.209.74.102:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| IE | 52.95.122.74:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| GB | 185.64.190.77:443 | hbopenbid-lhrc.pubmnet.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| DE | 18.157.230.4:443 | eu-tlx.3lift.com | tcp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| IE | 52.208.115.97:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| GB | 104.78.175.230:443 | e4536.g.akamaiedge.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 18.157.230.4:443 | eu-tlx.3lift.com | tcp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| IE | 52.208.115.97:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| IE | 52.208.115.97:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 882712333f200f053f68b9b9ebc711c8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.212.193:443 | 882712333f200f053f68b9b9ebc711c8.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | lg3-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| GB | 2.18.190.70:443 | lg3-a.akamaihd.net | tcp |
| GB | 2.18.190.70:443 | lg3-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | a1830.d.akamai.net | udp |
| GB | 2.19.161.18:443 | c.pm-serv.co | tcp |
| GB | 2.19.161.18:443 | c.pm-serv.co | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 2.23.220.28:443 | hblg.media.net | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | a1830.d.akamai.net | udp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 2.23.220.28:443 | hblg.media.net | tcp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | a1831.casalemedia.com | udp |
| US | 8.8.8.8:53 | k8s1-event-tracker-am.lb.indexww.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| NL | 185.80.36.156:443 | k8s1-event-tracker-am.lb.indexww.com | tcp |
| IE | 54.73.182.240:443 | pn.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | a1831.casalemedia.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | k8s1-am-ext-haproxy.lb.indexww.com | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | a1831.casalemedia.com | udp |
| US | 8.8.8.8:53 | k8s1-am-ext-haproxy.lb.indexww.com | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| GB | 92.123.240.21:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | a716.casalemedia.com | udp |
| US | 8.8.8.8:53 | a716.casalemedia.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| GB | 87.248.114.12:443 | s.yimg.com | tcp |
| JP | 180.222.119.248:443 | cdn.js7k.com | tcp |
| GB | 87.248.114.12:443 | s.yimg.com | tcp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| GB | 2.19.161.18:443 | e96626.d.akamaiedge.net | udp |
| JP | 180.222.119.248:443 | cdn.js7k.com | tcp |
| GB | 2.23.220.28:443 | warp.media.net | tcp |
| JP | 180.222.119.248:443 | cdn.js7k.com | tcp |
| US | 8.8.8.8:53 | l.pm-serv.co | udp |
| GB | 2.19.161.5:443 | l.pm-serv.co | tcp |
| GB | 2.19.161.5:443 | l.pm-serv.co | tcp |
| CA | 85.91.47.87:443 | a716.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 34.204.112.203:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| CA | 85.91.47.102:443 | a1831.casalemedia.com | tcp |
| US | 34.204.112.203:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| FR | 18.245.175.80:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | media.amazon.map.fastly.net | udp |
| US | 151.101.129.16:443 | media.amazon.map.fastly.net | tcp |
| US | 151.101.129.16:443 | media.amazon.map.fastly.net | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | media.amazon.map.fastly.net | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 151.101.129.16:443 | media.amazon.map.fastly.net | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| FR | 13.32.145.83:443 | aan.amazon.co.uk | tcp |
| FR | 13.32.145.83:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | d1hutihgtrd049.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1hutihgtrd049.cloudfront.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | wikihow-d.openx.net | udp |
| US | 35.244.159.8:443 | wikihow-d.openx.net | tcp |
| GB | 2.18.190.69:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 35.244.159.8:443 | wikihow-d.openx.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | wikihow-d.openx.net | udp |
| US | 8.8.8.8:53 | a1579.d.akamai.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | wikihow-d.openx.net | udp |
| GB | 18.172.88.93:443 | static.adsafeprotected.com | tcp |
| GB | 18.172.88.93:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | a1579.d.akamai.net | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| US | 151.101.129.16:443 | media.amazon.map.fastly.net | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| IE | 52.16.65.27:443 | match.prod.bidr.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | in-ftd-104.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | in-ftd-104.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| IE | 3.253.167.114:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 34.197.129.209:443 | dt-external-217593033.us-east-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| ES | 51.92.114.109:443 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | tcp |
| ES | 51.92.114.109:443 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | tcp |
| FR | 3.164.163.26:443 | d5je4of8ee8uu.cloudfront.net | tcp |
| FR | 3.164.163.26:443 | d5je4of8ee8uu.cloudfront.net | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 34.197.129.209:443 | dt-external-217593033.us-east-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 34.197.129.209:443 | dt-external-217593033.us-east-1.elb.amazonaws.com | tcp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| US | 8.8.8.8:53 | cat.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cat.fr3.vip.prod.criteo.com | udp |
| GB | 2.19.117.36:443 | qsearch-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | a267.g.akamai.net | udp |
| GB | 2.19.117.36:443 | a267.g.akamai.net | tcp |
| US | 8.8.8.8:53 | cat.fr3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | a267.g.akamai.net | udp |
| US | 8.8.8.8:53 | imageproxy.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.nl3.vip.prod.criteo.net | udp |
| NL | 178.250.1.15:443 | imageproxy.nl3.vip.prod.criteo.net | tcp |
| FR | 178.250.7.9:443 | cat.fr3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 54.92.163.206:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 151.101.193.91:443 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | l.pm-serv.co | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| GB | 2.19.161.5:443 | e96626.d.akamaiedge.net | tcp |
| US | 131.153.232.245:443 | event-ingestor.judy.pnap.aditude.cloud | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | lg3-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 92.123.240.21:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | a1830.d.akamai.net | udp |
| GB | 2.18.190.70:443 | a1830.d.akamai.net | tcp |
| GB | 2.19.161.18:443 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | l.pm-serv.co | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | n.pm-serv.co | udp |
| US | 8.8.8.8:53 | n.pm-serv.co | udp |
| US | 34.160.55.127:443 | n.pm-serv.co | tcp |
| US | 8.8.8.8:53 | n.pm-serv.co | udp |
| US | 34.160.55.127:443 | n.pm-serv.co | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | a1845.casalemedia.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | ie1-bid.adsrvr.org | udp |
| US | 8.8.8.8:53 | choices.truste.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ie1-bid.adsrvr.org | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | a1845.casalemedia.com | udp |
| FR | 18.164.52.111:443 | choices.truste.com | tcp |
| GB | 216.58.204.66:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | ie1-bid.adsrvr.org | udp |
| US | 8.8.8.8:53 | choices.truste.com | udp |
| US | 8.8.8.8:53 | a1845.casalemedia.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | choices.truste.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| CA | 85.91.47.116:443 | a1845.casalemedia.com | tcp |
| US | 35.71.170.66:443 | ie1-bid.adsrvr.org | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 142.250.200.38:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 142.250.200.38:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.bannerflow.net | udp |
| US | 104.17.46.71:443 | c.bannerflow.net | tcp |
| US | 8.8.8.8:53 | c.bannerflow.net | udp |
| US | 8.8.8.8:53 | c.bannerflow.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| NL | 185.89.211.84:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | aam.a47b.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| FR | 3.165.136.81:443 | choices.trustarc.com | tcp |
| FR | 3.165.136.81:443 | choices.trustarc.com | tcp |
| FR | 3.165.136.81:443 | choices.trustarc.com | tcp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 54.71.35.95:443 | pixel.adsafeprotected.com | tcp |
| IE | 18.203.104.172:443 | on-device.com | tcp |
| IE | 54.247.151.97:443 | aam.a47b.com | tcp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | firewall-external-1941599784.us-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | firewall-external-1941599784.us-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | am-api-app-1554730937.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | am-api-app-1554730937.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | c.cintnetworks.com | udp |
| GB | 51.140.146.131:443 | c.cintnetworks.com | tcp |
| US | 8.8.8.8:53 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| IE | 52.49.143.245:443 | a.a47b.com | tcp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| US | 54.85.117.182:443 | fw.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 54.92.163.206:443 | dt.adsafeprotected.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| US | 8.8.8.8:53 | e4751.b.akamaiedge.net | udp |
| GB | 92.123.240.200:443 | e4751.b.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | e4751.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | ajs-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | d3f1y6rso5ozvw.cloudfront.net | udp |
| FR | 52.84.174.120:443 | d3f1y6rso5ozvw.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d3f1y6rso5ozvw.cloudfront.net | udp |
| US | 8.8.8.8:53 | agen-assets.ftstatic.com | udp |
| FR | 18.155.129.67:443 | agen-assets.ftstatic.com | tcp |
| US | 8.8.8.8:53 | d1dvhck2p605dz.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1dvhck2p605dz.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| US | 8.8.8.8:53 | d3fxn7cse5tdjr.cloudfront.net | udp |
| FR | 52.222.169.4:443 | d3fxn7cse5tdjr.cloudfront.net | tcp |
| FR | 52.222.169.4:443 | d3fxn7cse5tdjr.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d3fxn7cse5tdjr.cloudfront.net | udp |
| US | 8.8.8.8:53 | ad-events.flashtalking.com | udp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| GB | 18.169.60.99:443 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| GB | 18.169.60.99:443 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | l.pm-serv.co | udp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| FR | 52.222.194.212:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| FR | 13.32.145.82:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| IE | 3.254.236.24:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| ES | 51.92.37.70:443 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 216.58.204.78:443 | plus.l.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 216.58.204.78:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 172.217.218.84:443 | accounts.google.com | tcp |
| NL | 172.217.218.84:443 | accounts.google.com | udp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 131.153.232.245:443 | event-ingestor.judy.pnap.aditude.cloud | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| FR | 18.245.177.205:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| FR | 18.245.177.205:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | d1hutihgtrd049.cloudfront.net | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| IE | 3.254.239.69:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 151.101.193.91:443 | n.sni.global.fastly.net | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | aam.a47b.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 151.101.65.108:443 | prod.appnexus.map.fastly.net | tcp |
| US | 8.8.8.8:53 | am-api-app-1554730937.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| IE | 34.246.206.127:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | a1579.d.akamai.net | udp |
| US | 8.8.8.8:53 | c.cintnetworks.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | udp |
| GB | 51.140.146.131:443 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| GB | 2.18.190.71:443 | acdn.adnxs.com | tcp |
| GB | 18.172.88.93:443 | d162h6x3rxav67.cloudfront.net | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| US | 34.237.172.62:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | e4751.b.akamaiedge.net | udp |
| GB | 92.123.240.200:443 | e4751.b.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | ajs-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | d3f1y6rso5ozvw.cloudfront.net | udp |
| US | 8.8.8.8:53 | agen-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | d1dvhck2p605dz.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-events.flashtalking.com | udp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | e1486.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e1486.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | tcp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| IE | 54.73.182.240:443 | ds-pn-final.ybp.gysm.yahoodns.net | tcp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| GB | 87.248.114.12:443 | edge.gycpi.b.yahoodns.net | tcp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 185.89.210.244:443 | ams3-ib.adnxs.com | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | nrb.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | ds-nrb.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | ds-nrb.ybp.gysm.yahoodns.net | udp |
| IE | 63.34.2.26:443 | ds-nrb.ybp.gysm.yahoodns.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | 882712333f200f053f68b9b9ebc711c8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | aam.a47b.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| IE | 34.246.206.127:443 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | am-api-app-1554730937.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | c.cintnetworks.com | udp |
| US | 8.8.8.8:53 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | udp |
| GB | 2.18.190.71:443 | acdn.adnxs.com | tcp |
| GB | 92.123.242.2:443 | e8960.b.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a1579.d.akamai.net | udp |
| US | 151.101.193.108:443 | prod.appnexus.map.fastly.net | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| US | 8.8.8.8:53 | e4751.b.akamaiedge.net | udp |
| FR | 52.84.174.120:443 | d3f1y6rso5ozvw.cloudfront.net | tcp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| US | 8.8.8.8:53 | e1486.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| GB | 87.248.114.11:443 | edge.gycpi.b.yahoodns.net | tcp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| IE | 52.51.190.123:443 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | aam.a47b.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | am-api-app-1554730937.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | on-device.com | udp |
| US | 8.8.8.8:53 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| US | 8.8.8.8:53 | c.cintnetworks.com | udp |
| US | 8.8.8.8:53 | waws-prod-ln1-031.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 151.101.193.108:443 | prod.appnexus.map.fastly.net | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| US | 8.8.8.8:53 | ajs-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | e4751.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | d3f1y6rso5ozvw.cloudfront.net | udp |
| US | 8.8.8.8:53 | agen-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | d1dvhck2p605dz.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| US | 8.8.8.8:53 | ad-events.flashtalking.com | udp |
| US | 8.8.8.8:53 | d3fxn7cse5tdjr.cloudfront.net | udp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | nrb.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | ds-nrb.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| FR | 18.245.193.37:443 | m.media-amazon.com | udp |
| FR | 18.245.193.37:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| IE | 3.253.181.25:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| ES | 51.92.37.70:443 | www.btd-zaz.tq-tungsten.com | tcp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IE | 67.220.228.203:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | ds-pn-final.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
| US | 151.101.193.91:443 | n.sni.global.fastly.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| GB | 2.23.220.28:443 | hblg.media.net | tcp |
| US | 8.8.8.8:53 | e96626.d.akamaiedge.net | udp |
| GB | 2.19.161.5:443 | e96626.d.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 151.101.193.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 18.244.28.84:443 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | edge.gycpi.b.yahoodns.net | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 18.172.88.93:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | a47b-collector-eu-alb-1031015564.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 3.72.6.211:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| US | 8.8.8.8:53 | ds-nrb.ybp.gysm.yahoodns.net | udp |
| GB | 216.58.212.193:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | dt-external-217593033.us-east-1.elb.amazonaws.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | a.a47b.com | udp |
| US | 8.8.8.8:53 | tag.researchnow.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d1d95dev3v7dza.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1d95dev3v7dza.cloudfront.net | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| GB | 142.250.200.38:443 | s0.2mdn.net | udp |
| GB | 142.250.200.38:443 | s0.2mdn.net | udp |
| GB | 23.219.196.188:443 | e6603.g.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.bannerflow.net | udp |
| US | 8.8.8.8:53 | c.bannerflow.net | udp |
| GB | 54.230.10.106:443 | d1d95dev3v7dza.cloudfront.net | tcp |
| US | 54.208.247.2:443 | firewall-external-1524972847.us-east-1.elb.amazonaws.com | tcp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| NL | 185.89.211.84:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 178.250.1.57:443 | in-ftd-104.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| GB | 2.19.117.31:443 | a1994.dscr.akamai.net | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| GB | 2.19.117.31:443 | a1994.dscr.akamai.net | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1hutihgtrd049.cloudfront.net | udp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| FR | 18.245.175.80:443 | d21t3ooy68jlh9.cloudfront.net | tcp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 3.253.167.114:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| ES | 51.92.37.70:443 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | www.btd-zaz.tq-tungsten.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adsqtungstenntdservice-prod-b5647ca7634e5610.elb.eu-south-2.amazonaws.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | www.wikihow.com | udp |
| US | 151.101.193.91:443 | www.wikihow.com | udp |
| US | 8.8.8.8:53 | n.sni.global.fastly.net | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 9c8f8aafe7b418eb341de4cf9f2151d3 |
| SHA1 | 37d69d7e822c1ee632c1505da28f4262ee8a53b6 |
| SHA256 | 90d0b2312de7e06396c6196b9ad128decf7f3bf6eb4b6310c7fd17733d882d9e |
| SHA512 | 62df17d2cfa38c349869037babc3f5345ff67282ddf092450517e4eae78487c7be0752eeb0f472cc2e2f16a36470cb60174e60ead042971bbf3d5fa73149f1e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\pending_pings\a16a3069-a1e0-46ac-8d9d-c64b94bac3d0
| MD5 | a92e3125185193be9974653d074d351a |
| SHA1 | 34c787dd43242d17592923bb0e353e7cfeecaeef |
| SHA256 | 58e6ba12a1eabf058bfbb7f97a1270db286988402e69ba44d2f202061f21e9ec |
| SHA512 | c86e30833051d8b473b1c2b12c38374c644f62e95014cdce3959eb740ca9aa6c43bedf43343b6c5ef86b78d185676204a0731a3cb0dc20debc27aec189ea1bae |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 70441f2b5a679ad3a25e7ffa560080e8 |
| SHA1 | dc7c3c1447bf77c29a7ef8265e9f1e36eb6dd010 |
| SHA256 | ce0a26240447eda5df88d9277a390631d31c6c743f395df21efd6e3d6bf44cc3 |
| SHA512 | fe984b6bb1f336091e1c1e46733fe739fce0163f6eea8eaaf1d70d7c8701fe29ac0f56429c1989714554495b95a344b3801daf63b633528c8581048029ce3278 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | f99b4984bd93547ff4ab09d35b9ed6d5 |
| SHA1 | 73bf4d313cb094bb6ead04460da9547106794007 |
| SHA256 | 402571262fd1f6dca336f822ceb0ec2a368a25dfe2f4bfa13b45c983e88b6069 |
| SHA512 | cd0ed84a24d3faae94290aca1b5ef65eef4cfba8a983da9f88ee3268fc611484a72bd44ca0947c0ca8de174619debae4604e15e4b2c364e636424ba1d37e1759 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs.js
| MD5 | 5f7a9fcdcd5a3436ddfe3ef9ca3d019c |
| SHA1 | 26bf60306c026dafbf07f41288e3c6693a64cb60 |
| SHA256 | 767a2a57d6c6a104276fafa7ae876078a3df45f5e5b63378beed381c904babec |
| SHA512 | 3cc21fc0bc9dc7b30c206e96dc78594616dbff4bd09f510689a124436127e901adf1ae54e99952240a8b397fa7880beee8d1e7d4ea0143bb205657e8a627acc0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs-1.js
| MD5 | 9b8cb7afa92f4921f94a279f2456cb88 |
| SHA1 | 394be90657df67c51d005ffc3b42864ab1da5873 |
| SHA256 | e36c570803c356c3ed20c602bc4587fc8dcd9490bed1b7851085a78b97437449 |
| SHA512 | ba10fe2bf03ce4ebb93ace8a55d03a6b301ee09bac45755bfd352a99b0b33d2204e1ba5a8fa6599dd876221cf1cbd58fc657cac670157874b4de5dc5285f5e99 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore.jsonlz4
| MD5 | 2b0bb748ee75b57ada7deba26d5f662f |
| SHA1 | 064474ddbb46c1b2a429fcf9aba696f7f6929675 |
| SHA256 | 33bcfbd6a3a54765b2d96ce68b5b5089c3ef801e712ced06c3c789f63c5142dc |
| SHA512 | cad0ee8dbec62c766db43df97bb802e3077c65f8a8ae9357d336e02cf33d40e5996fdd01fa6ec3968241ad1a65e8334450318775ce2032059ee0056e1c97dbb7 |
memory/1936-198-0x0000000000410000-0x0000000000411000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs.js
| MD5 | 48098e3cd7bcac48f71acd83aaa6008b |
| SHA1 | 1df636c4d9296e52c14a14d698193f33baa4568e |
| SHA256 | 8b0cfbe4fd6486f93ccde2d6f71ab9d6ce76fef6a00f842dbbf1e11821d3f5dc |
| SHA512 | bf75544031f5900da001b87b7a70207f84664496030fc4e1dda566cb625e3c371e53abc43f84d60c7b8922520eb64fc7522dc699bd8811ad17a356ac31e3a072 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\startupCache\scriptCache-child.bin
| MD5 | ecc75f6374fe4c127eabaf6ba184bf8f |
| SHA1 | fcb9bfce7df6533dd18dc516f262b5907d08cd40 |
| SHA256 | c7d9559755cf0059c53582443c969d6293545163a3c84096d9f75170ce471315 |
| SHA512 | ff5c5dc043bf0078adf070cbe68f0d1d54102681273df6cc6ba0d01d3a067ba150edb5e00f7c9d44241a31c1478b97820b593abb4535e4452ffb455660ea49b3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\startupCache\scriptCache.bin
| MD5 | b1e9a4e342ad820d5020a1540b013081 |
| SHA1 | 2ebfdff35ac1f4819eaa468278f83870cd705ed0 |
| SHA256 | 70f356f1ee9d15f89ff7b005914bac63e2c882232fa9ce73c7ae1a06212ee20b |
| SHA512 | 7c80e89c6fea5b48fd9a885134c79ac3fe712022cdf4b3eb20d4915085bfe4a3185cae2868bd3c1b6a3cc4621bc4f27f42e00aefddec65c52535f445c5b9e610 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\xulstore.json
| MD5 | 05e1ddb4298be4c948c3ae839859c3e9 |
| SHA1 | ea9195602eeed8d06644026809e07b3ad29335e5 |
| SHA256 | 1c2c5d5211674c3c8473e0589085499471399e53e9a85d7dd3b075fef6cbb6be |
| SHA512 | 3177b48cd0c877821419d7e5eb247a4c899bc37258994f22257ceaafefb316e6f5959faae02e380e432d7752f0218d45d56d6878c1e751d201d9fdb3ff98612e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\startupCache\urlCache.bin
| MD5 | 0eb2f020c2017d53b54b827f317ec107 |
| SHA1 | a984648a62c1112a824b7bf7775937fc9d5f7101 |
| SHA256 | 34c60367d4bb4b1db0e64015dbcfd387827bf882b3e6dbc27f45c527892fda6c |
| SHA512 | 7ea327ed691957570fa36dd760123d3d0c0301d924732ede5b3782cefd373308664d0a9e01ccac8d25473d28360e0366eee8e84ced92898a408b9acc4e7ddb77 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\storage.sqlite
| MD5 | 211bfb719c89ce3c50462d94b41df70a |
| SHA1 | 8e6977982358d7835141bd159035dc418457a7bd |
| SHA256 | 4b1bf413d3ccd5063ef460424a9a84f7e7cf01d624be5e2c29496330e556d1ab |
| SHA512 | 7b99d60f7b38bdf8bcb6b2a98541e0fcf0d2e45e1aa0941244cf2e8ef7106a392fee3b7ba01eb0c26303c85d3f21d75bafb09234d59cafe80b8ee73a95694cb4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\SiteSecurityServiceState.txt
| MD5 | f4ccea5548b77f2db6ab375541ee7de4 |
| SHA1 | c54a4fed9898f5d243a232cdf84d7d883dd7046e |
| SHA256 | 708a276f48a7e92a5402790ba92157e555c7dd598340fb2140191ffba30f43b2 |
| SHA512 | 53fc437d9700b93ae1691208001f0537718c946ab13e1adee62a661f128656f1c6bb6f9d6d5fe43b94bb70dc979a8ca2a95f27659942d768f99a78f5a7513f48 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cert9.db
| MD5 | fef20ab14e22f1e17e1f1fb0bb6f8ca3 |
| SHA1 | 2e006e307200e091b92819ea4c5426c2391f8a8d |
| SHA256 | 462db86764f771845f5aff9a67f21364fa031eb2fa2e5504ecdf0958a06b6d4a |
| SHA512 | 4ddeadfa431dfcf8d01c4ada3bcbbd06bbd3c932aa8e1f60f3b40a3480ac0af1af96d480e607c74cef1390923d5026d15c7cabb3100dc13daeb7bf4578165dca |
\??\PIPE\samr
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | f66e9d159cf7151f33e8e9c46dd591b4 |
| SHA1 | 0fe7448e540c2d6ed0e4f5e2d95a80224a8c9e6d |
| SHA256 | 5950d59b00d1e757b0c8f9322f2bebf9f17887fa0da3bef0bcb44be264f16577 |
| SHA512 | eefb828577d93b860ac8f68df5a8d3f1421380b25559dfaf7783437704f4545886dc2d03f0a448e74e16ae65d6554257661f01a63728b828d8c8ed8571dbaeae |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | d6f68b26476b7c754313eff688afc9c5 |
| SHA1 | 657f61b2863d21e0eff2cbed1f40e6ff4a891060 |
| SHA256 | 964f4d2e3a4a81d31d37e93462fea0b37995b04382e7d99e55054629f46e1abf |
| SHA512 | 0b6b49e776137fd2117c54a262f94ca43f983d2aa8858045de4a083ec7560e28a62301f089c299091b25fee8f91fb922d684f57be36c9cb6e89c6c880424761b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\AlternateServices.txt
| MD5 | 8be8366d92709ab037e5e6640665af2b |
| SHA1 | c1ed29e615d89795dc24d3b1919b3e5796d576ee |
| SHA256 | ddf7b3df4bf4c0d45396002c5453cd66631878e616f3319912a92188d9963bcf |
| SHA512 | 7b41b03164c6e2681448da925942fd34cba6d3045821f416b7b51f2ab1ab2a67dd8890e7bb564a16cb27d1eb0719a5d2552e40d1aec0e5f11ea7e3e93f5c874e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\favicons.sqlite
| MD5 | 4f9a8e82d0e02c05bb61d0c7ab77666f |
| SHA1 | ebc11f5fe9e1beb02fc63b5b9e88aea14d2a9cbe |
| SHA256 | d9d8a0cf9a77ca1663205c224c03bc67cc511e6a840fcbf96adfcd757720935a |
| SHA512 | 8cc3b1fdfc23f0af0db7be0637332f03a189b3f03ae55ca9b10759bbd00f32b261f6a016a94e28a50a1f85a864e8c61385fdee3f7c37602911ed1e45a2fa42c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\places.sqlite
| MD5 | c7215c20d4333363659f2ae0df5b7761 |
| SHA1 | 69dffb63d0792d8933badce1176d32ec64fc8103 |
| SHA256 | 2b745acb00396da0c4e644d5895276246bc64413a29f4a3fac3f242d6cd44af6 |
| SHA512 | e2bdf64f9125c48b190b23b85e5f908405059b6944504ef88de7be365261ecaf2da2f98c9903db69a1d913103e21433e44138889419036f1761b3158507d9f1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 6319648273cb5bb17a212d5e5caa8cfb |
| SHA1 | 8b488283ba1aef89daa9010ee59e463639aad4da |
| SHA256 | 4109044b91f2a38c1b657d52ba81015fe7735f72298594797dfbb39c16be1b53 |
| SHA512 | 705c8e9049e878dfa5f77ca48126771b736ba8d46af22a2228af3d4db63b6778e35db8317efc39d2e1241a8efd62a9ff55eb0e49ab5244baa4f0eefb2d132c18 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\protections.sqlite
| MD5 | deeced8825e857ead7ba3784966be7be |
| SHA1 | e72a09807d97d0aeb8baedd537f2489306e25490 |
| SHA256 | b9f022442a1506e592bf51284091a8a7fe17580b165d07e70c06fd6827343a54 |
| SHA512 | 01d303232d6481af322137b44fef6c2a584f0643c48bab2836f9fe3193207015da7f7514fe338500ae4469651e3d9618293858ae507e722198a249257677099e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\events\events
| MD5 | 429df064721b3ac375334c6eac3ce59e |
| SHA1 | cc79cebf016b094ea3996481b4f98335842e1be9 |
| SHA256 | 8b2d8e61eb6836324bed848f1927e3e22a51d49595aed5fed381090d95a73a57 |
| SHA512 | 8c99464ebbc33cf4424dd46d4afd7f2f11bc3d90bc7180d1ba0fd1a4d96af3bdc231fe563be858f135eedebb6bf58063c9ab7f12864a61faa18c9ec06cb7ab2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\pending_pings\e152d15b-e355-4d85-8dd9-b86af2dc7b39
| MD5 | ec76d4299c36c1f2e16683abdafaa680 |
| SHA1 | 455c01f36d004c9f37b798a8cf9da94f1568f7a4 |
| SHA256 | ec3b449881b5a8c080efd2ecdd1b791370bc60522c4315bddc19d0f54a2bdadf |
| SHA512 | 5cb97276f7a30c6d479955390534f00276c5fba0ed105051c28dc07e2eef9c7528daa78d9836ff543ff454af84a2ed78889e94f0ec042f6554f4b11affa30959 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\pending_pings\52e2d491-7adf-4eb4-8184-311cfe151322
| MD5 | 3789a06b1ea9995cf6ae6e3769b1e1c5 |
| SHA1 | fb1e4faa3d1902fda28a990ba51cd13277c4efca |
| SHA256 | 4ebf951a76b43473e5ea7488c7095cf81c796f98d24fecca60f48c6056a947f6 |
| SHA512 | 52f79c6cb8a7c7e7e81df5838833be114afcfd02031c4d1229a87c174a97c65d09360d761cebdb6dfe723ab1881573a9769b2985c31a51153a899225528e068d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b3d0c28746dd234dd5863bbf20df671e |
| SHA1 | 45f6fd32b1b79c705a7e72ee7bb6ea61a0e59a4d |
| SHA256 | 7ed74ee6c59ed2e4d507ec7fa9b1581d27ae76482e83606db61d65dcde2cccbf |
| SHA512 | ca6d03ff1093af760a3a48eae1374d3f59d3727775d9c90617a2719937189a325e77670499b3cc6864a1f72da4c8010458195712956bf5a6d2e637f95c13de32 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs.js
| MD5 | 5a435e8c2fc88f62cd53a3f948a6236c |
| SHA1 | b8f42c2a41e2e81bd507402fd6a031d8585a727c |
| SHA256 | ab6bea03d545b02a2bbc22b3125faccfc30f285356e33f7364d6cf8bbae6ddfb |
| SHA512 | c1d7fbf5adea3650b985c5c120ae2dff744dadacb72a5c33cd35354a31b71419fb69f9a2e8d37881a44b25a84ff261491f7c847847e843789aef1ab2dd7aa828 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs-1.js
| MD5 | ba7638fc1086e252eb79598e53231716 |
| SHA1 | 340d0553314b18eaa09508dffd27a8cac4b61067 |
| SHA256 | 7c962c2d7f2c3e9997f5497026558a15ec1d5b6c744317976ce43db5422cdeec |
| SHA512 | d76b9515064dc5c790fce96f292011237e32879e0d0449c3a13b501d34a3654116164ac0e2029b8507db23b19e19fcafbe3f65eade84d3968aaf4db278a8807a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\099EB2BF8827A4F91EAB3E38B14650D0205226F2
| MD5 | 40e24e041f33e8d95ec934763c739c49 |
| SHA1 | 1851d8e3223a84511c1d022ca0deee48bd7851fc |
| SHA256 | 9d5bd89b3ad09c041815ff5986163ec5c5be89c3e0bfc48c6abb7366c2390640 |
| SHA512 | e0baccb1dd179aa6843c82450472a25edc3430cb4e218648ff8d4fa5e34db2d959bb959800b4c11dfe5b85aa1fe4acddd71ff00a5979e091edb08f998b48ba42 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\87CBA201BC852BE6B68608FDB5EF2C1266779809
| MD5 | fb6ce6eb46174146ce2a4ad91d296d36 |
| SHA1 | 07af17f486b0084383dd9d224f9f035ad424b183 |
| SHA256 | 66abc2f8400e884b888842f7688c9e20e49ffe876888c0ace0194f9cb7520433 |
| SHA512 | d1448c69db18be55417a01813177b5af40867f537f47a7c514bd8e51b36ab7915ed0d4293fd0b98eef7eadcd02a33ee438aec4de10349444f5773468b0161b1e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\74B59C6A1551D74BB99E6CB6A45B631D2D390D50
| MD5 | ac2b854f11c1c9b6298f4424113cbb48 |
| SHA1 | f0540642182d91b7613a86eaa0577a00ec0e6ccb |
| SHA256 | 79271ea45d753fb9854e7acf61e5a98d7413ac11245eef15f6619c8e497c9a72 |
| SHA512 | 58b5853b3c4e67df273fe6ed03d39ac8e3abd9b95894d61474a4e5b255afbc4de49d14abcaca29ca820497808ec131b7afc9811ffa94c3700a8064f58e3d8990 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\58EFA56DB4BFFECB0EDA547894BC9A057159E22F
| MD5 | 96e93965aa6eeb9b2da406018d141a16 |
| SHA1 | ce3d2f585723bbc942f9f097468d1433c71e89d5 |
| SHA256 | ba99eda8091a51a326741a472371aff3dc095fdb554f31f01446d63dd492b4b4 |
| SHA512 | cc9f6268e2e06e602e987cb20cc69b1d2b9ad69903f037453cb6bbc4a1740a8039ac0c5bf5982f928c712fe1769337587d94fc6ec0b9adadc50401a2cbcfb695 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\530D26489DF254B012168870D43D024CF942241C
| MD5 | 685b04bf83fde911f247e271952d57f8 |
| SHA1 | 9ed8d10c54ebef61d6fee2ff5d8113f7cbf2a024 |
| SHA256 | f4067554b8bb25f7298c36186cef6f4a3356e02c4d1616ac736df78e3a792610 |
| SHA512 | 481600d40e70f705179f5a4b025b82b5f819c7e706d9ce174ca2c5c8bb6689b2fbc1640568c2288ffe6b28245d92bd9eddaff012175fa196e521fbe54e7483cf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\4EDF1819D3560E9D2B133841ED496C034B03BBD8
| MD5 | 5849f493dd4c0f670267acb2380ba678 |
| SHA1 | 91c7a11e16cbe808ef72c7f2bdfa1beb125b0304 |
| SHA256 | 4588a0618c3a0744294413abc616e5ceb02462cb26a775a5457509ff12abb945 |
| SHA512 | 1609a8a69b1b6879befe8d22abbca69c558863ba54488208a1d4a5d945a7d902e317243629bd631a3efd5e7e82775ec2c4eef0b6f09576a7c17fc607c3fb6661 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\3A4E7624A1D53603BD913148460DD2F7B1E08E1E
| MD5 | 7c9fcb15ed40d57f5bcb3c8016de5b67 |
| SHA1 | 5648f94596713a8789edacd40b0c4105ea5f7120 |
| SHA256 | 6aa0031f530495df765148c14100f25817d68f4d505949bf8fedc1c46c3a41bb |
| SHA512 | 441a875de1ec96c75958cf7b9234b07d19279e4a84e7f93c74d4df8c7d94661416a20013f96875a11242d15d11ff31f1fd2b80428790e1cccd758f8c519400eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\27FD91AA11CECC79C5434988A451A826A51754E1
| MD5 | cde55a852d7fc193240f838dd9890181 |
| SHA1 | f94b34712f0dfa94f39aba16e16bcde8e1d322ec |
| SHA256 | 85735807b84d2914fc70921ecf050c6f4624046bd238d3666280607c19b432de |
| SHA512 | 7fe3ede2d7e9bb50126af7d181e91566401f081890404e5f50e93f9aff603d8f3585ea791fbac9205872fe4eaaa1ca33e795d582261da53661b97d80b0ceda9e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | 38420f39e06b0cc54dbeec18a3e81254 |
| SHA1 | 961d75efe54bf81af2250a3f925c99039eca600e |
| SHA256 | 4c613883c0621ed2923d32ce175bab5fb0fcbfae24b177da7d487836cb74fad3 |
| SHA512 | 6e073c13c5f421fdefc7d658d4bbf5a22896c535d352556a4a11ba11616574d5f83b147846f9b8b53118b1b9ba457e46f244465ee21aefe2646acf2531ec052d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\DD1272FD66D4CE6589A5BD28E5FA65CA7F380E71
| MD5 | 836a2db1303d49f2f8b46afbe837ecbf |
| SHA1 | ac2dcff165c7cdb961edf726bb86274aa1d69ec6 |
| SHA256 | 23e05492e8d8ea55db6c8be0a3adf593119ac94582d4ae7053d4543f4d281d05 |
| SHA512 | def046540ae820ce6f262633a4d712e4cd44e8ba1e4a2594a1f5704089183c71dc94f5fc351524d420ccdf1921a133f15fb771931ad4057c29428626217902a8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\FB90528C095115D4C712AB5391C9FF7FE618F95A
| MD5 | 01c306e6899b5a1c750c2713aa228dcb |
| SHA1 | cd00aec44fc880f57fb77e29140125553541cc38 |
| SHA256 | d38eaddf91cd691308da6884e78b18a839f02283cc4f1cbef227de3d3f55805a |
| SHA512 | d6035c0a5c4c8b60f1f12dc7941ccce0575851b8daeca3a323d0dd02558d7c44be97076360fd63049129e6d6736170ae591acd39c465c294abfc58f88c4eca76 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
| MD5 | c28884168165a0089aadb96f84f75e26 |
| SHA1 | 8916e4d79a633c5654b647406c62351925aca9b9 |
| SHA256 | 1c5cb758acec34f0b672c198e2c43cb4d7e4c2672fad18a66e6b7fce37132436 |
| SHA512 | f4f90448216a78ea737140b409a19d4a6fea9ab79d511e2eb705a05e4afe4d0fe0459978f78fbba88ec4e0c7b01c3341092b16765c335f72288b46ff40168895 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\F48CA00165B4726470F96AB1FB43945716D0F8DC
| MD5 | 835416bb2faebee44688f18bf4c9b909 |
| SHA1 | 114dc6acef6ee8c7eaf249b49e48d1cf2132b876 |
| SHA256 | 9ce7d0b0a0426b1e33023461af84c6ad31b4be883d4d05593b137cf822e6247b |
| SHA512 | d601b4e134df9a5aefa19c1df8e6f71ffa4d5a538c60108a317eadb98a36045e8e5d8b4f8d6c07e3e21ea4443199ef3d09d40d3f9d2a9984e79d43fb9db52d5c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\F1046E8EC4DB13BE5047723A9AA64D733967B066
| MD5 | 7f8c707e8dc1a68cdfeb670d7e224f31 |
| SHA1 | ffe39ccb370376475d1f2af89d5f5998cc8f7efb |
| SHA256 | ee34b6abc9588da47adaef429df14a603fa84fa7a159b2cc0182757d6d5a35d3 |
| SHA512 | e56599d6c66c0ec5e98970088ff8d8c5d745561de8103349f343db3cf5d39cd36a1a3453f8da4f34c723e9de9e79e4f2836ab5d1452c31ba3eb24f65d435e829 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\EFC14FC01AC1EA0FC6882DB378AC51C64D04872C
| MD5 | 3bd48ed94c0daeaedfd3c7abc83b8205 |
| SHA1 | 2cf2c5cf7db9d978c9349e4550205b8628e5170b |
| SHA256 | 7f8cdb48e890eb3bda9a79e4ee0dcd4dbb6d93444eb74d0d4c954815c20a3668 |
| SHA512 | 64ba6a6d3f2d9ce88fc1be64029b87e143ed1cd839a10b189b0ac24b90db76fe761e36f7da2b4ff04356a0932fab8c9fee426585a4ae224476a282f59e094ae7 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs-1.js
| MD5 | 4700fb0ef4b2140e8a72b3b447f70114 |
| SHA1 | 727731d8ff4ac75d6f2dd8f1a3da46b25737e69e |
| SHA256 | e29ac1aa7b622faee3a6e2a93477cadb715a0e2dce6d1db747a67826f20c31f5 |
| SHA512 | 8551f19d7a15e560c91fbec905131cd9aafeb6cb2649ebab235dc6173aecb4e88a3128ba1dee965f952e6b2f53fa6f863ce08e14cde9113111ec9c5b670139a6 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
memory/2064-425-0x0000000002380000-0x0000000002381000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 03691607c3ced5f9d62fe5e0329649be |
| SHA1 | b78c32293d6dff514b5b97daf46367882b1d72cb |
| SHA256 | fca36873197bbda0ac29494762c02f0cb38ebeff0c4209a05e01b61815d1b75c |
| SHA512 | c8cd1764b9e5d246c5a264a69cf2aa335391ba8c7840e60f58207b65b6da1b436f499787f6dc4213d76069968d5246e44327d9f0fdc1f13a5376b6f4f6efdd7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24008
| MD5 | 9f43482e10136b33fa913ddaed9b1d44 |
| SHA1 | c33494ec16b2afbb717e3db85d4feebcbbd0d829 |
| SHA256 | 0f3be97b7596774278436aa46e6a01411d9f2ce0e268b6e020912faa3abe9cc6 |
| SHA512 | fec327216d9452ac0d5a7c42ae4793a2e3d055a1abb9016c5418cab8b8f38850b3d65c187437880a5798108c74e56bc6117112867d3416c6370af384c80f487c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0809127bd99c50e59a4120b374c9173d |
| SHA1 | 44418437b32e132de5a0896a9716b35ade4991f9 |
| SHA256 | 81039f4065db79938175d9b503eb56ab667a2286ea79608fc1a2c15ab37195e3 |
| SHA512 | 09f4b6fa08fa5b29128630788d21d4903d1b24e49afe0f6ff21402e330609a653ec98f8a4198429b10e5ffb867d88aa7606366881abb0bba1a440016efc50798 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\333D032FC0C64B007F4B863F0DC348133D015B16
| MD5 | 09bbd6b4d94520273db036d9bd3912e6 |
| SHA1 | 698bcde98b96011e939e80364d6880701f7d21bb |
| SHA256 | 38fb96931a1a4a1f4e73ac52c6250451ef2a0be78da237ba0d5417abc5cb6050 |
| SHA512 | 985c1fa48cad6be43e0459467a32b1ed6eebd4b67975e6adfa70bd3f1f463a345e9bdf969a81b9116acc61e0b60712f60f44ca074c28694fbfe04da3f77a54ce |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\020FB9C5CB4498D2C25CD8A420D45738AA0992DF
| MD5 | 71d0c827208f546ddd9738ee3bcdbd34 |
| SHA1 | 488d56a32dac4bf00e5bd15ecaf762c0851e37d7 |
| SHA256 | 033cdd441268fddb7d0a67c1203060bef2ab8e26f6b12fd832c12e8b3bb2251d |
| SHA512 | d52402c97e26ef72b81af13b4a9d7a54d098b338804447b7b51b809da12f0e83c930a5e386a0657eccba8f9e6268a4525e0b025e4f3dea4deae6654bbeea6ec4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\30429
| MD5 | 2536d50367a7b0e6b844b72adcbeb29d |
| SHA1 | 12e3e29fda710135ea9ee637cb0918e57da901a0 |
| SHA256 | 63ebad1223e436085a27e225834b1e19cc1b51c32a6a59cec7d16ad2c5a5f204 |
| SHA512 | 6e5f414620a5a77d7dce5c85d0d1fbbc08971b649305bd30dc1e55eddcf90b3d525b15635f702acf8daef8307d072faadf1efa90c0e65a094273d97ded30393b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\27163
| MD5 | 0cd5a09a952d4add937bd2bf635b179d |
| SHA1 | cb91f02212a62911bc096fa8882c288cdb824fa4 |
| SHA256 | 1d6bc11db76245f438e5edeb3a2ce3dce208a97c1bc676f3d5840ba9c7baa6fb |
| SHA512 | 223c2192ada566b5e0e3d9cb8ec8551fde0730c3d9003b9b79e9d44c5f85ad6227bd5aa3115b3d609a73f950ddb8e878c3a6106b78a4ab249d543cb4e31097b6 |
C:\Users\Admin\Downloads\npp.KqH8VtgZ.8.6.Installer.x64.exe.part
| MD5 | 5b08d23663a3b12501878f0626f55bf0 |
| SHA1 | f9524a8916744b967865a40e0436ee16b6fdcd3d |
| SHA256 | a95064e79409b31e05d608154e2e6383583b498be371f6bd10fb0b40f0945cc5 |
| SHA512 | bb961ad358a8e94ad9c1414832bb339d8af1159f7ca6bf0043ecab10eb946b386f5929c174667d553d67a77e80436ce1a26de5a60c543323cdde5c5d845c58ca |
C:\Users\Admin\AppData\Local\Temp\Cab9C61.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\Downloads\npp.8.6.Installer.x64.exe
| MD5 | 20fee1de1747be65d3ca6114d530e581 |
| SHA1 | 788ec25836a9ae525a8fa58a903ba7720ec39cff |
| SHA256 | 92b94f5df86bf73ccdce652e4e8b5d3085e16da2ae7fc9feeac6a6dcc01c4490 |
| SHA512 | 2c180eef94310118f38f4ad3c835769857966542175015c5d8843d1391a18567a0fc98a53e09179f7391abd06b69d276927eff946fd28a88394ce2719041e8d9 |
\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\System.dll
| MD5 | cff85c549d536f651d4fb8387f1976f2 |
| SHA1 | d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e |
| SHA256 | 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8 |
| SHA512 | 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88 |
\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\LangDLL.dll
| MD5 | 68b287f4067ba013e34a1339afdb1ea8 |
| SHA1 | 45ad585b3cc8e5a6af7b68f5d8269c97992130b3 |
| SHA256 | 18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026 |
| SHA512 | 06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b2be39185e59414b1ee455384eaaeb7a |
| SHA1 | 50ebf94f0017e7c160a06e06027b400ee2f7294c |
| SHA256 | d226dc0a92ed5adc45ccca4550bd170146ea0a66f8afec59651710f3d678c5e0 |
| SHA512 | 4c5b359132eff3af770e1f3db276746470bcee742828e27235f79626b6f47ce2c3b2a7138e12035333ef557f87cdd71f4a535c921a991955a78b8635f2f95fa1 |
\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\InstallOptions.dll
| MD5 | ece25721125d55aa26cdfe019c871476 |
| SHA1 | b87685ae482553823bf95e73e790de48dc0c11ba |
| SHA256 | c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf |
| SHA512 | 4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480 |
C:\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\ioSpecial.ini
| MD5 | 4ea00ea07f493415a441b0a889ff32af |
| SHA1 | 45abd199f7555bf5f6b43546000d728a6299213e |
| SHA256 | b65a61db81ccab9fb692618c6c462a5214fba8f326d9c84ddc78396055667413 |
| SHA512 | 0e356c55190cd36556d334c88b1988cb87b153b2e622d655ed7c8f2da84ffd236a92747404f33b1c3891b5d1f419096e1fc3b1197623ea58d1b931e20bb0195a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8e79ee568002390bbc5a21e9cdd7c17a |
| SHA1 | c28f29dcabd0ffa9513f26320385d2c8b8cb3d7e |
| SHA256 | 851e1205df7596a91c5ea40b472c1394b76630ad5c53b92c41364dea97cf817e |
| SHA512 | 699a2c968b765cc7618ef54ac114e142b8b5ecc55bf13d3e96e9f6ec1319183916100cf4634ca7f6a82dc98142f7d89a1deaf92e7b6da27af7be0fac88a5c094 |
\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\nsDialogs.dll
| MD5 | 6c3f8c94d0727894d706940a8a980543 |
| SHA1 | 0d1bcad901be377f38d579aafc0c41c0ef8dcefd |
| SHA256 | 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2 |
| SHA512 | 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355 |
\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\UserInfo.dll
| MD5 | 2f69afa9d17a5245ec9b5bb03d56f63c |
| SHA1 | e0a133222136b3d4783e965513a690c23826aec9 |
| SHA256 | e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0 |
| SHA512 | bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926 |
\Program Files\Notepad++\notepad++.exe
| MD5 | ae07a5be89978600f3094c66ac719eb2 |
| SHA1 | a281e662b6d1cca0d54cab01a0064b62e7f1f103 |
| SHA256 | 746bbdd8c754b0ac18a226d2a1cc68792c948033932f5723981a2b5f5684d310 |
| SHA512 | d90f42fb42cf2f5f3ca8d25603666a5b73f11fcc3404597b1c023768cf21083abe0d2b19f3ae2499fba469474e818200ca9937b48ee5406f15bd6f9ea3996151 |
C:\Program Files\Notepad++\contextMenu\NppShell.dll
| MD5 | 827dbebe52904ebd1bd766fae12c9669 |
| SHA1 | 6a2eda9ba1b94d3b75cebb834c548580468f8f5c |
| SHA256 | 2bfa2eea4d169a1a01b37f465688a59cc6c42dc6e63a488a5dd27e799d5d289e |
| SHA512 | 733257bc5ff39feb5c0d1d7ef286e64ca1facee7942eccbb03d255eb082c91819cf0f4ad3e276a8382dfbd506c06a09f170fb7cc121022189b7d110c0c1d9db9 |
C:\Users\Admin\AppData\Local\Temp\nsqAB20.tmp\ioSpecial.ini
| MD5 | 51232d3f81d2d229dcf107b3ea544f7a |
| SHA1 | 5af09a9b012b256ef02700f5c46d6ad306d066d1 |
| SHA256 | 12a6f25f20df7bfe8596ce2056f805cf4e65461d1cefa5f0de9f6fe04161b962 |
| SHA512 | d2e90eea4ddc3bfb67c43a1a64d6ba1ea3f754bc4037fe8b9c7c8f754331029223f033079a0460167aaac3a1e2aa60d8926e4ef9542796d9321d4e1fe23209a9 |
C:\Program Files\Notepad++\langs.model.xml
| MD5 | e2720d29d41e4373d807701e8c7e74f7 |
| SHA1 | 42f6abe22a32bc4a3e389205bb1e82f6685f81a0 |
| SHA256 | b21447e1d7fa8e21a8641638701e18a30ebf491766b8f2071aa12c5595b4b1e8 |
| SHA512 | 4cacc1190641f4de8523751183f4edfc0042dad415a7963fe221e2186aad4759c4831b61fb77e27ee8bc1cb16c876e04288be00c972f6326821ef516336bbf99 |
C:\Program Files\Notepad++\stylers.model.xml
| MD5 | 343b8f55f376e88674733286d027f834 |
| SHA1 | 466886054d5c2641ba6058f58a7a84053aa4696e |
| SHA256 | f002b36e70f0fb159885c21fa6e6395176cd50a254201a94cbed756d9843fa9a |
| SHA512 | ef6643badbb87739f0ae847d201651f8d3e677c54ca2aa3f81277b053355772f71d9b0f490617c104ce861a29e2b283fe6d82faf4cfe8f10bfc571d683cfea8e |
C:\Program Files\Notepad++\shortcuts.xml
| MD5 | fb573784b83033dd4361f52006d02cb8 |
| SHA1 | 0a2923a44ec1bd5e7e8bc7cace15857ae03bf63c |
| SHA256 | 37a24662cd55b627807bc2bb7cbba5bbf2abaf6da4dd7bbb949bfaa7903eae9c |
| SHA512 | 753b44b5e8bea858cf5cc5ddfdc38098a2f3f921949cf98706ead95bdfa1de7ab0c115e9d69237623a03c422969480204c69d3ba277141527458c68230d0c67c |
C:\Users\Admin\AppData\Roaming\Notepad++\toolbarIcons.xml
| MD5 | bc4b775a277672fc7edf956120576ecb |
| SHA1 | fe7c2db5b4d4c5a3f5603cf56c4d71cc9ee2d71d |
| SHA256 | 4ec98de37193f41242c1a47507bcc4c1af555e71154f7354272bc3e664e19877 |
| SHA512 | f87dc3ce52831ee308fbfa2b1b94c07e2811e7028360f046e012f8ea5a8f0ebcd362de7a663dee810c3da0791474c1485b1a2626c7867e76236156b125ff39b2 |
C:\Users\Admin\AppData\Roaming\Notepad++\userDefineLangs\markdown._preinstalled_DM.udl.xml
| MD5 | 3690cef1865e32fe6be1b2ec7656539a |
| SHA1 | bc043bec63c310a60d9e242810036460c467945d |
| SHA256 | e45e49f0895249d951df2c07e0f06ca1242e05c961dd921e5aa2781ae2e7ff25 |
| SHA512 | c2be869d96baec2018e13dcf5934dd9cf74146541e852cc2eedb4d83a8af23e2577cde7a0158fefaa11056416ff039df3a7725e320620193e9bfe72c8067c051 |
C:\Users\Admin\AppData\Roaming\Notepad++\userDefineLangs\markdown._preinstalled.udl.xml
| MD5 | 672e6d5f89887666ec94711e442644e0 |
| SHA1 | 8d069ae93347316eff0dcf7aff4d22da18a62af2 |
| SHA256 | b34fe6811dacfe49d77d434123867e866daf6e0e27387a0446887dabe8943f04 |
| SHA512 | 8fc5e9bbe027826304fa6f329fb16e4c9e4e7a597d87e9c691ed6a9f505b7bc1967339b43c6426105432a030260b0654468ab8fcbb4312b2fb6ed6c6aa537edc |
C:\Users\Admin\AppData\Roaming\Notepad++\contextMenu.xml
| MD5 | fde4cc09d1c18c6cd7c1a4878e89d27e |
| SHA1 | 22fba21b254fed1a60da5de2b8af3cf6e132b647 |
| SHA256 | 43ac0b7ba9b1f91fd8d4841b8119344e6212b307a1decccf61658f31d38bb425 |
| SHA512 | fcc87b93cb4dd0949e82edb7d2788d7abd317f9f4c5f046ceba1cd85a64b12b29c6baba3e8646265db02a48a2dc20c3b5e893a1334d9b1e91d26692b4e9c2d29 |
C:\Users\Admin\AppData\Roaming\Notepad++\plugins\config\converter.ini
| MD5 | f07150054a6afff4d8e9d58899167722 |
| SHA1 | e092cd960ab728667d91b37d64a02d7f6821518b |
| SHA256 | 5b0a08439e8e93817772f84e1098f14152d9da36c2601a0600ddaae6f61359d0 |
| SHA512 | 8c86aa4c058a8ab5fd26f21cacc8ddaffa8ce6012bb329d3c5b817da00b4b43018a575c768d1921c6eeab7537f172c7cb3de658b014365ea52fb3c87547182b9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RFf7ce2ff.TMP
| MD5 | a1310b8a2cebdc70d8a8107f3b3b3c7e |
| SHA1 | a36ea592f52967f3343345324cdad061bf904b93 |
| SHA256 | 902325a162979b2be8203c6adbee25f97d365ea1166ba65ddd70d86e0b1fdb18 |
| SHA512 | 260a599c5ef11d77aee2c43aa475ecd06435a166cad102b07ba528db19b3b8fb769d972728098234097b48102fe6f3c44ea469fa7faeecea40d5281c636f70f6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | fc285b6390592e51f928d88f3757b7f3 |
| SHA1 | 9f9fc05656585dfb8e758fb4b0b54d90894fc2b9 |
| SHA256 | 931f22cccc80d68a9a02260f8a75d6b07794241a659c4c124b7040ac9b3a52d8 |
| SHA512 | 46a6cea02d15c4203c2d37d5667460bee6e03927c9aaaaffacfb99d9311b2782c0971cc0de790a3f5695051174a03d9867d389611187cf75393ba8c660c55a4c |
memory/3320-1755-0x0000000005DD0000-0x0000000005DE0000-memory.dmp
C:\Users\Admin\AppData\Roaming\Notepad++\session.xml
| MD5 | b0377a911b9767fb9600b57ca8ced058 |
| SHA1 | 19d1a06a05bf2189ca24a0db3c9e9697dee33abd |
| SHA256 | dba83171b83a921dd89a4378855f863504203a893a50fe2a5cce1623e6a843f9 |
| SHA512 | 2ef1ebcff7050c627db28f685f1eeeeda105a7b6b4636a10b0d23d8d3d102913a1b430c29e92489d8802fb24c5f27b2bfba7c7b7265879e1d6a898abfb7dfdc0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore.jsonlz4
| MD5 | 68a842efc15191ddceac5622d435ca2a |
| SHA1 | b18bb04e97ec200fba1a67d62f4e912f8d80144e |
| SHA256 | 799859fdb54584d15fa9cd30da7f89ace6ba325a2638ebc8aea6470e5c5a0a80 |
| SHA512 | e0e9f2284cc5362b30110d32be7b158e6e03e3753a66ef8689966779e9461820f718580f41f5421b864fa1acbe6ba223c837864a89c104ac70f3dc6c2566c268 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs-1.js
| MD5 | 0844dede6f1b72b4c880e8b79f141304 |
| SHA1 | d0b88dfd57f1d3fff7260900bb076c78f6d489ad |
| SHA256 | 599e1ee76ae27d575c8b747ee019d8ba2aa539f4b58c6c27407f18222d202c0b |
| SHA512 | 8bc044416e1577ce6dadacbbadc7e0f1a5b0fcf48bcd4bd6210d85e8ba86518e0491ef92530b6444225a9cf88adf024003bf6a25f3b1e27d8d9e2a1af49a5b9a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\places.sqlite
| MD5 | 80afd060e54c9ae4237524cda2f392ba |
| SHA1 | 85f4ef0d0532e6c0c502047be6729a09f7324fec |
| SHA256 | 5cd6d411f479cb00105573590f82568f9721795719887f642ab3cba4eb555fbc |
| SHA512 | 4820f22c60c47732c5d723baba24a4866768cbd10443fabc60e090543df016561875c2398956bc5e2ae01d46ecad2d04162fc673e9fc0dd1ff86a6b50ee3f6ef |
memory/4456-1878-0x0000000001AC0000-0x0000000001AD0000-memory.dmp
memory/4456-1894-0x0000000001BC0000-0x0000000001BD0000-memory.dmp
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log
| MD5 | b1d02dc588e9aaea41d4c81357143172 |
| SHA1 | 49a0957f3a49b7448ff02039c8349004999b3bc5 |
| SHA256 | 85fd061cdd3b77fefb5b63636686f64289237ca7e49563a3da3ed3a1c0a76357 |
| SHA512 | 282a31fa61a5732e2113530d306300f14260db9346f9399dba764b3f9f8e70585a4f9670cc80cc8b956b96d2353b69abc23783bd524d6b1596403bf8cbfa2908 |
memory/4456-1920-0x0000000002F00000-0x0000000002F08000-memory.dmp
memory/4456-1921-0x0000000002EC0000-0x0000000002EC1000-memory.dmp
memory/4456-1927-0x0000000002EC0000-0x0000000002EC8000-memory.dmp
memory/4456-1929-0x0000000001370000-0x0000000001371000-memory.dmp
memory/4456-1938-0x0000000002F10000-0x0000000002F18000-memory.dmp
memory/4456-1944-0x00000000032A0000-0x00000000032A8000-memory.dmp
memory/4456-1951-0x0000000003920000-0x0000000003928000-memory.dmp
memory/4456-1952-0x0000000003890000-0x0000000003891000-memory.dmp
memory/4456-1955-0x0000000003890000-0x0000000003898000-memory.dmp
memory/4456-1957-0x0000000003930000-0x0000000003931000-memory.dmp
memory/4456-1964-0x0000000005570000-0x0000000005571000-memory.dmp
memory/4456-1966-0x0000000005570000-0x0000000005578000-memory.dmp
memory/4456-1973-0x00000000046D0000-0x00000000046D8000-memory.dmp
memory/4456-1980-0x0000000004710000-0x0000000004718000-memory.dmp
memory/4456-1981-0x0000000004700000-0x0000000004701000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\pending_pings\98d3e0dc-ce44-474d-a887-3774715c55ba
| MD5 | 94a701bab248d810eb3985607e8ce81f |
| SHA1 | 81075ddc3105da1bb28fe4f8b4c4bd06a89bebed |
| SHA256 | 1b724bc311d95e310947235bfecc6a24297534060805542de9eb453378159182 |
| SHA512 | 203fb95b98ffe5890ea059b3aeba56905c2f82b144d57dfad331b5c6ea4e16f51cc4003187634462be2914ccef2d521c94df738377f0286d556303fde0b79b96 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\pending_pings\8b64a792-dff0-45db-9cc2-749261e84f64
| MD5 | 9adccadd3e63b805ed2d48eb962bfc51 |
| SHA1 | 2f6e7b50b8c7dcf392c4c2cac87beed2624ebcbf |
| SHA256 | 7e490de394feacfb62205003b3900cd00469ca94df86abd7c4f1f92a4a9953d5 |
| SHA512 | ffb4b8f4234e72884627d355a014d2bbf21cbcae47a4f7ddcb158ae26275195d5b02a22343c667c779209a2b2d8ecbcf64bc97b4ba5119741bc3b7dcac2c464a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\datareporting\glean\db\data.safe.bin
| MD5 | b2184767d24cda2da43f842b7507e798 |
| SHA1 | 8d9e665bb118e395d036ea52e692b4f43de30178 |
| SHA256 | a7134fd6d8ce4f5b85fab891664e39c00b4c1c407a1fe005dae4a85fea1535fc |
| SHA512 | b3d128b9f283c32b75d8b0851a6449301d52e47d08ce349b52b537854b8a586c25a22ddcd7af1e73c27724f87c59897b09de97bb3986a43964e8dbf9fb6dffb7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 24e0c616122f779ef08b55a4ae947290 |
| SHA1 | 7151314c8e21a9405f913c818904b3a7c4c9b27d |
| SHA256 | d9bf61b44042865249239be8fa4064933f5a47bd4e7b0ba097ba9c04f0a1108a |
| SHA512 | b7c0e0e62a30c5ffd98c82da5e738b5b149fa6a43f435966af485bc558325a0b7385b1b2f68f011f1a9123df7ea24a66f73b585467957cd7ad4c95528826870b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\13516
| MD5 | f5e7bc3966a269091a4eca720c247be9 |
| SHA1 | 291090ec82c4ad4d6afcdd4273378bbd4518f4be |
| SHA256 | e1fc670d721208dd4a6f4cf1481bbc83651f6a1a52909f3e2782503f58f54ed3 |
| SHA512 | cca7753d26ada6ed2005726c7eb054657c1482b0f831cd20684bd994757084111e27dcc774d37d82ecccb20b143edcbd5b0e900937f33216ad5fc5601b6778bc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 11a9e79bb970ba7dcb09e4c75d27c642 |
| SHA1 | 769e0ff65f62357b69a3859979bf8e4ab77296c0 |
| SHA256 | 7b5372dd64e7cd698641892e0658ab7874b9b1b8f6105a669e2ed8e520cb6606 |
| SHA512 | 1e760b2cf7960143dec1771a8a0e6c05e00c0383d4e53f60a41c51495196e38f0e3ba802eeeab567daf5d9bcfd25911611a34ae2c3dbb1853afcd776f3c3e876 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\9294
| MD5 | 7dbf3281ee0dc28d4ca3a8a1e75f71db |
| SHA1 | 2b003a3e5219f88e0092ca06b71ef2dc1b24eadb |
| SHA256 | a23e1a197ca2ac6b5ec1f9b3696cb038af6c2aeab8396c20177ee240fcc5a12e |
| SHA512 | 2ea40e07d4dbd6b738b38bd65f33a0540ac6e97d7821a75d1b243ca511d7d8c5c4bed56778c09bc459415f75c1451da548c317e4be8bcbe86bea09827f0e244a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\6B1E7C867E572F55306DA69482685C5CE9FC4298
| MD5 | 534dff7c9094b382b12360abaa070d2e |
| SHA1 | 7687789764a5548bad1678c7b56cee8b5349e67a |
| SHA256 | bc18f2625de3a5bb3b4a2534c9686e9a6a2ba5769a38e75d338f2b231f21d881 |
| SHA512 | dfcae3167e25bce05523a50d3f7852ea08ac50c5ad231e1995229486da89fb7023195951e8eef36e8a6f53196d50d3f75bdea0e0c6959d703eaa35c95d8200d4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\832CE7510515B9A9466FBECE190D2B7EEC5FF5CF
| MD5 | 0696fe22c29ff70b95e64811373fd21b |
| SHA1 | 6bebff55c2d0efccf89c7899218cb4b1148d21d9 |
| SHA256 | 3c8fe5190fe312ae2c68d4242ea3aba7f8cad7afb0c6c65824a230421fcc1dbf |
| SHA512 | 0a3f54a5219964ffd9c81cb66d2170efe56fd0df9c9125601e82bc384b78faec52dd6cf993e479a1e1d2806222f459e84e75d8ba755459b6dd255dd168f85dbf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\22212
| MD5 | 3f9daf1cf95dfb207543cc1722665d1c |
| SHA1 | 093b4a5c51f18737cc53e8214ed2df11b8c160e1 |
| SHA256 | 561345e7e47c56c4875a0c39136593d302a1705254e3b5e0914a1250a84f56cc |
| SHA512 | 98818d5cccbf5ffbabc826ea04c81470125af29a258d5d5a3849fc08560f98b0a315869ef71b29f5ac7a49fedf2ea149595b95b71dfa89de17c6b484f4e03cba |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\67BB5561DC3FFF18E03BA71FD26853021B7536E2
| MD5 | c026863e65c48de3b4dbea27d9eeac5b |
| SHA1 | 6037bd0e9c229ad8e4d17bce9e86b293f701777f |
| SHA256 | 6ae3ef8f29fb8db29c6054c40a075786a031d537b9ce670db2366f4c0e0614ee |
| SHA512 | b4a93523cf76a77e182e60c5d6f2fbc61a55119044ae400970d01b41142904bf10e11a92ddd20c4e1ef7ac901e8715f412cf75051c0ce30a125d19f5f7d34689 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\20602
| MD5 | 3cfee5892693197bb4545548eae41f00 |
| SHA1 | 6123e8e1675cb86eb6cee3e93a424a49b8fe51fc |
| SHA256 | 987d77077bf3acb4ee769abca805e6837b638baadf2486583dd3cd55cc47e784 |
| SHA512 | 081e046ea2b98a55e7a5e7936c7cb0d08ea1e8dbe19f6029efb307cf773ffcfd105c41d2e7e3109684d964682f30daf9f350e549b8eacf59ecbdf72f31ca9881 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e3bb12a80e40d531a9c26d27b8e03e42 |
| SHA1 | f19e9328d06716b68d1b1e005798f3b822cf5cae |
| SHA256 | a6635d4cc7e211b539491e400e0dbd582d51d4c97cf4934dfb91bab86b308d6c |
| SHA512 | e9956fa3c9cc018e6d9bf69e57481f1d077d496878c549c1cb26c7bbad6d6651609cdbff944169c4ed6caec77ed0219f30b6f27ae4e6f6361c925333b3e1e921 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 47bf6e86c54b04dc03913aa9ae6b0273 |
| SHA1 | 9c784ef7e4eb3b1cbf011e6bd9213b30ece224bf |
| SHA256 | 44fabf95eeae3f7f7db286e6eb2a541db50f06d4616ee2b87da3a467225cc4f6 |
| SHA512 | 8f5859dc4c7fc87259341ec029cb7e4a69e93dab6b49030ba4562a9ee81dddeaa4534c530e1f3be2af4ae02cea6def18e0f870ea34d3f6365b68cd9837138cd2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\26415
| MD5 | 31fc223f751e96d832c41b4e46d4439a |
| SHA1 | 336da0a2160a974898808a67f7c4c0b84b8f46a9 |
| SHA256 | 958d94f62118cec30aeb205c892b67f21abae03318abcf985b98cc151c841399 |
| SHA512 | 95f6f49664dc8ad278d346956dfcfac17090d5cbadecf067e631e06dbc6942c24f5c839825b53b1c20a5b755a82c136c123f5b1817657968e7a88062f188f267 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\74DCE4E04541BDCCBE352A4CD3A699AC5A454AED
| MD5 | 4791a457ca6017d1cf3e0ccb517cfe5d |
| SHA1 | 56b1b8a50030224ebbf47017ef5cae4edc6f0f71 |
| SHA256 | e4fe7a1f6d4e67f39d53af9f4b502e214acdc4e01925547eeb6c64e4246e1ce7 |
| SHA512 | 19275eb046b41a1309645d36518b9a7822b290d017ecede1b6f49ef1deaf0a313f8addede65251151901332ab3322330e52ea0ee45a278900dbbbd31462ecb84 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\0D267F7EA314987086DBDB0AD6C4F240588BB066
| MD5 | 30aeaffa12707ee89447086a9ac280f3 |
| SHA1 | e6e873c277bb65b5ed50cf50f489cb4806e9f8f6 |
| SHA256 | 41e33a41c2224a8b5dc7694a860739d6984826b1f4351fbe5fbc34a1cb2c3aaf |
| SHA512 | 29978b9f942eb5f81247b9f428af70f0faaf9b36d118fc74e924c5528a12462790eaa860de7e0e5c2d358b688ae4ee5f08ff0649617569ca47bf78c45225c6b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\22050
| MD5 | bdd35c0993f4ee5cbbad69b1414ec3e5 |
| SHA1 | 938ac53da7f2450a92d2296c9eff4d0b3b741a22 |
| SHA256 | 037eced4ea865370bbc1d922e501237e8de6ac9ad8b7db6e3310668f5703bdc4 |
| SHA512 | aaa25f04e15500f658316e04d99a770edbbadb5b3e8a40c414a78160b1c84017e21e67d01c827cc35862ece8a85e7bab319dd21a4df86514819fe0ff26bbc700 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\6634
| MD5 | 073b27c9a921edc5e4f904c49c736661 |
| SHA1 | 00889bcf8862b72102eed5e76b82bd73dfc3fc0f |
| SHA256 | 1d7246491265d68288eb692efdfe5bbaf0606d330ac845472b586ff54597b902 |
| SHA512 | fcd3bf518f2c8095be0a01234998242f5dfcb6c2ca1e1c1ba795440833aa360c2bc1c3ca6b60e02ced7959b6547c885514210371e53f4c48fc835c4fd45f9266 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e82b94565b4f341054b8b02558218538 |
| SHA1 | 480b458071526f9b71219c57acf162488caf5f6f |
| SHA256 | 5cdcdf41c2f56ca2f12406175ec369f53e6fc019b32055914ff5192b744553dc |
| SHA512 | 4cb72c3079c56eabc291005b73871a4346884f7be124e977d2e547edd0cace5395c17fec927e7179323b6bbb94e0221307c3852630993fac6a2340830d25414a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\12865
| MD5 | 9e9722e9f953c4226181a3bddb72062b |
| SHA1 | 5889f3ca1f8b453eec7e49b97d0a7d16c6ea69d3 |
| SHA256 | 41cebf74da06e2ae8d27677bda0d369dd20d0a24114a1ab45ff3f46ec7d55e9d |
| SHA512 | e40bb0702c3d1b847f399e416f926741e7463d6cd405e859238663cadc2d6f5791447078ea3a5738fe262d811424892eabaf0204273155acb03395beba536a41 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3ccfed8931c912ecac1251afe0a62bf4 |
| SHA1 | dcb8c4e1170d8b3fb5caa010dcea7a69d50bf4f3 |
| SHA256 | 919df43f8f762613af72caff99482d42baa83a8c01cc5515dfd0545bfe946226 |
| SHA512 | 578415053e83a4167e0140315220114a8749885b2bf1675217a5f15939e9c9c84993f468cc0ec3ced62a78d2d1b07fe46da55dba31f707ff2e3b0f55e696607b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\23396
| MD5 | 14e75b522abe3e167116e60ace42f700 |
| SHA1 | 26e61711dfd6aca48d4a246806700d06eed3d2fc |
| SHA256 | 39ee4eef096c44d81629cea1dfe4364605f591456667931727f9289307716ec7 |
| SHA512 | c9d0cf99021cc1789e4779882e9b95747d93a8178c5f6f6c90b70d0dd285ddaaa95c9e7e24303b917126219a911fa78e2b387e88ba47981f35272296c0506f17 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\DF67BF909ED42798219241DCEBD15C41FFD34E00
| MD5 | 1dceb0b6a8ab85f207f3642f946a13d6 |
| SHA1 | 2589a195622c5e1cdf38a538853a3c79bb4bb57e |
| SHA256 | e4550a8a27e6cb422d2c94e9f9375f9658332a2c2d31ec6ec45a4102a4cce524 |
| SHA512 | 1f2b0d53757ef92014dc2a550d0f70e7f6c339c5a0ef84847271206168aa2fb26f6ade0c7ae9ef6ccf50653431a9265ee06852a83981f8fa2ef4c57d2e0d32ee |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\1918
| MD5 | 154b9e85b79d388e1f798b59228d3943 |
| SHA1 | 5897d3111fc21b3d06d9e879c7037476ee5dd405 |
| SHA256 | 68989da76e1a9a3474721fd8f2bbcbda02ee7c7318572a5dc4ba7768abf932ca |
| SHA512 | 4c5972d58b679a5ee79d1b5e1e4601a79361858d11044a9da06a48b4d8d93d19eb69f2ca9d3f9fcabb086cb6dd1944c36dc17e3de3ef6adade9411db8f9b77d1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\21062
| MD5 | 7fc9bbec6f58f00ada4ad7c31d04ac92 |
| SHA1 | 00d42161e14bf09e1da1146cce1dd2c5fb154c74 |
| SHA256 | 5d50eace0bdacc17f35808d04a0cafa546f9628ee981cd4991c8d9679155e600 |
| SHA512 | adbb90407867a5123c7f07480c0ee796ff0f7ceb5b474782093a347b9fe82da8be3f7512c788199959d4ecb0b085899bcbbf75e559c8e9ad1bf1fb7086175a99 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\122
| MD5 | 4b4ae8f1385efbdfb0b58d47f75654a4 |
| SHA1 | e1515f64ca0c623418f3d20aad09a922f0b2a226 |
| SHA256 | df5a697743d733a0e716ada94d35a74619716b46eff21d1b1f1277aa4aaf54bf |
| SHA512 | 80b5b42caff2d57f8a50ccdfb0f7200107428b4afdd2ec897a79b9cc01b14fa9fd2030a9652dc3f097361dae5c0456babea7e793595ad4865cd0ba4bb969966e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 695a02cbbb600be2a053c8a403b8077c |
| SHA1 | 63e657b27c1f3fd14c0d6284f347daa18d13ff57 |
| SHA256 | be2c7591b7d60c9d905fdbfbdcd23c25c1edb3a5ba88716da349de7e70d5e795 |
| SHA512 | a9b1331b6bde1598baf32e64510100c19b469a8d55f5e4249573f570252b57bf65957a7b342be1ffbf3ea0b20e9100fd35863cb0fd9b8df9a8bbfc90e5b84e16 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24300
| MD5 | 3cfb6547011aa59335c3e8b650c0bce7 |
| SHA1 | 5cc9f1e1b2f2ae43fda6b8d86ab4bcd1b2a3c126 |
| SHA256 | ca8548335466eef958a2d4745f643f53ee89064035529db90d5deae0c72e2aa9 |
| SHA512 | f6244ec5921dc170cc10cb8df26fd96632533b63888b745776de698e1768a4acee78a58c8bd3fb624d838983382ee3a27638da4b9d05f17f3457c4098f29c78b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 982065290aada9bcdfefff60d8f61010 |
| SHA1 | 6874074d7daa84fdf5c04841c74861822a739e63 |
| SHA256 | 40feedb42b0e2c820b44692d9bdf1f4004aa2da58af10c60b881330a041addb0 |
| SHA512 | 1b52d87a94cd614d8ee8ca6292ba8f17a8f53287d9d02fa1d26a96dfad27aa6fd567e5b19b8a5e59b034ed101441b35f3106996ac604edb16c87653e3f9d3122 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\storage\default\https+++www.wikihow.com\ls\usage
| MD5 | 7104d3ab71c29f8c2818263480e1a4fe |
| SHA1 | 12733aa1e3c8a17317df93307ab0e4847c3b3129 |
| SHA256 | 28694cff1679c4ba30528d2cc1655ac6175471181910973009c14e16c47832aa |
| SHA512 | 7a7bcf07072b44c9b976932106ffa02f217252af6e09dad679a644d6d586354d9f7cf17bd998724d23d8042e2a5a38cd277e22121a571c43f91ee98caa90fb2a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c6fc8ba1d5c4dffebbbf9d80f7413082 |
| SHA1 | 675400664532f8d852a4c883173a81f644517a1d |
| SHA256 | e2641ff8546c814fc30024dfe3bef7ec245ad7840404550e446b268b803d9534 |
| SHA512 | 13835e12ba08c5fb0ac76b288c6e859ae9b45cfff6bee2a08d242543c553283a08d277dc1ba7f19bc055ddcaf97b28816def9bc9002575f5227431ee0a39fb2c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 08671032a7e2ec647e873c4219ceaaef |
| SHA1 | ff1954016f7b7d9b89eb5b3a314cf0107e022d2d |
| SHA256 | e9c19a137faa9b9a7364dd8f2d462e2f438b6f7a39184a0c9b58de4684462b1b |
| SHA512 | a0c433ff63426976ecbe3941758e70c762e899a1883d339e7901d97ec91666f80fb84e8ac6ea43810c1cca639914310b5b0bb6d25d4fefa97a260172767b7b2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bf249c9a412789568cd2f1bc72fa414e |
| SHA1 | 8d56c76b7fffafd4b9da37e9a05f681b68a1ac57 |
| SHA256 | 02f2e8a65466756cac87313e6cce27fdef0c7a4c5dbc0a9998b121f1da2b2c2a |
| SHA512 | 259dbb903d2ef1e5223ae545b52416e9fa5035463caf63fcb5af3876bf1d24a8a2f14e259a1f04ebfd198341f44aaf78f4c7b26b4f0b7d02199c148fa7bb601c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | 81486367f9c53a1ff2853c679e842a53 |
| SHA1 | 97f23f1d2e08207432f5828be983dc8179ba611e |
| SHA256 | 6bb8dcb9df194a6592850f7842cb7334be0fd6c9eb03b8d9f3437a1ede88b5cc |
| SHA512 | cbd17f18386ef54dd73da45d1125ab2564735717578baae27adb2ec4d2787fbdb779c8af38160f4a4670f440e587a2a448eeb2e945f235ee106637194bae9e78 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\22151
| MD5 | cbb2be5e89ea0ba713a23df9b03688a0 |
| SHA1 | c0d128ad12d6a2d5590453a88aaa1e97203f9ab7 |
| SHA256 | 0f4bbb7d1d13e93e6d31dd1c7ed3057a967134cea84af807a8474fb71445b665 |
| SHA512 | 77e88c5b5903c475bab6a80da956e968c74809fcfe9312deb64121a13c166f505730d3f5b9d15393d0157865e05bb6c47662b351350eb4bfc631f45b916507bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\18886
| MD5 | 9f23cc0937a7ab9fed743c30680398f7 |
| SHA1 | bb4f36fe06468b6c97dfa01f8b660c3987d2fb56 |
| SHA256 | 9299a3f507d01a31907a97a5bf433a893912ece277113a3692ce01889dca5a67 |
| SHA512 | 3cc65b443cd95afccf0d88dfb46417c9de44683ad24ad33b1bd2ee7477056e117e713363d98d1c8905a5a9d4910452a45dd4eb2a73330d49135d352414c79a78 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\32408
| MD5 | e82c34c1fe210e5c334116d75824df66 |
| SHA1 | bd9c0b341c639902b5e47cd228327f4dccb1a57d |
| SHA256 | 6602d5a7a4669a2f48f82407ed655ea8445db914409952a26d00826a03be984d |
| SHA512 | 4eb2b4e85665433555032827bf79dac4fd8a78420601cd4523ef55bb91b2e3a65f8b0f3bb6e3908aa08ca140401adbc17343c5b85ca85c5c3221e17581546a74 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\3B56139D19859320830F81F53B61743C5A502AAD
| MD5 | 7513f23540f7b6de4d9bfbfeba1df33c |
| SHA1 | 63dd8eeff577dc48bfc9421fdce057eacd868307 |
| SHA256 | 1d05b33e60222eaebf70e1bb04216a914f2a3a743290c3e67eefaa4f221d7661 |
| SHA512 | 38acee045c4960cfb2aa9d1603f91461add524673972fec3e40cb075849e693cb222ba38d72803c9d70607989ae19afb109110452b8d66abb01f55e31d2bfae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 537dd9d5ce5c1727f0593eefad029b9b |
| SHA1 | 66d195f2cfb6421c97795201f3fe05c2328c0804 |
| SHA256 | d4c53e904a985c5b5c1aa537bbded31af1d9901e8e3096b2a34fc85dbbf502d5 |
| SHA512 | 1659c627ddefcb8f309d4eefb745e5beaf75e4c23209358e9c19e032b99b9fdd0143b855c3add06ae0d6d1c362979291fd4a43e3f1c8d94f2ece7cd9f94d946e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\30164
| MD5 | c1ed8589f2d6782d45c9b7ab7f31ce96 |
| SHA1 | 039a6dbd4dba694b09fdb847216e42b25d69db96 |
| SHA256 | 8c90c4c5d6d499acf4051f9c5b7f014db0b7003446e5238fef8a941271f24ee1 |
| SHA512 | 75c9a8805ae6fc5c803a665a9b5f734b49734cbdf16d1045c3368708e9a71d4c0a9c504106bdf13065b058e729d9cd98396d82ab68ae5fbaebc45fa5a3890f43 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\2941
| MD5 | dff1d5a8b516ad267a47a121a40fb546 |
| SHA1 | ded5ec34c8fb87e1b34d8f04ca05ccbea4972ed1 |
| SHA256 | 28d69225df80441dce10839dc82064e4b25db7f625a553bff2899babab1cc76c |
| SHA512 | db420bcbc877ccdd756f0d9c049fe1bc5b8a0e87c4002de95bf7ee687a4cb012d556ac05326df29d0378507c19e0eb2c9a45b8134b42804e77226fbe95d45aed |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\068A2CB4149363072D7C9218BA9BE14AB4628CDA
| MD5 | 835f2d1dd7dc9aa4fb449afd87f7bb1f |
| SHA1 | 1f30e63368c51b317ad74b35cfb5052cb1d52053 |
| SHA256 | e555c59deda434bb79164d28e9701a795d3631fcff1649a5f2394c7c6d74e7b9 |
| SHA512 | 9f959abfeef0a7c2c6183ed793ba0554c3f7aeb941268caae4c376fcef4f4e23c0fe4849e8ca2111f5856ad38052cb98a504232560191f3996866564bd4a23f4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\C17ADE508655FF9114235F94668D78EFF34656AA
| MD5 | bc2c03d27bd9a76b97ed765a6f2163dc |
| SHA1 | d1ff6a05f0a4b9d14584f227ec1e81e0c5b19593 |
| SHA256 | f6acf9127424d606108ca6f6be79324e5aa59d195e7bf5268687ba657f22fcba |
| SHA512 | acb2b285f5fc297112d4aadda1a6ac24692981762a75c68dbe893909b3ca6a66dd30065aac81fb2f64c38f0f24ec2eebcd887a3752b4afbb0f4ce274d08ac38b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\10736
| MD5 | e260b2f5de6e09db04770b566bbf2bdc |
| SHA1 | 5135d17fd88faecdf7be0862484a827d6516f930 |
| SHA256 | fe07085cc16c22429be7095f9e70c03a099fcbcdc3ea7e6d495d171d7bf8ff0c |
| SHA512 | 7cf3b6a6f167823b336e4ff8054a3922b154f2c2b630543cc9f85e0293c7dac4db6c1468f32479b0ef181f043f3190464ad93c68a31a27d55ac226d76dc2f665 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\E561DD9F419279053B536CE76296F434407C9C6E
| MD5 | 48be96608c992b8be204aa34966af627 |
| SHA1 | 12cad36e5301dd0060069c1573392fd345aa2323 |
| SHA256 | b227d57f4e64f4e2c300033e3da58f9bb209afede173583c6c959c64e4291207 |
| SHA512 | f97b81d4d188324d4fb616bc1433f45766c8b73ea5cb0e1a092a0321494cfa93ffe972ad27cd2076ae358a2de89f2ea1460b61e4c6cb8c46b7eb3f5a5659ed01 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\14431
| MD5 | 7dab4271970a75e6b9a392a9d8abccff |
| SHA1 | 24d2d2d8854997a3579498330631a3bffd367723 |
| SHA256 | 09c7781d309ea753b0801150ebeb8be11b5d742fc4b6d18096ee60571462bec1 |
| SHA512 | c564fc3dcb5048dbc09ef0d94bc0347f1af04bbfe38842adfeb7af8c78ee150b4dcc2e55e8c16668aedb8c39aebf867675353cf5ae8c491ae10026bcde2ccdd3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bfa073afea34e9a875087912b3444002 |
| SHA1 | b92bf902ccc0be3fa2e07d451fd7a12508cb54bd |
| SHA256 | 6183e56cca88c699b838846dc173d133b3b398367dcd814661d46d2746dff895 |
| SHA512 | 8e89d29086e93447a48109d4025a24f15e4f524b418f6b55aa147ba17487a6be7063bf51bce2fbf1e9077fbcd6ef10f7e9e27bd9abab0283ecd7ebbe293f92de |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4cbf8cacc401ec3a16d6f4b5d91171c2 |
| SHA1 | c43f9441c5d4f02f1c8fdd53fe45bfbb1a895cfc |
| SHA256 | faaf2bf9e18a545d03eadc8c7a1eab4ecfcb9d9fd9faeab661965d0f462e1dad |
| SHA512 | b921086dedc5fb58032924c38169069949dea4ce58c745d85fe1cb58ddee9bd9f32050307e416b3e8cb756fde180e3efbd0cd886e80256d165983c3441444323 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\20040
| MD5 | c1fbf066f55ac45d95a371eece5a493b |
| SHA1 | 114a161498f26d4b3853a1d9b0c55cdeb4b09acb |
| SHA256 | b9a68c392a10c2596b66e747864d6b73e35214768097b1df6c6677f6d45f8cd7 |
| SHA512 | 26fae2c7d292a2b7a9aa1b963c73af1e2a9a4d8a4af9fb2b619f4b80415bfc151ed0be8d65c56bf9002f0469342bb6412767f18bf32165cc3677cdf2ff34e0e6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\3746
| MD5 | f14aa36e02ff63f952e695acec4a9d5b |
| SHA1 | bd0c004e9cf6776eea1424ba93abdd821a8608ab |
| SHA256 | e6c4524fa8e96494b4840a350b8c401a4a75bfea1392d1be93134c5bebf4446b |
| SHA512 | 3b205b514b9b3c7e840478ae290ce01a797ab3f55c39d3a2ddd4693a6febcdccc520cc3dab2bbbe2a5281512a306cf7497a9166d2cccffe523e2409e39e207fa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\3410
| MD5 | a51163921cdb566b03323ae413f7ee5e |
| SHA1 | 9f18471ca6b00b013a1035ee373ef6ffb6046816 |
| SHA256 | f049987449217a31bd663b7c5c016046789b88c8266cb76e3856b438109682de |
| SHA512 | ef7560c8c9274fa3188b88b77c6e6b7cc3894492f4794b2eded47425fc728bf959df251a9a32db1387379532e46c7c78d265bf214b3c1637ddf91a202adb9ca8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24909
| MD5 | dbb5f776018ec38f01c06219782b2a5e |
| SHA1 | 785ea6fdbbd0fa9075e042eaefae8bc12d20eb2e |
| SHA256 | ac384dc50f04aa02ab66419ef58a7d7084be3b4e497de567e4cf6165cf9e701c |
| SHA512 | 3655e6d2efb73b6a9d1c54e3b3df9c43f812846f05a9cd2af58d9dce422bfe12b84044527188e7f0680ad1d81115955fc3e8ca1bbc58c48844be3c9e8541134c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\10535
| MD5 | a82991c1405aa19fa0ea119cad61e33b |
| SHA1 | f53861c7629108e0a60c51a4b155b3f5732dbdaa |
| SHA256 | a53a8e41c9c0a934197bd8aaf563e0589f94875451e14336f9a5c2275f3fc6b0 |
| SHA512 | bc2ac0037d9c44028ce5f5d88363154c508647926496b938f1a9cd9f3829e01d277e95b277b827b6e72dc9a351e9b78ad48c2cecc58d092940084ea123c308fc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\4C48B3CB102230A355DC26F5C9461BD82B0B90D7
| MD5 | 7f2bc519068644c2d976b85b77ccee11 |
| SHA1 | d83fd0f3cfc785626cea0f4a82c8c38a6dee7ee1 |
| SHA256 | b5ed76ef96abdb1a9372cc467d4e86bf549bba98455e49b5781c160c277a570f |
| SHA512 | cbfab42e0dfc975a5e7ba33f885fe2762ee865a5cd932be03c4dab76a8752306f4e2418019d1a650db01e630bf892c5b2b8d944ca5d472496d1a594a2f26510e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 551f63c6d11dc567b423a2aa0d936131 |
| SHA1 | 9bca7935c4bf5e399f30fc3e00be1af98a929a39 |
| SHA256 | 96d9849e0b8089081d0542f048821d783b9fbe9cd92f340d6eb97ed88b8037d3 |
| SHA512 | 5dabdfdc7cb3db56a85c3b5585f8202dc9f1b27fdbd392a19176a7bfddaf7f7c866895fb2ce72d696ae83991ac9604f2b0ac87619564462cf02a23d97daa3b64 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24159
| MD5 | c02459fdf4d34c37c325dad7bc428604 |
| SHA1 | e70d542521efbb950bf6dc90f8180fb2db3b65b8 |
| SHA256 | df946905e03ff2913980a9d27d28f757491f84ba7317c7db19a8f0668d749a0c |
| SHA512 | c8b14f112fb0157294aaf5a7523e5463dedece4d1cb498ad46a65de01e17cb311d5514573e4166a8863b6f9072cf887701ebecaac3e4355a4e6f3b03c856da68 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\28682
| MD5 | 683739aa43452f16d8c272cac83f0e9a |
| SHA1 | ff7bb2a4699a12e428e2724f4daa098a3fd7697f |
| SHA256 | c4087f6908084ee7f6781d85bfab2c02036ec3a5553a5ccbdd036bdf7edb9ec5 |
| SHA512 | 896079a3045ab10ffbd26ea09618847921871e8838311848d3509582b29f627e037ed98cb9f2eeaf88fad9730b4d47e642f232537b36007cef3c5619bb2fdfcb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\21702
| MD5 | 86388f42c7ee0a2d5b9b92066b61e9c5 |
| SHA1 | 7a03f8b561daed60e3aff0e021815fe7b26b976c |
| SHA256 | 96fd422e1a8bcf3126f52cc3e11e22b9867ec88eedc2030d50babd753082239e |
| SHA512 | 327fe666c9567eaa1629a3a1ce4852d82ff6de770ef10a6c97f3df39da03bc7ebb931ebf507f15695587b8e48ba4a939e6f7dc6de96be650fddc4adae60a0e3b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 619b8b2e8ab3fe9a8e9c51ee8edd3c74 |
| SHA1 | 56d07f4fc177dc9977a7e5f38b7316075e8da3b7 |
| SHA256 | 0a10cf34c3431c3e830536d0035ed2f8b91992e580c827586a37a1e2a680c5eb |
| SHA512 | 2c0f6b6baef40bb9ff00c0abe7a0fd0ff5ea571a4a12c8add3f8121dfde95496dc72a77784f812b97b3a4f212dd26de67d49393c95c4be330becfc9dfb1de4e4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\30103
| MD5 | 95bec37bf62543c5ea9a55709f157613 |
| SHA1 | 3db4f4b151c64b8821799104fb1eeb083deeec66 |
| SHA256 | 004ba633563fb8d25bed0567085131344d91b2d0b5383728c66d68d4c8ce3ca5 |
| SHA512 | a1d0914ffb80c40cb1705d700890725940c9b13929d454019b239819f7faf3bad098315e23fb7c68f8ea3a86af9d86de859dd6c470bc2f623879e963d85a654e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 095de05841f1840edee7d9a587dcd406 |
| SHA1 | 09e2d409eb132d73a518cf42ccd56a7375e80eec |
| SHA256 | f3d87e400f65feca08a6b023bd0ffa33ba291e9f9a520fcb6fe9650997f539af |
| SHA512 | ec395573e65aa77d06fb8afdb0b550c7f89f9c39257af7259e904f810c41da76f72d3c3bffa0448f67658d517f6e34ca4ae827f56ba0ab6b059e174babe058c0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\5362
| MD5 | 436c0f75b4156ab8650b40e2cccafa34 |
| SHA1 | 6186c17bd70b10b51325ed987cd7c8f862e60b97 |
| SHA256 | 04b07fe6989dc88f7c797934c1b7bebdcb0acfacd3db8737374a8864a27fb670 |
| SHA512 | b9dcf35e40faab4b31e6ce64c90670f13a3638bcc8c3f28d10db6fad9f312974935662706c4f01a78b6599f152f6729e703275ac81124a4452cfc8a9b8dc11c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\622DA4732AD0D492AF826201498DEBB8C481AD86
| MD5 | fafecd14a5567a1bd4388e7d967a8c65 |
| SHA1 | 1d3e14af95df478f610216452b6434f396dc9062 |
| SHA256 | b19bcc7dc3b9c24aacd0dfc4bd5f200135f4861a3d3f142f4d255f2565c81a37 |
| SHA512 | 4306f225f3e829fb34727b13fae790dffb35709482a30288ce49b4e001d28ec1a5e5539898e6ce83bddddcad60b3aad3b0e7e97e8e7383ca460c573a900dfad3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\E6957265E017F78B35053C857C76959A10B2FEDA
| MD5 | a4f22e5d0f578c56e41f171578c043f3 |
| SHA1 | 0397caff9b3fcdb5f3bc76034bc967b379d14232 |
| SHA256 | ffc9dab7f293eee52343c2173d40424cef0f12a5f4ddbcf4c698e048a3551e1e |
| SHA512 | bd14b9157b1edd7ef86be05e9677c63e727c6a6dc1ee311f21e8fd486a39bb2bfc7d5d4977355cd1e5bf4ae603d8bf5bf2dc5f94f11e86b73a7d2d6074cedcb7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\E4E51C8D45AEA67788FF18DF0674752E08F2DC37
| MD5 | d3c0c3c0dcde8353922a8eaa6010ddae |
| SHA1 | db4a7a4aea5fefd2cf8912eb25a8cb478f682ec4 |
| SHA256 | 9beff2f2243c9497233680f49db8fb0cc93ffc87afa6f813743c94969ae1e3a3 |
| SHA512 | d010ea1f7bebdfc1d0c531f200157cd1c0f5bf04d4d28f27679535314377e512dece938b77688caec61c7660c5fe084119874f47542e1d982ce4daeaeb08342f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\83F6B41B787E4299C5A2CB008DCA8C754B21AE3B
| MD5 | cebf764855c0de2804590b0a8b0ced64 |
| SHA1 | cb1e8ed6b4fce501e7b421ad417ff08550187006 |
| SHA256 | 1b76a552c43256e14394e015f82be3cd8e86dd3f72047f8e8ea8dac8a3cf1cec |
| SHA512 | 1e1b4065945699bede2a4935e4daa90ffed9be8b4e84ac8a1c578e5537557138320035bb981724a661fbec6c48d22d656480594ba5df11f82387297acfdf80e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\18088
| MD5 | 37fe3c257aa1334c6896f0db650f9cca |
| SHA1 | 11469428ae4cad2e09d1e1f95514a4ae32269446 |
| SHA256 | f32c00d127c81d1025e78e45cc9e31478807690a7cad7d4e27444b7632e90fdb |
| SHA512 | 956074a9fc36adc72f6ff054b32a4247ba1a6ee8865f55affd8a8840b53c201d78470e2b704826b5610bf24b9f401c1c37ef7c4a90d68b010c9df3c5811ac3dc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\11725
| MD5 | 68e758920d3555354eec952599040400 |
| SHA1 | e992cb9efcf339c5dca8af19a8c2a134350a5811 |
| SHA256 | 48ffb27e13abfdfb096a7209bbe74af85447298a1a475779a4a00dd081316b9b |
| SHA512 | db89b80411e46452e3948038fea78ddc70d03f8a2da884523d98fe458251371fd0bc95fb721c4eb50da031f01b6a568cac89ea7e109170192c6915db0b2c4f6b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d437341495b918ab4906a024e69a1d64 |
| SHA1 | 7386b221946d23188ed3a850a1aba1bc2de61309 |
| SHA256 | 0b530dbafd60b31e8d83eb4fd0194a6dd2688741fc3defad4e08c9bbc4c1d9af |
| SHA512 | 376075964284f496d716e6c6af6962628604054cb50fd18d083bd19b7f746140169aab7eb199af235e18e09b613d1ca05d8cce448ed3b9eecd20f4d55a4ca637 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d6e06a11986c8b0dec63f9b0c5c33120 |
| SHA1 | c2410582afafa5dfbb40e90d3bb00eb2ad6bcaa5 |
| SHA256 | c516a498b8c9233753bd4c9dd7fc4e2534a1cf000190114310e51c998968db44 |
| SHA512 | 2c65bd8f6bdccf8dbf356b50ef85946890772a332db9cff53f4b2caba7f7cc68392e4c31b8228b429377575a4693146ee1a15067697bdf4e88b24cc574f7c8be |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24253
| MD5 | a5734eb307eaf6886d1508dbcf20eece |
| SHA1 | 6e6c5c04954ab6dd82063d010ee0068b6a968a61 |
| SHA256 | c3881612a533d56a903e3051475906b2a8ec8ca5fbc74e648e45f7e9a8582659 |
| SHA512 | bf4b5b1e5dc4868f19600a86ebce51e63556280c39b34539e322465324d1e95fc2dfa8c2cd478d6d7e7c2b2290c213a0762d12e647a7efc201c2f6c06cd6096c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\9419
| MD5 | 20c73f041ca10f4fbc31812efb712ad0 |
| SHA1 | dcda5148b9c8e9520c423ed775f8b04d471e28bd |
| SHA256 | 1b656307507552c26ec148f0a09d78de4629c53b0926b84c600df6a96dcecf91 |
| SHA512 | c83e292f4909d7f169e10fe4d60b1c53f29913c60998f56a9fad18707be962f11b7c07a9f3f3c7aff8944082629eeab4035fb68ac0caee561cad72ee20e7e831 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\1BC45D3B97D834E47CBA6ED69BA4724B8CEEDBC9
| MD5 | 4f999e861fac001c6a0e569c9f93a943 |
| SHA1 | 4853556cf2b9439effd7aad63d04d10b83632453 |
| SHA256 | 1f223c2a503e9d34d5fd90362c0a5418ad49581a8113a5d3e509ddc4d24ee04e |
| SHA512 | c6f11684c3b727af7acf13fd997ed97d7be82a88baf5f0a7996b4840c7d3a196dc7aa0e7221e8518837d6ea32cd4792e1f1bdb03591ed30db2f8d52408f9a299 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\88B3226E1D4FA985E4BD3BFBC5B6C20E3DC800C8
| MD5 | 683e188c35eec5a6557baf458f517038 |
| SHA1 | aa576f84d1831c19b532f9b410af9aa2ab1c5b26 |
| SHA256 | d9c0b57ab35ce1649f953f0be3f3c9061fc4a3787e574fdcae213f54c34b0a34 |
| SHA512 | 091cab3c62755f6f1c8a70fca8531e0156ef5ad5125fcc1744699fc167b45d8cd5b8056f7106630aa03bff8dd97b189c9b1196344fae3fc6c9b8396246bc244a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\F307B6EA11BCCB3FFBDE68508D5E3890C4BB0932
| MD5 | 73303ff3c770dea2141ed5bd6bba49f8 |
| SHA1 | 3d7888f72c68f5c75ecf315a64d691ff0455c714 |
| SHA256 | 8a33cd7677b8c3aba5373fca07292d987fd1ee8d6fd5fbc5a3053f56cb8400c5 |
| SHA512 | ece34f8ee126232c5ee1f80c30d281262de2e618d76d5fc9c33de03b29ef6f92a4c202c33dd059b872658b1573557a1b7f8342f70e73644892f65813c146a760 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\752C93DEE131DC5EB8B5C6D5F6108C2C50CCB1C4
| MD5 | 5c315c925b03105729e06f7474d07810 |
| SHA1 | 35580d8ac4ce95d94462f5a5f98fc4566958146f |
| SHA256 | c930291ee2b568068505dd25ef664078b2f1e9f5056cc3dfd390bbfac5626e37 |
| SHA512 | 73a7831b2fd08b982dc0d811376c100200d209da44413aea6320498c578c33b37558bbbf2d99313b2d8235488d19a0f8721f14c780235751b40164afd888ca30 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\27100
| MD5 | e9e0e17b7db9c3a63954439a344b0cc6 |
| SHA1 | 8cb612da6fcf56d4117a30ba656cb3bb2e133cf2 |
| SHA256 | be63d90e1e6e0ea97662aca4962f95c085d743e890abea00706bc9419b2a072d |
| SHA512 | 21a8070de574defbe47da9103860233ae71f0a9a8722cac961655873df9b304f93dedae12b63464ac30006a90b38410f8a98980bf0305cd871e3abd9b5deed02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\9A8AD29C2B3C60D101A70FC9CF10D734D7A92526
| MD5 | d643645e32e4181feae954f5ac6d734d |
| SHA1 | 1cf9f9f448ff67eeaa5a82dcb496833b54c117ad |
| SHA256 | 4545331cf10f8c9fd7ebdd591d95c3680e7c8b99bdbd6376e44e4769946311df |
| SHA512 | 13755cfa36166d6c750c4a05e72ce290d0f4bae2c798f8821eafca902f52a2c6407fc4f822ca46d1beca18c8a5ff35bb1845b286818ae5c1a19f27fca3a842f7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\39F4A7DF6F43FA12B0170DA4207FA3CA8DF50AF3
| MD5 | 5e1059adab61d433b751fdd88d5c5a25 |
| SHA1 | d0efdc3a47f274a1ed37f19f68f8294d576b3047 |
| SHA256 | cd1cde7ca0f647405ce46f317c087875b13a241959bf807630f7754b8c7a315f |
| SHA512 | 30b3b892d4d9fac8179a2a22f3e9e934bbdfc31285b2536de4bca2df7643758b7d3352fe3e6d366692e2cacfc09552eaa78e72c4207c188569e58e29f03daffe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\23954992F78D97F769EEE7DEAE4D5E8C1F01D36C
| MD5 | 21d0373b7f255947b1a6fa7247621720 |
| SHA1 | 55129e00e654495372c2b43cc27744567afdf3e5 |
| SHA256 | 59315cb76daa5ccccd9d6c3f017cf9884ab68052568ba57bd169d736da6d5cc6 |
| SHA512 | 66ed7af04bd4deb030ea278e68c23c6db99e85377629b280891c7c00ba06cbd3428c3c2bac070bc47026baa2b254ba53854bdfd72bdd90f5ab655a2de9ef8948 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d2ce549caef9298f6154ab82b145569a |
| SHA1 | 355052b76187ec282f2985d07f545e41f2089b25 |
| SHA256 | 2d570a504f827a3addcc7ef9cb77628b5ddfdc84b5df9303efd3d95987357b72 |
| SHA512 | e9f69edbd213aa60172d17d26ea534f08dce9765238779f69a36c1ddeb6001ea877a34e8df77d6c5f06b15383aeb4eff14168870b562b10c0757bc16aac543fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\4483
| MD5 | 0986744b29a665ebd3216fc107b0c447 |
| SHA1 | cdcc5b42b2b4d6fd3309f80cccb466f903f7ac16 |
| SHA256 | 2701a9b45bb7bf497dadfc2de6192c2483aefcb07abd193a8dc11c256cf11653 |
| SHA512 | c69bfd3a410e40ff31d3c06ccb7917ef77de94ba10e112396330fb80063dc288c75b65a400732cc54672f6b7a1e0a85460c568ef46bbe50b38698851a23539ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\27140
| MD5 | e45032bde4b71019f50c51d21cd2278d |
| SHA1 | a4d8c455ce13d1164144b7cd0e9cc0429bd2745b |
| SHA256 | d602a74324fd0526e302a59e3540025f3d64def66933bd41348a9688bffe39e7 |
| SHA512 | dd0277b07300e19d91ecd8c50c7e827f76843b291db2dfb42083e7d543b9cfe5fc428a40395a5141b247c68784eac0058ded9b9af137c43415117afb9da96db1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\23874
| MD5 | 1c4a79220d3a82add9c7152c7c7e25ec |
| SHA1 | d4db13d355f1d74e3883da1746f8a8ca46af34aa |
| SHA256 | 9b41ef84079a976263180c69e1c64df6122c1b2018fa99bdb37511daae74e085 |
| SHA512 | f81696951504a3d17a63efea2b45bd2798ff2fcf6be6ba51ade5318b1e77d49c644c182ef6c0b0fe30daa3256c13e06bcf6d21d89fe52eeef80d322f472a9958 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\24783
| MD5 | 23e768b5c9aec7351ccad98943722720 |
| SHA1 | 2c1ced6591caef8a30f125f200a517d24df55164 |
| SHA256 | 6a7f8fe1ad6603162c1c118bdf1019ec353069e3d9e5b8ff54b0d09550dcc5ea |
| SHA512 | 486de4c1bcf4792767f5b62f3da0f1c00e3d9c8841ef7bffa0e4f42f0e448ceaf3dca74ff121bc218030f8f58cf9e2f65a9b5b77a721c1480eb597c25652fff8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\2C990AF8A57742B63DDCEB8026EE022F3DE9155D
| MD5 | fc4d9cda603c1701d61cfacae33824d6 |
| SHA1 | cdf9d547eb34fc7cb07fe0dda988747ab12b6cf0 |
| SHA256 | db48602200289b7da08fddafcffc893765a3daa9d70cb0b7d58178fe571e39ca |
| SHA512 | 8ff1836dda5daa5e4821f1f1b3cfb01df77c0a2658dd0f86a81783eeda3658a3fd6de007681277e940bf68b819931318934635a9ae114bd6f8f909f095e001fb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\19627
| MD5 | 862fb3678ea233bc9eb57bc7e9054fe0 |
| SHA1 | 0f3250b7ba4736ddce812c2f8d5e4561128083be |
| SHA256 | 2756cd055a7dd4cbcd571ca02390d74b99f1df81fb682449dfdf910a635d6153 |
| SHA512 | 84bbeff290f5dafd1a1ad826b9ec181dc4becdd69ea0d66e96e4c3d1669136aadd4056cc2f90cf2ea489ce50a23c2c0bae70483e12233601c082fe8ff800d0dd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\12434
| MD5 | d09252a9baafdf854c83e16f83386e3f |
| SHA1 | e5e02fdcf2a5faefd55199ff06155517a66f2cf4 |
| SHA256 | c444d12554e6a497663ead24cd7f9c160067772034f18911f9c005d785e29813 |
| SHA512 | c1897a70218d3f4febcaee37df2ea2542cf31324adedce762c35b5026579f4f717595f84081f6d1a828ea825aed14c306105a0a3f81ad0cea3f8afb043110726 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\2672
| MD5 | f8190e4af76a74b21350b9fa1bd5454a |
| SHA1 | 51ce664b61920ed2b4921a9031251c03cfff7ed2 |
| SHA256 | aa55bfe04862fc5eef3d20a13881ce5bbab56d3dbec4e1163921b9c07b86922b |
| SHA512 | f7c9e101042fca33e043019e233b3e59f8ce5c2f7153ad6065026410687916d112b46089268d8242b331fe79962921970926e7ba2dcfb59232bae9d3103a4d73 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\21929
| MD5 | bf4eb6b394c0128656f646d786118af9 |
| SHA1 | 045feff863fc7f791a322fff7e480a7af0672cae |
| SHA256 | aa9d2f0e1a4638245c1bad24c9708ea241597c236c66f890ae6eace591cd3067 |
| SHA512 | 1f6d8d2b134724037da2c3722fec5e51e21c92d0c623e8d6b5bade507c376ebe0d314afdd6a3848ade6e7a9d8e35977b2e0201abb0e0e31ad613888c17579334 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8799474c486a67518468ab47d3f35e93 |
| SHA1 | a4991a5152ab57db60e280bfece08245d3caf170 |
| SHA256 | b401328344cfe7cb095047cbc11e627052b9bafb11a6e6725a398a27f2ab8375 |
| SHA512 | 6d1d60e8c57af48277ab39f49a0cdf7c8f80e5454dcb98ad46171e44c20304130c9ba557861ee71d950cd5dcf1ee549f73f3381823972f2ca5b3b914e72f6966 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ed6e9695ab53cfd2a4848eb2e09c166d |
| SHA1 | daae958855d1c65311bc418a8b212a3ac7ed034e |
| SHA256 | 2cd7336f5dccdc4d7b335b7f5bb88ca3d506c437195d6c0e1030426a045514b1 |
| SHA512 | 1f6f1dd1c2029f05b0f8c35a3b8850d11cb7b658c38dbaca638cff7cfb7401c713c4333c7abf2d5291e8ee7ac13291fbbf3c3edd658ee1c01aa1bd28268fc951 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\20592
| MD5 | fa7f78f63a1996f38336a6504addf2ee |
| SHA1 | f140f12ab91691b2a2b38a68a6f661dcb4496f5a |
| SHA256 | a6b2d0bca16a2b546cce7debd5c0b89afffbf31b146d003f112b18a43af1c867 |
| SHA512 | 0c8ba5819330adb8a13d5a1f03efc054ab559b5ac235ef53b43d035899caa788ee685f769d25217175d77c803b6b83a4f9ce4a0ff3fad9a19be1ddbd1ae42402 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 183da446ce53e88f72e568fb2c70b6e4 |
| SHA1 | 6ffc558e5811200b2375649515e82e7a6c1f989a |
| SHA256 | 1d0766ae3ec5638ee03805ad7c05f0bdd931b8791d15f1176d5f54eb9d6f4c51 |
| SHA512 | 0013b0331b3ca2907556f589bd6578a2b6a81da211d0fac9be47715c9dff1d1638c5f557d8a88395c6a51a8cbb2dfdbf32a47bcf742c0a2f73f62f2979cca039 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7a78850fb6c153a4970138fbcc3c20b2 |
| SHA1 | 1c110d8b326e71e31d122929a42ddf3d4cda6e04 |
| SHA256 | 8e9ceec91ee2b85654f9743e2c390b7c3db7ea584915ecc8c611d7c77ae096bc |
| SHA512 | 5126ce0aa4da3be73ee2fb085f51473bc88784da29b038f3c2a374e16112c9faa89a570a38a540b048bb9f6494398bd1dc7c0a27f23047d2c63cb2c7dc6a7ad8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\1628
| MD5 | 0918c908272a8bcb5555c873f130e799 |
| SHA1 | 8dea8a463424f358c2adadf7e60ad9bb8c576a07 |
| SHA256 | 5136b1a2248b7bef730161e8f80aeca7f9725d220063bcb8beb95157f2a25439 |
| SHA512 | 07429c512882d7de1f616fd8e74f83b177f7e95bb17fc5c74dc8e0dc9ddc9eb54ab94f7dbda189746bebc9771f0ca0a3527e381b09c66fc8e5b743d4361627da |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\22749
| MD5 | 164c6442541422c1a1a7e15b0337a3c6 |
| SHA1 | 434e04d4a202b3d0f14d448d01b814cf14fb2da8 |
| SHA256 | b5dca58f593e6cdc07085faf060fc995fd4ea532c58197aa629a808784598a80 |
| SHA512 | 6c8f3b7c90e04fee72eaa6e7b0822a1c62c5e97f89fb73d9725a2ef3d4d48dc2452958c27700c14f349bca414336534fb45439b6f444bc80684904d560055f35 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\823
| MD5 | 6aef3b0e264ffccce86f545a23ed5dbe |
| SHA1 | e6122315c754c3b3bbc1bd5b3c416458291e69d6 |
| SHA256 | 12be85a19502bc61ed9b1f120988ae2d37fb1a5d87cf28767ef741687305a46e |
| SHA512 | 44515c2230c2498c64c033092e684f83ec0a5dad11f547ee5ca2de133922c53be687986e15d52a69e600b614d717c0114d4e301e99a02d6824cee8575e6b10ed |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\13548
| MD5 | 6f982526f1a4bc5425708aad4ed247dd |
| SHA1 | 507142f722e9cd5d1b120920344ab10de1ea5792 |
| SHA256 | 207904d6e63d7699f7449b67f2191c6ad45cd1923d1f30a045787aea3d2766f6 |
| SHA512 | b26e01d072218f30727305160eca874ff1b801dc50548abccdd5194ed862e2e893dda32b0f95f07d39a7183a43cf77a4dace85df2bd166a041bb662656222d99 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b0cb1824a2936365e5c338c5b0e44eb0 |
| SHA1 | 947159ef23e43abf234694f6436cf27283f98979 |
| SHA256 | c0d9d25dbcfe1d0c36297126ba9264ffbea00cc504b8204dd038e93184adb933 |
| SHA512 | 688141e70302b4af669619809ab05d6ea9a65297f71c806460d244e9dcb9d2289b8e07a63d5e972698b07842f6e04a37bc4c8bedddbb07706f3fa9478dd1b6f6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\doomed\2257
| MD5 | ad7e2a7634ffc89fdbb144b1dfb9ce64 |
| SHA1 | 4d8bae4bafaa0cb6e21855a8bfd86cbde1796318 |
| SHA256 | 048f8cde6227729494cdec0d6d89deaeb2114dc45a17c3c8a149c761286aeb2b |
| SHA512 | 769b19dbbeb55445beaeca0e48510091e2064d56fd60830db246dd0de501d2b21093952aaa3ebb9c8f42141b819a1088ce378077de506f0c3e249565d2c601ae |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\E5AB14F90DD189BA66F3E6ECA37D4653478566A0
| MD5 | 27ffc412919e99d885cd86a36cd48b2b |
| SHA1 | a0e8db4a5547d9e847c8b83bc4fc9f6d23e7eb0f |
| SHA256 | e9968e9813dc3b5f3bef3b4ac177f4f69ce8378babb9d2251e660a466c8706ff |
| SHA512 | 8b7f5573768b5902681bfe04cd7829fe5a343bce50611b191b8cd88a309d50dce8fd373984c4b0626854df90b17888b4d30192c0014f9491da216a7cc704bcc4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\C6DA11B4237F6D642176F12092A34C447BBCE3EA
| MD5 | a85f58f2ef0b5b4a4d48ddaedf8ea148 |
| SHA1 | 4ed8914484dbe9faa3c1faeba5a68ba800132fad |
| SHA256 | caa5a810d83d629bd81d7d320f9f79dca4ae153d966ca94e2bef83bf452d2579 |
| SHA512 | a06d83741805fe2d0bc266bfe5a191643ea7871e0a2ca47a7af5d931c890804ef189e1b0df104892730e3b68e6abf22e50c85b6edf70b79f046328b7eea287a1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\3F2CCE32FBC3C801146CEFBCA5A4E9AE35C2C1CD
| MD5 | dd7e1f262ff9a91d10a2c3d667a3bfe2 |
| SHA1 | 409355fbf8a52f4cd33bdd61edbc493d14330cb5 |
| SHA256 | e0ba7f12bee81739989374f55f40af09ebe32bffdd731318a2c9c518031a6546 |
| SHA512 | a6628ceb16db1568f0f6dd2f38c45d380f91b2ae72ba8bae6193d060987458f1f4ba1e1806e24e038ba0045c2fb647f171142dd0f41d2b72950ad2a84ebccc05 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\cache2\entries\9E2DD9DE8B15F30231B2A9EB126B1B87B7923B2C
| MD5 | 3971a8e84b638ee86fe410fbde6d0ece |
| SHA1 | 18c8f51e596e78a6be257d990478a23d893e4311 |
| SHA256 | ead9b4e15e76b74ea3bf762e80057bfa0476b8d0c2feb1401dd1b2a2a8fedcc4 |
| SHA512 | 1a6e2ad557b7e6abe78dc28a70647cb224e7f97205642f529afaccd61d019cc0213541ea48e9566dd5183aef07d5012d2206f3be41a7d3f013662acae51b55f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | 2d87ba02e79c11351c1d478b06ca9b29 |
| SHA1 | 4b0fb1927ca869256e9e2e2d480c3feb8e67e6f1 |
| SHA256 | 16b7be97c92e0b75b9f8a3c22e90177941c7e6e3fbb97c8d46432554429f3524 |
| SHA512 | be7e128c140a88348c3676afc49a143227c013056007406c66a3cae16aae170543ca8a0749136702411f502f2c933891d7dcdde0db81c5733415c818f1668185 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\prefs-1.js
| MD5 | 72e0025228d3b2769c03fe21323ae7db |
| SHA1 | 83558aadbb7b69ecffe49c455455396bce226cc4 |
| SHA256 | 45505b0f263163d14885e8f35fc12534f524a60f1166b7e82a02f8f763f28b30 |
| SHA512 | c38d4184dc198341fd26a8fda9b70ef09e246daed1054bad64e5ef023cad49e33deaa22e7e4cdb2c49c845e5081b1015cf2741d88ef959ddaacaa5282d6b2197 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | c8dc58eff0c029d381a67f5dca34a913 |
| SHA1 | 3576807e793473bcbd3cf7d664b83948e3ec8f2d |
| SHA256 | 4c22e8a42797f14510228f9f4de8eea45c526228a869837bd43c0540092e5f17 |
| SHA512 | b8f7c4150326f617b63d6bc72953160804a3749f6dec0492779f6c72b3b09c8d1bd58f47d499205c9a0e716f55fe5f1503d7676a4c85d31d1c1e456898af77b4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | 66bdbb6de2094027600e5df8fbbf28f4 |
| SHA1 | ce033f719ebce89ac8e5c6f0c9fed58c52eca985 |
| SHA256 | df49028535e3efe4ed524570624866cca8152de6b0069ebb25580fce27dccebc |
| SHA512 | 18782069ef647653df0b91cb13ba13174a09ce2a201e8f4adfb7b145baf6c3a9246ef74bdad0774a3023ec5b8b67aba320641e11dd4b8a195e1c2b448202a660 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionstore.jsonlz4
| MD5 | 8c92ea4b04bbcafe8293cfbdec1cee0f |
| SHA1 | 38138a89b6b49152cfa41ac509379fe1dc13b336 |
| SHA256 | 5dd4b0b01f4f3d2cd47b0d0a4b17df4aec4a9705aef7068423241ffb694d2fa1 |
| SHA512 | 14d06e2b82cbd31f83afc95eebe6e28b224f2b43ca665786a46bd920171fe9dcdbb0a23617a9df61d2a504b042fe32aac818eae45f5596daa8057ce297926c46 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bs4a8d8y.default-release\sessionCheckpoints.json.tmp
| MD5 | 362985746d24dbb2b166089f30cd1bb7 |
| SHA1 | 6520fc33381879a120165ede6a0f8aadf9013d3b |
| SHA256 | b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e |
| SHA512 | 0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61 |
memory/3088-4986-0x000000001B640000-0x000000001B922000-memory.dmp
memory/3088-4987-0x0000000002880000-0x0000000002888000-memory.dmp