Analysis Overview
Threat Level: Known bad
The file https://www.steamidfinder.com/ was found to be: Known bad.
Malicious Activity Summary
Modifies WinLogon for persistence
Modifies Windows Defender Real-time Protection settings
Wannacry family
Wannacry
UAC bypass
Deletes shadow copies
Modifies Windows Firewall
Disables Task Manager via registry modification
Event Triggered Execution: Image File Execution Options Injection
Disables RegEdit via registry modification
Disables use of System Restore points
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
Impair Defenses: Safe Mode Boot
Executes dropped EXE
Drops startup file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Reads user/profile data of web browsers
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Unexpected DNS network traffic destination
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: currency-file@1
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Adds Run key to start application
Checks whether UAC is enabled
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Detected potential entity reuse from brand SLACK.
Sets desktop wallpaper using registry
Drops file in Program Files directory
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Event Triggered Execution: Netsh Helper DLL
Enumerates physical storage devices
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Interacts with shadow copies
Checks SCSI registry key(s)
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Kills process with taskkill
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy service COM API
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
System policy modification
Enumerates system info in registry
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-15 17:34
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-15 17:34
Reported
2024-11-15 17:56
Platform
win10v2004-20241007-en
Max time kernel
1019s
Max time network
1021s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Modifies Windows Defender Real-time Protection settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableRealtimeMonitoring = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Wannacry
Wannacry family
Deletes shadow copies
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Disables Task Manager via registry modification
Disables use of System Restore points
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chkdsk.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bcdedit.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bcdedit.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chkdsk.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ksuser.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recoverydrive.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UserAccountControlSettings.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Autoruns64.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\yandex.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCuiL.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dllhost.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DBGHELP.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmplayer.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\microsoftedge.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powershell.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\url.dll | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\url.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webcheck.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\microsoftedge.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Autoruns64.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\systemexplorer.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\microsoftedgecp.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspaint.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shellstyle.dll | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\control.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powershell.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\attrib.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rasman.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpg4dmod.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shellstyle.dll\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webcheck.dll | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\control.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DBGHELP.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\systemexplorer.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DCIMAN32.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\logoff.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gpedit.msc\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Autoruns.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\Debugger = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cabinet.dll | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\usbui.dll | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\yandex.exe | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspaint.exe\Debugger = "RIP" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\NetSh.exe | N/A |
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: currency-file@1
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SDA7BC.tmp | C:\Users\Admin\Downloads\WannaCry.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SDA7C3.tmp | C:\Users\Admin\Downloads\WannaCry.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\WannaCry.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MinimalX = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Reads user/profile data of web browsers
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 100.20.121.79 | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microsoft Update Task Scheduler = "\"C:\\Users\\Admin\\Downloads\\WannaCry.exe\" /r" | C:\Users\Admin\Downloads\WannaCry.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateBackup = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateBackup = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\UpdateBackup = "C:\\Users\\Admin\\Downloads\\Annabelle.exe" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\Z: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\System32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\System32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Detected potential entity reuse from brand SLACK.
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\!WannaCryptor!.bmp" | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\7-Zip\Lang\be.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\bn.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\7z.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ug.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\mng.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\is.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\uz-cyrl.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ga.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\yo.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\descript.ion | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\gu.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\fi.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\es.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ka.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ku-ckb.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ky.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\lt.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\pt-br.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\uz.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\sk.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\sl.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\en.ttt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\hi.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\7z.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\nn.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\pa-in.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\da.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\io.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ta.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\7zCon.sfx | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ba.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\cs.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ja.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\History.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\tt.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\uk.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\an.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\eo.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\lv.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\sr-spl.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\sw.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\co.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\fy.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ext.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ro.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\et.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\eu.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\sa.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\tk.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ast.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\pt.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ca.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\mn.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\br.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\hy.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ru.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\7zG.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\bg.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\hr.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ko.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\7z.sfx | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\mr.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\ne.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\7-Zip\Lang\he.txt | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\e620c4f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{23170F69-40C1-2701-2401-000001000000} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSID49.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e620c53.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e620c4f.msi | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\NetSh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\NetSh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\NetSh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000c4d65e62b69e8e0b0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000c4d65e620000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900c4d65e62000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1dc4d65e62000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000c4d65e6200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\vssadmin.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\vssadmin.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\vssadmin.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "162" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133761664216792439" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\96F071321C0410724210000010000000\Complete | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\7-Zip | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\96F071321C0410720000000040000000\96F071321C0410724210000010000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\96F071321C0410720000000040000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\96F071321C0410724210000010000000\LanguageFiles = "Complete" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\PackageCode = "96F071321C0410724210000020000000" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Drive\shellex\DragDropHandlers\7-Zip | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\Net\1 = "C:\\Users\\Admin\\Downloads\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files (x86)\\7-Zip\\7-zip.dll" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\96F071321C0410724210000010000000\Program = "Complete" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\Downloads\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Directory\shellex\DragDropHandlers\7-Zip | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\96F071321C0410724210000010000000 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\ProductName = "7-Zip 24.01" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\Version = "402718720" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\96F071321C0410724210000010000000\SourceList\PackageName = "7z2401.msi" | C:\Windows\system32\msiexec.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 723216.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 870710.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 960509.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 874971.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 695717.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\!WannaDecryptor!.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\WindowsDefenderMAJ = "1" | C:\Users\Admin\Downloads\Annabelle.exe | N/A |
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.steamidfinder.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8037e46f8,0x7ff8037e4708,0x7ff8037e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5944 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x4f0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7516 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,2067501388465554780,3883608085796147048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff801a2cc40,0x7ff801a2cc4c,0x7ff801a2cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1952,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1948 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2104,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2248 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2472 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3184,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3244,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4596,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5052,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5092,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5160,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5516,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5528 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5716,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5740 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4968,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4436,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5780 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4768,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5748 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5768,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4868,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5776 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5572,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5836,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5872,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5848,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4564,i,13788984430518339325,13313109665843468172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8037e46f8,0x7ff8037e4708,0x7ff8037e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2012 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2532 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6804 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2688 /prefetch:8
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6496 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\7z2401.msi"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1772 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 /prefetch:8
C:\Users\Admin\Downloads\WannaCry.exe
"C:\Users\Admin\Downloads\WannaCry.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 166271731693185.bat
C:\Windows\SysWOW64\cscript.exe
cscript //nologo c.vbs
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe f
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im MSExchange*
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im Microsoft.Exchange.*
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im sqlserver.exe
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im sqlwriter.exe
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe c
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b !WannaDecryptor!.exe v
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe v
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,14164240572981638269,12177328504524178683,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8037e46f8,0x7ff8037e4708,0x7ff8037e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2248 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4056 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6172 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2236,7816980733786077461,6589511276335313305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5948 /prefetch:8
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Windows\SYSTEM32\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\SYSTEM32\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\SYSTEM32\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\SYSTEM32\NetSh.exe
NetSh Advfirewall set allprofiles state off
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Users\Admin\Downloads\Annabelle.exe
"C:\Users\Admin\Downloads\Annabelle.exe"
C:\Windows\System32\shutdown.exe
"C:\Windows\System32\shutdown.exe" -r -t 00 -f
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3f94055 /state1:0x41c64e6d
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x4f0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.steamidfinder.com | udp |
| US | 104.26.6.218:443 | www.steamidfinder.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.bkrtx.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app | udp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | boot.pbstck.com | udp |
| US | 8.8.8.8:53 | z.moatads.com | udp |
| US | 8.8.8.8:53 | 218.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 104.78.165.146:443 | tags.bkrtx.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 172.64.152.243:443 | 00917082-71e9-498e-8343-00c3df06b798.edge.permutive.app | tcp |
| FR | 18.245.199.15:443 | cdn.privacy-mgmt.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 104.22.1.93:443 | boot.pbstck.com | tcp |
| GB | 2.23.205.220:443 | z.moatads.com | tcp |
| US | 8.8.8.8:53 | kumo.network-n.com | udp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| GB | 143.244.38.136:443 | kumo.network-n.com | tcp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | cdnhorizon.nnmtools.com | udp |
| US | 172.67.190.95:443 | cdnhorizon.nnmtools.com | tcp |
| GB | 143.244.38.136:443 | kumo.network-n.com | tcp |
| US | 172.67.190.95:443 | cdnhorizon.nnmtools.com | tcp |
| US | 8.8.8.8:53 | apihorizon.nnmtools.com | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.165.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.1.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.190.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.163.164.3.in-addr.arpa | udp |
| FR | 18.245.199.15:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | static.anonymised.io | udp |
| US | 34.107.217.107:443 | static.anonymised.io | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | cdn-adm.pbstck.com | udp |
| US | 34.107.217.107:443 | static.anonymised.io | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.0.93:443 | cdn-adm.pbstck.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | api.permutive.com | udp |
| US | 8.8.8.8:53 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | aegis.anonymised.io | udp |
| US | 34.107.254.252:443 | api.permutive.com | tcp |
| US | 34.117.250.57:443 | material.anonymised.io | tcp |
| US | 34.107.217.107:443 | aegis.anonymised.io | tcp |
| US | 34.117.250.57:443 | material.anonymised.io | udp |
| US | 8.8.8.8:53 | 107.217.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.0.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.254.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.250.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| FR | 52.222.169.76:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | 76.169.222.52.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 00917082-71e9-498e-8343-00c3df06b798.prmutv.co | udp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 35.241.9.51:443 | 00917082-71e9-498e-8343-00c3df06b798.prmutv.co | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 18.239.208.6:443 | live.primis.tech | tcp |
| GB | 142.250.179.227:443 | www.google.co.uk | tcp |
| DE | 91.228.74.244:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| FR | 18.244.28.2:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | cdn.pbstck.com | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| US | 8.8.8.8:53 | cdn.permutive.com | udp |
| US | 104.17.108.19:443 | cdn.permutive.com | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | exchange.kueezrtb.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | mweb-hb.presage.io | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| IE | 54.171.11.29:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| IE | 99.80.128.60:443 | mweb-hb.presage.io | tcp |
| FR | 18.244.28.105:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 45.77.76.124:443 | exchange.kueezrtb.com | tcp |
| US | 45.77.76.124:443 | exchange.kueezrtb.com | tcp |
| US | 45.77.76.124:443 | exchange.kueezrtb.com | tcp |
| US | 45.77.76.124:443 | exchange.kueezrtb.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | tcp |
| US | 104.18.29.101:443 | cdn-ima.33across.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | intake.pbstck.com | udp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| IE | 99.80.128.60:443 | mweb-hb.presage.io | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| FR | 3.165.117.155:443 | aax.amazon-adsystem.com | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| FR | 52.84.174.40:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | launchpad-wrapper.privacymanager.io | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| FR | 18.155.129.39:443 | tags.crwdcntrl.net | tcp |
| FR | 18.155.129.54:443 | launchpad-wrapper.privacymanager.io | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 23.192.21.141:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.238:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | launchpad.privacymanager.io | udp |
| FR | 3.164.163.14:443 | launchpad.privacymanager.io | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | api-gdpr.intentiq.com | udp |
| US | 8.8.8.8:53 | sync-gdpr.intentiq.com | udp |
| IE | 52.48.168.123:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | geo.privacymanager.io | udp |
| FR | 3.165.136.96:443 | sync-gdpr.intentiq.com | tcp |
| FR | 13.249.9.37:443 | api-gdpr.intentiq.com | tcp |
| BE | 18.239.208.120:443 | geo.privacymanager.io | tcp |
| US | 8.8.8.8:53 | 51.9.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.108.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.11.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.128.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.76.77.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 2.23.204.244:443 | ads.pubmatic.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | 9346be14707dfef47e977d34251b581a.safeframe.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | 9346be14707dfef47e977d34251b581a.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 141.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.168.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.136.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.204.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 44.206.197.9:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | video.primis.tech | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| BE | 18.239.208.60:443 | video.primis.tech | tcp |
| BE | 18.239.208.60:443 | video.primis.tech | tcp |
| BE | 18.239.208.60:443 | video.primis.tech | tcp |
| BE | 18.239.208.60:443 | video.primis.tech | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 35.214.216.122:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | mb9eo.publishers.tremorhub.com | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| US | 54.204.18.118:443 | mb9eo.publishers.tremorhub.com | tcp |
| GB | 2.23.220.28:443 | cs.media.net | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.197.206.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.216.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.220.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.18.204.54.in-addr.arpa | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | slack.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| GB | 18.168.172.238:443 | slack.com | tcp |
| FR | 91.134.110.132:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.172.168.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.110.134.91.in-addr.arpa | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.2.229:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | d34u8crftukxnk.cloudfront.net | udp |
| US | 8.8.8.8:53 | a.slack-edge.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | reveal.clearbit.com | udp |
| US | 8.8.8.8:53 | sync.kueezrtb.com | udp |
| FR | 3.162.40.48:443 | d34u8crftukxnk.cloudfront.net | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| GB | 18.135.18.21:443 | reveal.clearbit.com | tcp |
| US | 67.207.86.10:443 | sync.kueezrtb.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| FR | 3.164.163.10:443 | a.slack-edge.com | tcp |
| US | 8.8.8.8:53 | 229.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.40.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.18.135.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.86.207.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | grid.bidswitch.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| NL | 185.89.210.122:443 | ib.adnxs-simple.com | tcp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.ingage.tech | udp |
| US | 8.8.8.8:53 | a11179690159.cdn.optimizely.com | udp |
| US | 104.18.26.216:443 | sync.ingage.tech | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | api.demandbase.com | udp |
| US | 8.8.8.8:53 | cdn3.optimizely.com | udp |
| FR | 18.164.52.73:443 | api.demandbase.com | tcp |
| US | 104.18.65.57:443 | a11179690159.cdn.optimizely.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 104.18.35.242:443 | cdn3.optimizely.com | tcp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 104.18.65.57:443 | a11179690159.cdn.optimizely.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | logx.optimizely.com | udp |
| US | 34.49.241.189:443 | logx.optimizely.com | tcp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.65.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.241.49.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube-nocookie.com | udp |
| GB | 142.250.187.238:443 | www.youtube-nocookie.com | tcp |
| US | 8.8.8.8:53 | cdn.schemaapp.com | udp |
| US | 34.49.241.189:443 | logx.optimizely.com | udp |
| US | 8.8.8.8:53 | www.mczbf.com | udp |
| FR | 3.165.136.31:443 | cdn.schemaapp.com | tcp |
| FR | 52.222.169.42:443 | www.mczbf.com | tcp |
| US | 8.8.8.8:53 | data.schemaapp.com | udp |
| FR | 52.222.169.42:443 | www.mczbf.com | tcp |
| FR | 52.222.169.83:443 | data.schemaapp.com | tcp |
| FR | 3.165.136.31:443 | cdn.schemaapp.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.238:443 | www.youtube-nocookie.com | udp |
| GB | 216.58.201.118:443 | i.ytimg.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 6321597.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.136.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| GB | 216.58.201.102:443 | 6321597.fls.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| GB | 216.58.201.102:443 | 6321597.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 2.19.117.70:443 | acdn.adnxs.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 54.171.185.234:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| IE | 99.81.94.169:443 | ce.lijit.com | tcp |
| GB | 172.217.169.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | 155.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.185.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.94.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.70:443 | s0.2mdn.net | udp |
| DK | 37.157.6.237:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads4.g.doubleclick.net | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| GB | 216.58.204.66:443 | googleads4.g.doubleclick.net | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | 237.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | udp |
| BE | 18.239.208.60:443 | video.primis.tech | tcp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | support.microsoft.com | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.151.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.156.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | support.content.office.net | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | data.adsrvr.org | udp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| GB | 2.23.205.233:443 | c.s-microsoft.com | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 52.168.117.169:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | api.schemaapp.com | udp |
| US | 34.236.118.236:443 | api.schemaapp.com | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| GB | 104.123.93.172:443 | support.content.office.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.93.123.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.118.236.34.in-addr.arpa | udp |
| NL | 20.190.160.17:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| GB | 2.19.117.36:443 | qsearch-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| FR | 185.235.86.62:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.193:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 54.77.10.240:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 52.168.117.169:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.10.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | udp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| BR | 172.217.29.227:443 | csi.gstatic.com | tcp |
| BR | 172.217.29.227:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 227.29.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | 28.233.55.162.in-addr.arpa | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tags.bkrtx.com | udp |
| GB | 104.78.165.146:443 | tags.bkrtx.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 34.117.250.57:443 | material.anonymised.io | udp |
| US | 34.107.217.107:443 | aegis.anonymised.io | udp |
| US | 8.8.8.8:53 | 1407cb13b0a044eaf018f92f58364605.safeframe.googlesyndication.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 185.235.86.193:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.62:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | s.external1.primis.tech | udp |
| FR | 91.134.110.132:443 | ssbsync.smartadserver.com | tcp |
| IE | 34.254.99.169:443 | s.external1.primis.tech | tcp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| IE | 67.220.226.238:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 169.99.254.34.in-addr.arpa | udp |
| IE | 34.254.99.169:443 | s.external1.primis.tech | tcp |
| US | 8.8.8.8:53 | cadmus2.script.ac | udp |
| US | 104.18.23.145:443 | cadmus2.script.ac | tcp |
| US | 8.8.8.8:53 | c.gumgum.com | udp |
| FR | 99.86.91.77:443 | c.gumgum.com | tcp |
| US | 8.8.8.8:53 | 77.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.gumgum.com | udp |
| FR | 18.244.28.96:443 | js.gumgum.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.24.18:443 | js-sec.indexww.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | udp |
| FR | 18.164.52.4:443 | s.ad.smaato.net | tcp |
| FR | 99.86.91.77:443 | c.gumgum.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | aba.gumgum.com | udp |
| US | 8.8.8.8:53 | gumgum.com | udp |
| IE | 54.76.232.73:443 | g2.gumgum.com | tcp |
| FR | 3.165.136.15:443 | aba.gumgum.com | tcp |
| FR | 18.244.28.96:443 | js.gumgum.com | tcp |
| FR | 99.86.91.24:443 | gumgum.com | tcp |
| US | 8.8.8.8:53 | 96.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.52.164.18.in-addr.arpa | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ie-g2.gumgum.com | udp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| IE | 34.241.121.215:443 | ie-g2.gumgum.com | tcp |
| IE | 34.241.121.215:443 | ie-g2.gumgum.com | tcp |
| IE | 34.241.121.215:443 | ie-g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | cdn.justpremium.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| FR | 18.164.52.70:443 | cdn.justpremium.com | tcp |
| BR | 172.217.29.227:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | tracking.justpremium.com | udp |
| DE | 52.59.4.26:443 | tracking.justpremium.com | tcp |
| US | 8.8.8.8:53 | 15.136.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.232.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.121.241.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.4.59.52.in-addr.arpa | udp |
| DE | 52.59.4.26:443 | tracking.justpremium.com | tcp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 54.191.0.77:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | cdn.doubleverify.com | udp |
| US | 8.8.8.8:53 | attentionxyz.com | udp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| FR | 13.32.145.108:443 | attentionxyz.com | tcp |
| FR | 13.32.145.108:443 | attentionxyz.com | tcp |
| FR | 13.32.145.108:443 | attentionxyz.com | tcp |
| FR | 13.32.145.108:443 | attentionxyz.com | tcp |
| FR | 18.164.52.70:443 | cdn.justpremium.com | tcp |
| US | 8.8.8.8:53 | api.attentionxyz.com | udp |
| US | 34.117.222.118:443 | api.attentionxyz.com | tcp |
| US | 8.8.8.8:53 | 77.0.191.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.145.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tps.doubleverify.com | udp |
| US | 130.211.44.5:443 | tps.doubleverify.com | tcp |
| IE | 54.76.232.73:443 | rtb.gumgum.com | tcp |
| US | 34.117.222.118:443 | api.attentionxyz.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| BE | 18.239.208.69:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 118.222.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.44.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tps-dn-ew1.doubleverify.com | udp |
| BE | 35.210.149.152:443 | tps-dn-ew1.doubleverify.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| US | 8.8.8.8:53 | tpsc-ew1.doubleverify.com | udp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 130.211.44.5:443 | tpsc-ew1.doubleverify.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 3.215.14.163:443 | dt.adsafeprotected.com | tcp |
| US | 3.215.14.163:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 69.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.149.210.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 163.14.215.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.245.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.17.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| GB | 146.75.72.157:443 | platform.twitter.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 104.244.42.72:443 | syndication.twitter.com | tcp |
| US | 8.8.8.8:53 | 157.72.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dabb22b92665bd06878515e1de9577e6.safeframe.googlesyndication.com | udp |
| FR | 185.235.86.193:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.62:443 | gem.gbc.criteo.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 91.134.110.132:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 35.244.159.8:443 | eu-u.openx.net | udp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| DE | 57.129.18.113:443 | wt.rqtrk.eu | tcp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 113.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | live.primis.tech | udp |
| BE | 18.239.208.77:443 | live.primis.tech | tcp |
| US | 8.8.8.8:53 | 77.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 109.234.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | community.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | avatars.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.67.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| GB | 104.82.234.109:443 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | 216.21.192.23.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 45.77.76.124:443 | exchange.kueezrtb.com | tcp |
| NL | 185.89.210.20:443 | secure.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.56:443 | grid.bidswitch.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | steamcdn-a.akamaihd.net | udp |
| GB | 104.91.71.76:443 | steamcdn-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 76.71.91.104.in-addr.arpa | udp |
| DK | 37.157.6.231:443 | adx.adform.net | tcp |
| US | 8.8.8.8:53 | 231.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | community.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | 11.173.189.20.in-addr.arpa | udp |
| GB | 92.123.128.162:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 162.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.146:443 | th.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | testfamilysafety.bing.com | udp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 8.8.8.8:53 | 201.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| GB | 92.123.128.146:443 | th.bing.com | tcp |
| DK | 37.157.6.231:443 | adx.adform.net | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 143.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.techradar.com | udp |
| US | 151.101.130.114:443 | www.techradar.com | tcp |
| US | 151.101.130.114:443 | www.techradar.com | tcp |
| US | 8.8.8.8:53 | bordeaux.futurecdn.net | udp |
| US | 8.8.8.8:53 | vanilla.futurecdn.net | udp |
| US | 8.8.8.8:53 | cdn.mos.cms.futurecdn.net | udp |
| US | 151.101.130.114:443 | www.techradar.com | udp |
| FR | 18.155.129.118:443 | cdn.mos.cms.futurecdn.net | tcp |
| FR | 52.222.169.84:443 | bordeaux.futurecdn.net | tcp |
| US | 8.8.8.8:53 | cdn.jwplayer.com | udp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| FR | 52.84.174.66:443 | vanilla.futurecdn.net | tcp |
| FR | 52.84.174.66:443 | vanilla.futurecdn.net | tcp |
| FR | 52.84.174.66:443 | vanilla.futurecdn.net | tcp |
| FR | 52.84.174.66:443 | vanilla.futurecdn.net | tcp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| FR | 52.84.174.66:443 | vanilla.futurecdn.net | tcp |
| US | 8.8.8.8:53 | hawk.techradar.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | slice.vanilla.futurecdn.net | udp |
| FR | 18.245.199.15:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | search-api.fie.futurecdn.net | udp |
| FR | 52.222.169.84:443 | bordeaux.futurecdn.net | tcp |
| US | 8.8.8.8:53 | champagne.futurecdn.net | udp |
| US | 8.8.8.8:53 | uk-script.dotmetrics.net | udp |
| US | 8.8.8.8:53 | freyr.futurecdn.net | udp |
| US | 8.8.8.8:53 | 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app | udp |
| US | 8.8.8.8:53 | sommelier.futurehybrid.tech | udp |
| FR | 3.162.38.111:443 | champagne.futurecdn.net | tcp |
| BE | 18.239.208.46:443 | uk-script.dotmetrics.net | tcp |
| US | 151.101.2.114:443 | search-api.fie.futurecdn.net | tcp |
| US | 151.101.2.114:443 | search-api.fie.futurecdn.net | tcp |
| US | 8.8.8.8:53 | widgets.hawk-assets.co.uk | udp |
| FR | 18.244.28.32:443 | freyr.futurecdn.net | tcp |
| US | 8.8.8.8:53 | search-api.fie.future.net.uk | udp |
| US | 151.101.2.114:443 | search-api.fie.futurecdn.net | tcp |
| GB | 185.113.25.52:443 | search-api.fie.future.net.uk | tcp |
| US | 8.8.8.8:53 | cdn.parsely.com | udp |
| FR | 52.222.200.60:443 | cdn.parsely.com | tcp |
| FR | 18.245.199.15:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | 114.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.208.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.25.113.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.200.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www3.doubleclick.net | udp |
| GB | 216.58.201.110:443 | www3.doubleclick.net | tcp |
| US | 8.8.8.8:53 | p1.parsely.com | udp |
| US | 151.101.130.114:443 | search-api.fie.futurecdn.net | tcp |
| IE | 54.155.18.159:443 | p1.parsely.com | tcp |
| US | 8.8.8.8:53 | eventsproxy.gargantuan.futureplc.com | udp |
| US | 8.8.8.8:53 | marketingplatform.google.com | udp |
| IE | 52.17.195.18:443 | eventsproxy.gargantuan.futureplc.com | tcp |
| GB | 142.250.187.238:443 | marketingplatform.google.com | tcp |
| FR | 3.164.163.81:443 | cdn.jwplayer.com | tcp |
| US | 8.8.8.8:53 | sr.studiostack.com | udp |
| US | 8.8.8.8:53 | content.jwplatform.com | udp |
| FR | 3.164.163.78:443 | content.jwplatform.com | tcp |
| GB | 51.104.28.77:443 | sr.studiostack.com | tcp |
| US | 151.101.130.114:443 | search-api.fie.futurecdn.net | udp |
| US | 8.8.8.8:53 | api.permutive.com | udp |
| US | 8.8.8.8:53 | ads.servebom.com | udp |
| IE | 52.212.165.252:443 | sommelier.futurehybrid.tech | tcp |
| US | 151.101.130.114:443 | search-api.fie.futurecdn.net | udp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| FR | 52.222.149.106:443 | ads.servebom.com | tcp |
| US | 8.8.8.8:53 | rm-script.dotmetrics.net | udp |
| FR | 52.222.169.122:443 | rm-script.dotmetrics.net | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.18.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.195.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.28.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.165.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.149.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.skimresources.com | udp |
| US | 35.190.59.101:443 | r.skimresources.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 35.190.59.101:443 | r.skimresources.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 151.101.2.114:443 | search-api.fie.futurecdn.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| FR | 52.222.169.106:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | 101.59.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | futureplc-com.videoplayerhub.com | udp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 8.8.8.8:53 | cdn.brandmetrics.com | udp |
| US | 8.8.8.8:53 | p.cpx.to | udp |
| US | 8.8.8.8:53 | cdn.p-n.io | udp |
| US | 8.8.8.8:53 | functions.adnami.io | udp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | vi.ml314.com | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 8.8.8.8:53 | c.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | prod.euid.eu | udp |
| US | 8.8.8.8:53 | 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co | udp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| US | 35.201.104.135:443 | vi.ml314.com | tcp |
| US | 104.26.0.90:443 | cdn.brandmetrics.com | tcp |
| US | 172.67.74.207:443 | futureplc-com.videoplayerhub.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs-simple.com | tcp |
| GB | 88.221.134.161:443 | functions.adnami.io | tcp |
| GB | 95.100.104.14:443 | analytics.tiktok.com | tcp |
| FR | 3.162.38.26:443 | cdn.p-n.io | tcp |
| GB | 18.133.1.224:443 | prod.euid.eu | tcp |
| FR | 99.86.91.95:443 | c.aps.amazon-adsystem.com | tcp |
| IE | 52.17.47.178:443 | p.cpx.to | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | cdn.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | ats-wrapper.privacymanager.io | udp |
| US | 8.8.8.8:53 | cdn.pbxai.com | udp |
| US | 151.101.1.44:443 | cdn.taboola.com | tcp |
| FR | 99.86.91.74:443 | cdn.adsafeprotected.com | tcp |
| FR | 3.162.38.47:443 | ats-wrapper.privacymanager.io | tcp |
| US | 151.101.66.217:443 | scripts.webcontentassessor.com | tcp |
| GB | 143.244.38.136:443 | cdn.pbxai.com | tcp |
| US | 34.117.77.79:443 | ml314.com | udp |
| US | 8.8.8.8:53 | in.ml314.com | udp |
| US | 44.214.186.16:443 | in.ml314.com | tcp |
| US | 3.33.220.150:443 | data.adsrvr.org | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | 79.77.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.104.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.104.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.1.133.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.38.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.47.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.186.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.advertising.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| GB | 2.23.204.244:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pm-widget.taboola.com | udp |
| US | 8.8.8.8:53 | floor.pbxai.com | udp |
| US | 8.8.8.8:53 | macro.adnami.io | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| GB | 88.221.134.186:443 | macro.adnami.io | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 3.214.207.9:443 | cs-server-s2s.yellowblue.io | tcp |
| GB | 13.43.251.212:443 | floor.pbxai.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 23.44.65.229:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.servebom.com | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.251.43.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.207.214.3.in-addr.arpa | udp |
| FR | 18.244.28.4:443 | pixel.servebom.com | tcp |
| FR | 18.244.28.4:443 | pixel.servebom.com | tcp |
| FR | 18.244.28.4:443 | pixel.servebom.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| NL | 35.214.216.122:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| IE | 54.155.94.181:443 | jadserve.postrelease.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 52.214.208.58:443 | ap.lijit.com | tcp |
| US | 54.147.116.58:443 | sync.srv.stackadapt.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 44.218.229.239:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| NL | 81.17.55.108:443 | ssbsync.smartadserver.com | tcp |
| FR | 3.165.113.114:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| GB | 2.20.12.70:443 | player.aniview.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | purch-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| US | 69.166.1.66:443 | purch-sync.go.sonobi.com | tcp |
| US | 69.166.1.66:443 | purch-sync.go.sonobi.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s.cpx.to | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| IE | 63.33.250.124:443 | s.cpx.to | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 229.65.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.94.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.208.214.52.in-addr.arpa | udp |
| US | 35.165.200.101:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 63.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.116.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.229.218.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.174.84.52.in-addr.arpa | udp |
| FR | 52.84.179.171:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| GB | 216.58.212.226:443 | cm.g.doubleclick.net | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| GB | 216.58.212.226:443 | cm.g.doubleclick.net | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | grid-bidder.criteo.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | hb.undertone.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 13.32.145.9:443 | hb.undertone.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| FR | 163.5.194.31:443 | prebid.a-mo.net | tcp |
| IE | 52.213.241.43:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| IE | 34.251.26.95:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | am-trc-events.taboola.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 8.8.8.8:53 | 124.250.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.214.240.157.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 171.179.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.200.165.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.145.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.241.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.26.251.34.in-addr.arpa | udp |
| FR | 18.155.129.21:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacon.taboola.com | udp |
| US | 8.8.8.8:53 | vidstat.taboola.com | udp |
| US | 8.8.8.8:53 | sync.taboola.com | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| IE | 54.155.18.159:443 | p1.parsely.com | tcp |
| IE | 52.17.195.18:443 | eventsproxy.gargantuan.futureplc.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse3.mm.bing.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| GB | 142.250.200.14:443 | chrome.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | chrome.google.com | tcp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| GB | 142.250.178.14:443 | chromewebstore.google.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| GB | 142.250.178.14:443 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| GB | 216.58.213.10:443 | scone-pa.clients6.google.com | tcp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | udp |
| GB | 216.58.213.10:443 | scone-pa.clients6.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 216.58.201.97:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| GB | 216.58.201.97:443 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.185.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 195.185.250.142.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| DE | 142.250.185.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.238:443 | google.com | tcp |
| US | 8.8.8.8:53 | e2c57.gcp.gvt2.com | udp |
| IT | 35.219.224.178:443 | e2c57.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 178.224.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 88.221.135.35:443 | www.bing.com | tcp |
| GB | 88.221.135.35:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 35.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.135.32:443 | th.bing.com | tcp |
| GB | 88.221.135.3:443 | th.bing.com | tcp |
| GB | 88.221.135.3:443 | th.bing.com | tcp |
| GB | 88.221.135.32:443 | th.bing.com | tcp |
| GB | 88.221.135.3:443 | th.bing.com | udp |
| GB | 88.221.135.3:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 32.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adf.ly | udp |
| US | 172.66.40.139:443 | adf.ly | tcp |
| US | 172.66.40.139:443 | adf.ly | tcp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 104.22.22.72:443 | publisher.linkvertise.com | tcp |
| US | 8.8.8.8:53 | 139.40.66.172.in-addr.arpa | udp |
| US | 104.22.22.72:443 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | cdn.datatables.net | udp |
| US | 8.8.8.8:53 | cdn.rawgit.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.26.9.123:443 | cdn.datatables.net | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| GB | 143.244.38.136:443 | cdn.rawgit.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | udp |
| GB | 143.244.38.136:443 | cdn.rawgit.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | player.vimeo.com | udp |
| US | 162.159.138.60:443 | player.vimeo.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | rec.smartlook.com | udp |
| US | 8.8.8.8:53 | ga.getresponse.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| FR | 3.165.136.108:443 | rec.smartlook.com | tcp |
| PL | 178.16.117.14:443 | ga.getresponse.com | tcp |
| FR | 3.165.136.108:443 | rec.smartlook.com | udp |
| US | 8.8.8.8:53 | 72.22.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.117.16.178.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 162.159.138.60:443 | player.vimeo.com | tcp |
| US | 8.8.8.8:53 | fresnel.vimeocdn.com | udp |
| US | 8.8.8.8:53 | f.vimeocdn.com | udp |
| US | 8.8.8.8:53 | i.vimeocdn.com | udp |
| US | 34.120.202.204:443 | fresnel.vimeocdn.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 151.101.128.217:443 | i.vimeocdn.com | tcp |
| US | 151.101.2.109:443 | f.vimeocdn.com | tcp |
| US | 151.101.2.109:443 | f.vimeocdn.com | tcp |
| US | 151.101.2.109:443 | f.vimeocdn.com | tcp |
| FR | 3.165.136.108:443 | rec.smartlook.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | fresnel-events.vimeocdn.com | udp |
| US | 34.120.15.67:443 | fresnel-events.vimeocdn.com | tcp |
| US | 8.8.8.8:53 | player-telemetry.vimeo.com | udp |
| US | 34.120.202.204:443 | player-telemetry.vimeo.com | tcp |
| US | 8.8.8.8:53 | 204.202.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.15.120.34.in-addr.arpa | udp |
| US | 104.22.22.72:443 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | manager.eu.smartlook.cloud | udp |
| DE | 3.123.222.220:443 | manager.eu.smartlook.cloud | tcp |
| US | 8.8.8.8:53 | 220.222.123.3.in-addr.arpa | udp |
| DE | 3.123.222.220:443 | manager.eu.smartlook.cloud | tcp |
| GB | 88.221.135.3:443 | th.bing.com | udp |
| US | 104.27.203.89:443 | adfly.fileplanet.com | tcp |
| US | 104.27.203.89:443 | adfly.fileplanet.com | tcp |
| US | 8.8.8.8:53 | cdn.fileplanet.com | udp |
| US | 104.27.203.89:443 | cdn.fileplanet.com | udp |
| US | 104.27.203.89:443 | cdn.fileplanet.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| FR | 18.245.175.108:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | secure.statcounter.com | udp |
| US | 104.20.95.138:443 | secure.statcounter.com | tcp |
| US | 8.8.8.8:53 | www.fileplanet.com | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 18.197.18.38:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 38.18.197.18.in-addr.arpa | udp |
| US | 104.20.95.138:443 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | url.totaladblock.com | udp |
| US | 35.224.74.90:443 | url.totaladblock.com | tcp |
| US | 35.224.74.90:443 | url.totaladblock.com | tcp |
| US | 8.8.8.8:53 | www.totaladblock.com | udp |
| US | 34.160.40.40:443 | www.totaladblock.com | tcp |
| US | 8.8.8.8:53 | 90.74.224.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.40.160.34.in-addr.arpa | udp |
| US | 34.160.40.40:443 | www.totaladblock.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| FR | 3.165.113.120:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | signup.totaladblock.com | udp |
| US | 8.8.8.8:53 | secure.totaladblock.com | udp |
| US | 8.8.8.8:53 | resources.totaladblock.com | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 8.8.8.8:53 | cdn.prod.pci-bridge.com | udp |
| US | 8.8.8.8:53 | cdn.paymentauth.com | udp |
| NL | 185.172.149.104:443 | resources.totaladblock.com | tcp |
| NL | 185.172.149.104:443 | resources.totaladblock.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 35.186.203.58:443 | cdn.prod.pci-bridge.com | tcp |
| US | 35.244.250.165:443 | cdn.paymentauth.com | tcp |
| NL | 185.172.149.104:443 | resources.totaladblock.com | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.149.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.203.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fonts.cdnfonts.com | udp |
| US | 104.21.72.124:443 | fonts.cdnfonts.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 35.186.203.58:443 | cdn.prod.pci-bridge.com | udp |
| NL | 185.172.149.104:443 | resources.totaladblock.com | udp |
| US | 8.8.8.8:53 | api.paymentauth.com | udp |
| US | 35.244.215.28:443 | api.paymentauth.com | tcp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.195.1:443 | t.paypal.com | tcp |
| US | 35.244.215.28:443 | api.paymentauth.com | udp |
| NL | 185.172.149.104:443 | resources.totaladblock.com | tcp |
| US | 8.8.8.8:53 | 28.215.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.72.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.195.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.kaptcha.com | udp |
| US | 8.8.8.8:53 | pay.google.com | udp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| GB | 173.194.76.92:443 | pay.google.com | tcp |
| US | 35.224.74.90:443 | url.totaladblock.com | tcp |
| GB | 173.194.76.92:443 | pay.google.com | udp |
| GB | 142.250.187.238:443 | google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 92.76.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.31.81.35.in-addr.arpa | udp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| GB | 173.194.76.92:443 | pay.google.com | udp |
| US | 8.8.8.8:53 | pay.sandbox.google.com | udp |
| GB | 74.125.133.81:443 | pay.sandbox.google.com | tcp |
| US | 8.8.8.8:53 | stun.kaptcha.com | udp |
| US | 8.8.8.8:53 | stun1.l.google.com | udp |
| US | 100.20.121.79:53 | stun.kaptcha.com | udp |
| US | 74.125.250.129:19302 | stun1.l.google.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| GB | 142.250.187.206:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | 79.121.20.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.250.125.74.in-addr.arpa | udp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| US | 35.81.31.24:443 | ssl.kaptcha.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | secure.downloadfp.com | udp |
| NL | 95.168.168.24:443 | secure.downloadfp.com | tcp |
| NL | 95.168.168.24:443 | secure.downloadfp.com | tcp |
| US | 8.8.8.8:53 | 24.168.168.95.in-addr.arpa | udp |
| GB | 95.101.143.195:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 195.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 88.221.135.25:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.143.195:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 25.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aimbot.dev | udp |
| US | 172.67.146.163:443 | aimbot.dev | tcp |
| US | 172.67.146.163:443 | aimbot.dev | tcp |
| US | 172.67.146.163:443 | aimbot.dev | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 163.146.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pumproll.online | udp |
| US | 172.67.169.197:443 | pumproll.online | tcp |
| US | 172.67.169.197:443 | pumproll.online | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | save.enabledstats.com | udp |
| IE | 34.253.39.217:443 | save.enabledstats.com | tcp |
| US | 172.67.169.197:443 | pumproll.online | udp |
| US | 8.8.8.8:53 | 197.169.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.39.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | 237.202.12.49.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | save.enabledstats.com | udp |
| IE | 34.253.39.217:443 | save.enabledstats.com | tcp |
| GB | 142.250.187.238:443 | google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | 49.200.250.142.in-addr.arpa | udp |
| GB | 88.221.135.26:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 26.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.135.33:443 | th.bing.com | udp |
| GB | 88.221.135.33:443 | th.bing.com | udp |
| GB | 88.221.135.25:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 33.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| GB | 95.101.143.195:443 | www.bing.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9150 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c2d9eeb3fdd75834f0ac3f9767de8d6f |
| SHA1 | 4d16a7e82190f8490a00008bd53d85fb92e379b0 |
| SHA256 | 1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66 |
| SHA512 | d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd |
\??\pipe\LOCAL\crashpad_4548_DMZSESLENYEISAHQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e55832d7cd7e868a2c087c4c73678018 |
| SHA1 | ed7a2f6d6437e907218ffba9128802eaf414a0eb |
| SHA256 | a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574 |
| SHA512 | 897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5556f6385fad56f745894d2f8c65ba8a |
| SHA1 | b3ef545908b406a8868bc06ac8dcc0a08efd0ef8 |
| SHA256 | 9fc7cb7aa2ad94cfcf6beaf8dc7c9dd8a15706382b2329347028c12c5bea239f |
| SHA512 | 139059f35fa203df7d58dad04b94723054010363f99b9be0a3694e54cb23c4a53985e6bba54bdbcf61aa9b49edf08f39b95a82a8a405d7b7489b677ddfbbace5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a5640a15e07bb76ebd4a4ad42f54967a |
| SHA1 | aaa7a0d6154fc20109462f7f65c833720d1782fd |
| SHA256 | a4a625a8cb7e10e35580b974bfc4d02a60503f9e3019ee296cb39167606b19ee |
| SHA512 | b9a2b64ff7cb90ce207f89c558439e4b52c342b5c8dd97a844eb7ef15d8bb95455fff0f9f51acc32a95ab5a8971ea90701de32740b8adee5e1dc6d5b01a5132a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e83c8dc2aed51d53f72707d378013a93 |
| SHA1 | d755b4685ca83ca3fdb5e45305899eefb9c990ec |
| SHA256 | 5ab37dc807952999dca7b4a24db53a13e85680d4996f66b2d70231f2a740b12c |
| SHA512 | 5fdfa0f65d34a7bd95cebbb237f3a80b0dd15ff6a1a96a03bd4f9d52a77f17d0a169295d31d2005d11b5a1cf107764f8851c32bc57908469ce8aa0fe664dccd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f6676bcaa9c16fab2a8081f8a0faa8f9 |
| SHA1 | 7ac97773d867343366b52c604d8ad061295a04e6 |
| SHA256 | 9ff2c74a2ff3484f55aec5988a6a1fc95b75b0c8dcc3e38a85b4b1da0a8cb11d |
| SHA512 | df8de0cba3ef4ac307501505fea5a9c2747800ef9feeb2fbd322d5f59939fa8df045edb6d3177e25d631a3e6d396586c071e29acfc7d75fb0ccccdbd79ee1437 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 63b0de6f5f79aeafdc32d2cf71500e65 |
| SHA1 | a7ebf3f48265d694f64785483b62988016d902b3 |
| SHA256 | a4983d7e5f5ab014c860e5d0504d59ff3bd8f15d299fe8f19b69c56838e83b96 |
| SHA512 | 46d18ddef2b3d4644c3c5c63e0ed9fd66cf171ac98c04aeb36968c4ff154082be0befca7d1bcb3efbc71fad8f5422f239f65e32903cb823abc582e96c6f5e26f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b13a.TMP
| MD5 | 6260ff4179143132774fa8f4c7864760 |
| SHA1 | 093d66fd19e3566e43555b8249a787db3507577e |
| SHA256 | d8d1e458c9afa97e830ed5abc72f5a758757d19df6851995a8f249db61d15a64 |
| SHA512 | eede88c65d9934b01f3564697a1f560c09c5b1a46cdd11b44c850d807a66fa89b95724de05d97d2612241eca69840dcb560e839d923976e273e9e0365f6a4ccc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ed9720991a483d0b8daeb919d3afd37 |
| SHA1 | 6a356ee58daab8ff7908853037140782a84b2c71 |
| SHA256 | ed6dcd2fe5229fba99724c7730cdb4552fc38ca4f8e3703c8c8b534bb1d51efc |
| SHA512 | ec43dffd7032de3217736dbd638b8e01eb4d3c56d76f095be95214c63a0497ca86abe66ecbd0f1ef746d13bc1399d2f8d0029dfaa81cf0940b83b02c261b96fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt
| MD5 | 343859b4ad03856a60d076c8cd8f22c3 |
| SHA1 | 7954a27de3329b4c5eefd4bdcb8450823881aad6 |
| SHA256 | 8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f |
| SHA512 | 58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe58b745.TMP
| MD5 | dc8b289b739dc456dace6886422adddf |
| SHA1 | dd8ab1a6b4205b464663baacda955b10b222ca21 |
| SHA256 | f5aec13776514786910146519f1ebf8bd5b9db8206e6f7f9b07f8edcfdf9921e |
| SHA512 | d38b1057d5ef7ac70c63243c5806a33892591dc2a73485a38edb36201efca6154e885a137ad040fbce9f0c879ef308c3ef798b033633db1a072c55de93c75040 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f8c450b0712af60e1fc33b420dd24ab4 |
| SHA1 | 7706f01df9274b2b70ba69316d2df3eedbe0fc5d |
| SHA256 | 03bcf6afa39738538214be84a3f504cedeac9caac6a7a2d55cc4ddd9f1c8cef1 |
| SHA512 | cd48685784262ec65046aa208e446b097377a55deb135e68015df127491358fdde3da038313423632d95d52015e648e83efc81abd95d5ec8420102d8aabc2856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fb2d5764ed69d7c162a3bbb09008a143 |
| SHA1 | bee63b5af963bd9e37823ed62b66aad012185d5d |
| SHA256 | 2c48497e59b3523ab34de71bda368025d5256d7ef5f3c62cdf76e568f1b022db |
| SHA512 | 22490dd72299ea7229953e7fd575a6cfcfe294684eb837125cd81b6abe7fb418973de2f7f71fabf1159cb5c9c12a39159db1b9f570325441a65ffa34d2e89226 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3dfcbf966c148e3165f69a0042371a70 |
| SHA1 | 77a9c95cddc0a8659eb17646c1d640d21a00bce2 |
| SHA256 | 6d753a422c23a6849d7370b8ca31ba433a6da5ae0a48347af048e206b7dc537f |
| SHA512 | 1dc92c3ea4250070b8bd5cc2e01297326c9a51d58ad59abe3bf8440d7dc439317d91b72bbfa53e9e08e604073d6b75f5080263c2a288346caf57ef0bdebc4614 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d93b8aeeefe993e17b789a64dfa73a0d |
| SHA1 | 44ee8de810e8cd659f9d133ecd2a94267b3e04ce |
| SHA256 | b5402a386ff3a87245d16f17b31af75b0da32eaa8986c0bd024b8dc1c887a529 |
| SHA512 | 9ba5ab479eb75f6105e62059ab636245cadcaa43c46d5af2d9975405b73dee095c0f75963344fb65460ce872dbe352dfbc7cfa42e7f7fdca16ed3a7676ca44e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 87402f796ea7468e0527f1fbb530442a |
| SHA1 | 427745bb8156dbf24f7d1f5323306037f6a22d79 |
| SHA256 | 3a4b2e1f22aa6556ab5f136aea422c62e1df5ce8a1a7dd5e1435620693bcb164 |
| SHA512 | ae770c8be5e8ce7dc8820f5b17ce912b33a97ea660d2d5e102616a2602b126deab92b3e08516734fb8068bc94ef8083d8078142e377198be8a68a4f66deb010f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 554ea78656348d6fdd8fd25d867c1737 |
| SHA1 | 4c6d9ae3238bf948036870a6d6b2accc46d6bfb5 |
| SHA256 | 43cfa1d3e5618eb2c8b3f775c54fe6c83826ee433ef6444f3c976c025273822c |
| SHA512 | d2f816c7accf808e8df6bf2730059826627203d2961748cd8bfcf386950b6dd3210d1c150bab53cc3c7ad8c4e0722f50ecf0b3604d6e72ceeabc9a14d879459a |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 6b04ab52540bdc8a646d6e42255a6c4b |
| SHA1 | 4cdfc59b5b62dafa3b20d23a165716b5218aa646 |
| SHA256 | 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d |
| SHA512 | 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | a5f105223ef0b591be97b1ca85de9443 |
| SHA1 | b6fcf0f00725cd50ad92615f04de9bd05ecaa6be |
| SHA256 | bdd3d9bcead4878145384c14804baa50d8cbb22f77607ba95acf5192cb367a89 |
| SHA512 | e0ab2cfd895fa45782011d8505936459f509fe04191335c31deaf2dd78ef1032af6bae4b7fe783025c66a3ec1be409a3e632a83af6b592933051ebc2609c3249 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 938a8aa9990f0812f95daf04323f13c4 |
| SHA1 | 7fb8d052215d601efcbf589e30f0427fb0bee72a |
| SHA256 | 084c94e5a456d72c2d0c5a2b400caf533fa998d0f5ec39546f5affff223cdf58 |
| SHA512 | 7887784cb52503caae49161b576bbfc700b67bf7dfc93245dc7ab46511b679e725c43d8d2981f2da77fb0746fc5d0fc3a73f6d0b9ef08190336e15aba1efcb0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 1b8e5496aca8acfc597832f2aee42ec5 |
| SHA1 | 9f8308fd46ec50e4de5419428107c5703ad36995 |
| SHA256 | 7c3b99a73f295ce216cd7d8143af310fe64cd0a6d6f60caaa7c7c4c97442bdad |
| SHA512 | f84492cf9efb9889e3578b0977d494367ca9bc9bddb0aaebdab5285850c59bbe918145abfa16a9725f4f47d5cd7c31dfefe98156e698a4a409288d5ae3e34621 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 56e81eee1a148d70c32df1fc2b59690c |
| SHA1 | 2142385c31ce3b5c98e63b241729106c237305e7 |
| SHA256 | b9c677ba0351ac1a6d6412d0f0fb6fb577cd5607a4b34cdae458b713875918d6 |
| SHA512 | ec3d1ae136de8ec93958ebb7e939fb16887f75cca31cad135cf87dc887ebe28ccd4c27a78bf3da7720ae0488d19d2f9f283b0d2158f2deccca7289e0ea64bfa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1acd06a8025155195dca0632b69cc802 |
| SHA1 | 1dd7ee259b2abc8e1ebd36a06bd4ceae80dbd793 |
| SHA256 | 01b3f5dedf1812d647a7d157c6f10525af6b0b75297aef8cc694ac3b064ff92a |
| SHA512 | 4642df7e411d598d979b6539a94a9203618ed4a98eb09036772232ab22686b7e87389ff30235c93d7b40a3b19eb8a19b133e0f8f45e986d1dcf6a73983154faa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | c03ff64e7985603de96e7f84ec7dd438 |
| SHA1 | dfc067c6cb07b81281561fdfe995aca09c18d0e9 |
| SHA256 | 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526 |
| SHA512 | bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 79ffcf947dd8385536d2cfcdd8fcce04 |
| SHA1 | a9a43ccbbb01d15a39fac57fa05290835d81468a |
| SHA256 | ffc11b830ad653e7a9d4257c7cd7a8056db5e7d7e89439b8fd67d1207b1729bf |
| SHA512 | 3dc82ecb2abc8c567434666a9162cc188de669927c3dada6392d8bd97d5e746f1ed350e1a02ec016ee2b1dc8a9cc5c71c553f2ef1293d6793800c276560859a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052
| MD5 | ea35549990f54b349e6508f4f4cac0e0 |
| SHA1 | 8efdec385374e1a3b51bfd29c3cc9315e7dc2df7 |
| SHA256 | 4a1c17a1326271540f84968f43e9f55f936ae9085e99a6d06592a53f98aeff2f |
| SHA512 | 67c956058c45810b4d06f4c3f2974c3b264289be435a06ca219df51cd51f9e25bbdf1db42c20d9f435f1689431b5106c21dff8a400ed6263a6b102dfb51ba7ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cb2ec4350c662bae240463ba44c37791 |
| SHA1 | 9b67877ce9760e90a413351058c35fa30c8d2ded |
| SHA256 | 82e9fcff2f11715b0750a513a975fe4fd19605651a20dee528071b6b8d1b6540 |
| SHA512 | e5deeb2e274072365958f5d96dd7a42962321a3ac231127bc0aea90ede4267d901f4c86da271e2235eb8b2ae1950f8ee23e602727334d66737a9cb91b01741ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a
| MD5 | 05cb4b9f101e025994f9686f3999fd43 |
| SHA1 | 7450f129ea39792645b56de215eaab1d91182fbe |
| SHA256 | 07fba84e209fffc2a8eea1a88ec8c77cc92644c9050b7669b212bf1db30663b3 |
| SHA512 | 9fbf0e99a1f19b362d9e7e31dc0b6f0d49177cea922d9d6acbc1b5a84d1bfce40c3a07e123b5b47ed9a531befc9a2372be3393502b5f00221d74ae23fe80efeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087
| MD5 | f2bcdf9060988910c023048a01c65cda |
| SHA1 | 1ee8b33e4aa1e1898fa82e5ef74323a2b6e3b1a8 |
| SHA256 | 2b92cdcc37266bf366a8a7f61daf5e06ac46ad675dd3fbc5b726ee091d63e30f |
| SHA512 | 7802dde7667637280758edc9749b257c0a7eb8244b0fa119106587964ea2cc950f8a1026f8ffa957e8491f6575cd4a07475cf9238f7aefdc1318043e1742fba3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088
| MD5 | 9aced2ffa92d04e9939f26cd46e0be9a |
| SHA1 | c9cbec3e2f22c26990b9215f5c3189a8b114e73f |
| SHA256 | a914bb7c4b52655d6b2a43bd1068d5f457d3fb9f2c86540572577813525a7373 |
| SHA512 | 466267fabf20fe202ff37993212c1127a747b12731200e42325248271d37887d30e553d83d483f5f85d696eba466e40576112863b66d542c254b84d08d772c77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | 5d3a0707312088a558d52a6de6c521bf |
| SHA1 | 0eb24f861f0cd528c6e1b3601818fc4696cf49c5 |
| SHA256 | b1182a3462d3f565a7f67383978400a03167f4d9959858f3f82822e51ae0d64a |
| SHA512 | 445fbad0d8ccfcb52dd8494e86f10403e927e90d058dbd2d0551687ef73e48fd81b5b831a71141b4841104395bd49ea041dce040e3f1f0b420dec1c1b74a19be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | b894d21dec718d57bd0acadae4b4269e |
| SHA1 | f004cd8b25337a1f85f9996eeacf133ce3f78cbe |
| SHA256 | 529e6b1fce3963b6b4584bcd37effa2d05481f9789f3e535269e29ee4885b670 |
| SHA512 | 892531ad08f6f7aac80eaba2df94aa71805ad3c2e9b8dc9ab3d830ed18a6a1ca40ad271c99b7266d18f31678704165d60d661e791ce93fb1ce9021eb6c957720 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | f020bbd8373da6a0f576f2a18261f68e |
| SHA1 | edca1485cf20f87dec34e0edc29ba27be36a9948 |
| SHA256 | 3bc445db46f00aec4f581f2ae81e7ec72a88d797f690951a23e8b4064287428d |
| SHA512 | db31159c15a55f08187d7d5f34c235d2f5dfbe39914a39f19fc6722b3316e06f26bb73998d2b1c80bc669f18cec8af9d590b5a523caee127b78dc44a0fbe40b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 1b98ffb03749105c6dcd5c3e38d169d2 |
| SHA1 | 371a50082ae516887b58f9594548fd7de9f9fc66 |
| SHA256 | 26580eff93a7e096dee4fc3ec655525acff4ac343f47eced5bd2307f9429e13c |
| SHA512 | 1754323cf81c20f7e2000517dddad37ee21b09180e3a2f0732301aeb73589dee438242dfb091733cd9217dd8e169dfb422114d56a00326f2ea14c4322c58e530 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | dba94a30353980aca0f359b1946618b1 |
| SHA1 | 62606bafa6021bef8dceb53d42acb8ef8f8a9a71 |
| SHA256 | c04f23691a0415deaaa0da15e364b189c17648b372af6d25515878bfd6f88744 |
| SHA512 | 585213d6fabc7f156003b2e9105eb48a31e6c9361a6feb7081a05408528d79f6e5ea8aad982969065f10f8007d34d5090b99ab138a5538261c9891e86b65c02b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 00a5d2abc29b683ef68c50652ca1a631 |
| SHA1 | d03c0e33dd9cee694e0c02a0d18b8893e4a0219f |
| SHA256 | b9625e792ac46c910e8d6499e198c34219b5c34811eb5f86ba6db15d7ee66406 |
| SHA512 | 02395ae1b5c6c2fe5d1d5c926384c7d8e3a5359439d93f1f865a28efb5232f98ac1a32793890aab0ed273f22db5cdd619a00ef761dc30a11cace12d8242cea62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | e2a180560ec2a31bebdde48255f3d726 |
| SHA1 | f6c8459622c6b196ba83ed70136390b0539d43b5 |
| SHA256 | 03fa5e3782e13cd321621ed1a4de764b7ad63e2529a0e0a1e7edf0ae5b2088a7 |
| SHA512 | fe00721416d13de333d45f2f40f29199cb31fd16100333bbea5d6064920bfeb688b684a39e48025261f9cf798590d9cb4ad0971fb125b068d474638e502e07c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | be0276c82a536bf4697329d4359f7a02 |
| SHA1 | d979200f1701aad08eb0bb89b55d80aa726ccb48 |
| SHA256 | 007b2826a617d52a646f521be7d33dcbfb098391edf6ae6e677f6369dfad451f |
| SHA512 | 8390459e8ca238d22f36985dfb484a107eb538fe84bf9a401f2d87f95a17b14a29be7372095356d95c2884d2a4ae31b5a352a20029853527e0d92fa26d95a2e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | cc0b451d2a302778c27e9ad32cfb42dc |
| SHA1 | 1859059b88137f7953986ab2d8f072cd103d8ebb |
| SHA256 | 6e9f249d9d06938f3c3d3442a59670eeaba598dba3c4410a3747498be8b8e9fa |
| SHA512 | 580c4678dfad08d8c6b4a7c496fd2190a65066274127ca067142c408fa313a4ef88318c3d7e6866f004c10b587735a70cdaf14ef1ef49e40d8d3be6329826506 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | b04f5185174569312fa0207f744054b9 |
| SHA1 | 0ed44b10b1f3ab552f0df29bb7234f0ea99972b3 |
| SHA256 | c34551510755ecba2b037a8545173c083322c606ad761d369d171f0b1d0b569f |
| SHA512 | 117b73c8b50d860a14c1d2ada07eb0bbb7cdfad802cc1c0d04976e4eab93f6b1a425dcbb6c9a95f39545fcdcf3d7a0e16bf053d05c9d9f246baa724866cbc03d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5f30fdda8e6929be3ccec529469d39e0 |
| SHA1 | 685a1c97f43cd2b7edb46b7647ecf311f2b6c144 |
| SHA256 | 8591bd0b39acfafda01c372c04c2372bcd105ad150bb71d0ce313b955b90eb14 |
| SHA512 | 5396b00be0b1a8d8b96dab4188dc6cb975f22e17adc6e3c55c02d0d80f4bd3c15a8801a0827e64e31dbf618b40707a8cb718c80361ef967a800cc006524dfd49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 93f48895d9e1e807ff9ae8e13452e977 |
| SHA1 | 1326da28242bc96a30b0b1bf8fe3c0b66e32ece6 |
| SHA256 | 5f260018d883669f0e6b25020fec91bae7b93459e8be0ae48ffffee3e1287397 |
| SHA512 | a9b76ca11ab9d864d961452d50b1019c2c191bcb821dfe2fe16e60efb824b05d2c48c4d2ccb83eb228bb5ea4c7c07d1f3d9db1b7b1e11a2fafab89672cede08b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | ad2d92610feb930e99b2e621526d992d |
| SHA1 | 4aff0fd17718aaedb55d83487eff70353eb0dd58 |
| SHA256 | 649c9cbf72a64e49271b5982f9838b08915dfb1d68b4915334e316c1cc11d945 |
| SHA512 | 998b286cda64282bb061132b39fa78dd77d349df6f1904a97f9cc0707a44ab253b7c3947f02b89b3595d1d5b18e58f58f2ca4e17b864fc3a26451cced627ef6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 9e4f5fe6ff105363dad67602473d4ce6 |
| SHA1 | 7f86d8c06f0c76d45212403f932bfcc59567dca3 |
| SHA256 | ccdbb5c733353d2496cdb97784eb57bc93df3c54bc0a01540349af52e45706ec |
| SHA512 | 9bd78a08e063e7b23b4ad93657fafa6e4a9e1d772073425f241f6404c998a3f6b2402de0a6293ca3bc61b1c819a65c7b524ba0b6e549914cf2fdf46261475977 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 9c62cb273f0c28201fb6f2cc99663e18 |
| SHA1 | b97e244de730531bad534809cbb1bc9cd43af580 |
| SHA256 | 2461fc8c166e349c1269d3973d820188a428c33559b276a24baedde4375ea2a8 |
| SHA512 | b6d676362fa788f883d29ea3aaee621622cf80b6bdb34afdc61e0b90f5b5955bf6e4855890cf42bb232d393486855ced38a09057840a6fb2e10c7cb448ec73ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | fdd9349008127a9315c70ebf3baa2d82 |
| SHA1 | 033939f054a6020fc6b3a6ed5c47d7e7b4f99611 |
| SHA256 | 5f82a10d448dff881fd206711b7792a8eefc7ba7b32689530c6fa623b96d8c55 |
| SHA512 | b51f1f0aba2e4b06030056ba5c676dcd42b94928f7b783645f3213211e109deb24d19147970c50401e41f0b02a6f813465cea38cdef5eb098b4bbcf540ad7e7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | d052700010ddc42c72ae8ba399509d86 |
| SHA1 | e6a4cf647db48d2b96b235efbb78c779be7708ff |
| SHA256 | 8ba7246c55a84dfb453423c299d324701ab87dc1982b82f207d27e443feb02d7 |
| SHA512 | ad3628b796c84b1c42aa34b9fffe6ef17d5d750a1e20318aa6549f6419c83c16e4013f43fed1a3311de8b3b04aa068b0a5ebc51dbfe385f4597c0cfe3b26b1a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ebc74a9d77b20d6b_0
| MD5 | 43ba6e686cc9cea8a64a174981b43c54 |
| SHA1 | d8134a52f76dcdff5658836354f69c7e7c850caf |
| SHA256 | 656427e8dff6accb9b13e80d538ca9e15e6db3befa438189c2dd990495075dfb |
| SHA512 | 151cd2ebf1a00ea6e48311acd6a1e29a044c1673fa6ac3b3787f3a5778cf5e717dc848e74b4f874888093459e149dd3219fc3d4664ea047836980c26f5aac92a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f58ec8f11eebad2_0
| MD5 | 34a480133670ed423d2a6be37cfd01e5 |
| SHA1 | d9d058a364517fbe39e76b3a8a1591aabf16f04f |
| SHA256 | 159e8f2abfc71c08c68c633af2d628962796e6ca07469a59896ec918e838abb6 |
| SHA512 | 9fa8d6b5edd8d1c9729c5cb347c9f1a533da85beab3e3c3da9f1d3ebb66652237c757b3ee96589b1278b067a37846288585d2d556718fd8d9ec1e0df81637624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9bec1549d70fd7ef_0
| MD5 | 1384ad0e62202dc0b46398fd7b1f3802 |
| SHA1 | bdd88a8f796470871d88b9c415627dbe3b476c60 |
| SHA256 | 929b763fbc2d553a5689afec525bdf835b7ac4d0f731c1fc0bdeb1c6af654e63 |
| SHA512 | b3058bffdce6266cf1f75d8e6ef6bede40c4676781340a8171ff1a392dc092aa6a4dd031c3ab5f8f4262f068dfacd701a5b76da37c0e9da859f177b5a9320e97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e1777e35b0c337ce_0
| MD5 | 56abab0daf018a8bffbbdd6b8d3600bf |
| SHA1 | c7e4df7eb35754e1e55c7b2f8f03fa9b87c5c297 |
| SHA256 | 15017c18e679ac7d7cff3a5e2cd3ebf23b1d81d13938d4762764198ec2f883b4 |
| SHA512 | bb6fdc9cdc1f3294df24e9c305d468e13fe42318ceaf68f32288109845dd3a6851b35e5fe35fb73e7a3e1ccb5d8353ace403528f815343e42a1c4459bf1f6a18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\953bf4d0250ffd96_0
| MD5 | 57501955d7bae6a7be1b276c221ced1e |
| SHA1 | d07dbfc10455c56fde8c21485f0a5f386f52a276 |
| SHA256 | f76b84d6be7e0030858802bf716c270a9308b46cb18fd58f6bf1b6655aa93a49 |
| SHA512 | 971e02560db1cbc15ee40e1bc30fd158d3824bfd3cacd658a1681bb92cdad94f24e9a8d2e0cf6e1501ce488535b24a77d0edf5681543066f5400baa58a28ff24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c8569fa1e3b70145_0
| MD5 | b04e0b455a47fc83db1ff985cbc5ff03 |
| SHA1 | 69c1f7858351fab0aa8ce8fa6e486f4e8fc451f8 |
| SHA256 | 76102a02773dbeba4e7de4ba7a5ea6b3cb32442763fa18feaa7eb5548867131e |
| SHA512 | 3af4996b19a261f66366a5e3a8df088413e63e769bbfb47248ecfa77ce2b486af16ca2aeabe6c1f2da57330eb60f862544ae9cdf2545a83bd83a052ffb14d35e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 0d7efacbf81f99f9b3b82ac627cc34cc |
| SHA1 | 54ba921739b19ff14708d61bf424e4713a51cce8 |
| SHA256 | ee19dc2db1f7d41b35f1a8bd976f452d5fd58012d0eff83c53fb835a4ffd8764 |
| SHA512 | cf8b4b0f8f586c1ac11d220b4033f91a3a98f167110bae904947407a8b4896afe18bef08871d09f6a2634d58a7118345e90a358b386d889f83abb246d8b6e44a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6938c9f733ad8edc2683f505048f261e |
| SHA1 | c03faa44a67eabaefc2fda78bcc0009e8f7fd564 |
| SHA256 | 4be32b271788f64c5a3c4a7977ba6896366d15e9e2769fbb8216882d10d3e754 |
| SHA512 | 52edcca5dc5baa29622028a5bea79444fb1700de415a11c57dde204d46917481030b54fa39b5eff0f04976a333311d6d922f92625597458de8ba238052b4cbba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b
| MD5 | a4abf33199bea4b66a32d24287e94bad |
| SHA1 | 9e73d00d1bfbbf19e2e957b7a9926aaadc5b9063 |
| SHA256 | 158c20aa070ccabbd1c9767cf2166241c3babe8b49999e01a99291fe5bd6a0e9 |
| SHA512 | 0c65b9cc958725c2237e4dedfe70289c6aedbc51b9d39bc2b41f2038874590fbb90b1723b8cce6013732b15e346f42faa5a8f7a9df12a95679b336eb27614a3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | 49295de6ccd23cf80b6418a2d209868f |
| SHA1 | 42a955b4560bb22cb9b5b39577f7a691ea345018 |
| SHA256 | d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa |
| SHA512 | 2954ab185fd84a08933bb6e79d91e301021fce4e632b477e765c172cacf72913561e101ed2f7e66bfbdc5946b35f2b63eb2b6f878e0afc9d26ffe71ee112a1c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | 5355e2a022dc58c04ce0225ac97e0fd2 |
| SHA1 | f118b3fd803492eb028180d6a78d2c4827212140 |
| SHA256 | 6470cbf294208ad0da5d7d7b5f94e4dbd9507664f6360cd195a7abec4ea551f5 |
| SHA512 | de25e36ecd8e5d29f2ff569d05a71fd00fb18cf4e69115c3e9ec8e72e98a0aaaec71e5c196c5999161edbcd65c8e69ab3758c2735f8ff62ffab66ef6cb444ce5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | e03a26a5d7fa5fca140565dab2d93129 |
| SHA1 | 13d911faf4ae47968203c76c49cafd1f7312f88a |
| SHA256 | 8adf8b110c824b3a5baba25e1b19ff41c68dc5e5fa46631e3b54169fdc8e2a3e |
| SHA512 | d5274d425c9ea91aa3709c67fb2dfd9f0a173d1079468f04d68b6ffd8ea9511f9295ec71df02897a9fa811ce3acf6d0526d712381de8976597ed9a5fd2981f76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cceae3cf84b8fd72fed30b9243e7e627 |
| SHA1 | 414315d9cf8f49a914e5f12524d44a863d0a19e8 |
| SHA256 | f7965a30ad0ed7eb60b4096cb573ee2d8f25b36f474c635c1f2f61ea922ed480 |
| SHA512 | dc21934d0dae34a030be9d5d91b49b1d88e37d09d27e34751c09724a7cfb9acd8b3ff090eba0e629d96c62a391198143b279b47d9fd4f2886d0a71f3c712b935 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7341b6822429d20b4ba4ed8e66e06ac5 |
| SHA1 | fe11ef09d7f10834ff7610891469e3dee205b0d4 |
| SHA256 | ada292bccdbc43648845b70fa18442f231862ee0fc7904fa136b0a0799309f64 |
| SHA512 | a2e6954013da58f82782d92bd98fd3e510840f0741d2e4a5e60cfab0c45f5f255f4970e71b31990b2f5855afeafd2deb0adbd296f0128843a8dc98b3bfa94493 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aa3a01d22d8aab8fe612de7695ef3988 |
| SHA1 | 60952279a3b911ca2c290a3ae2fb2dcee82965a3 |
| SHA256 | ebc5307899b718b995e05064f78c9b15b4a0ff222388655387fcd155ca360834 |
| SHA512 | 72c203d6222a7862114055f109dbdd340f8c10b79897aec3ab6573f710fada42f8a17ac1b0f5ddc33dec73def3e6004c853f9809293d6f3139a879695d4dfcb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5feafea832f704435096c60df085fbf3 |
| SHA1 | f0afad304226f72d897bcbe7f00066d7648442bb |
| SHA256 | ced940a3ead75407016a516f09fc6766fb18cf5a2bcfc78eb9423b98262a82e8 |
| SHA512 | e85278f622af5230462558ad0442b4ad8d6e3a9f9167d03cd1b4600563109e3718dd258ea56f381d7ee743aa0884001b44a740e4a732c93147ebb39700a79af0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098
| MD5 | 536e991a61dfffa535ea03562b06299c |
| SHA1 | 0374425ff7f31230e02d9e369a4a52c79632d2ae |
| SHA256 | 5688eab965057123cadabe49fd69731a9d16cf1cf66ad1ee6aa9cfc4928ed7f1 |
| SHA512 | 36f47db3231f990ba3b60406f289c47fdc7efbdf95b6da6f876ab3f125be4815d3ea7d22dff53d8f18048e2c1a00c16a4f4fac5296af2bd2e2437b8db73a2f89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097
| MD5 | ab1abb9c62964cd6ebe622eb4a51f999 |
| SHA1 | 5694e9d79ec4643aab20a5dd4fa1a0f8db3db32f |
| SHA256 | 36310369ceebb3cbe10830f3070cfa10c1d2a65200e1b23851c2dfec9017dc0a |
| SHA512 | 67449067fe793f4f3e9d7b04b1ca5826b051207c3af08b13552660f8a50680c131e0469d1280b24c42e42a0c44ff8baba90e1a1c808b6cca12e23b739ac2043f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3bb303b599fc8ab461103afaa1003431 |
| SHA1 | c5b26ddbe02ec25b0d48235d60feb1a9faff6498 |
| SHA256 | 05b4a463aa1576e661e782a9aaa9d06d29fec5e1655e69b5a46ed69068ec0ff7 |
| SHA512 | 8e63e61dc2e3e1b8c43ea7d77c798933f2afa14bca6c364ec877cac71916a65ec95ae86f671a8953846ba12c1968eb0e7afcb5ee4473e627a97dafb5065965f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 97d0a973a606dfa5c60f76afdb1677ef |
| SHA1 | af529ab9baf8db82fdc2fd1286e6468cd49b1452 |
| SHA256 | c73f772bac3846f012de113cc3aba49c30c8e307e067b6fff0331fde3c70741e |
| SHA512 | be935dcbcae187d81ee3298ce73e6a15833db4a2042c51c9f315cc1583c35cc06c920754a7bec652d6fd9cd2d803810559bdf722dd337f62c60e6e4e3851aa10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9a133f74be7e046132e77e4f27f085c0 |
| SHA1 | 0e168924af13895eacf2e009bf4174ba52da6dec |
| SHA256 | 0ad08f592b96290f0d739475a782651a4f6fdbfc4e1116305aead34ca404503b |
| SHA512 | b4279b79a17006316f2543e8835b78130fa94e899206d90c98677119bac95c56b19e9c8c711169b988b9a8b1b4d8954e7f2964d23060742a5b93109a55d597ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3fb2310c93dc6653f5b25314bfaa0d0f |
| SHA1 | 2e5627796268f16340c4714741d774c866502045 |
| SHA256 | 8b9da344fcf704f95ba56161df103d2ed1a90596ecb5595f99d234fc969d6839 |
| SHA512 | 4894fcf0d54867bd2d7e350da3ffe61c624109a9bd9ef1003b006552b9f238b7ef49bbe26120cbce12fd1c5fcf981a2a6fcea6726ed05d0826e3f8537b3daa27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3461c4bd78769b4b9e4825992ea38bd5 |
| SHA1 | 1c9b79f2ff9fc7769ec9bb9cf35ae3e1f6beb069 |
| SHA256 | 4920ed2b1f1c88006d2815a4d247a8499d41bd76ff0d689073555ccd89c75365 |
| SHA512 | 8b7caeabdec3bf12cab3c17181291403e56b38289d2c2751bb257874a9b3158b8974fb60c8016484ab1d845bb374cad897d07c9e2eb5a4e7b9ab30c06d303418 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be41c91006f6564f4f055b9ec492befa |
| SHA1 | 4beb46c1499d984099db62dd3d6fe89fa6d80044 |
| SHA256 | 03dbababeea7e93829349cc07aa24121235f64e07fb760ae073d47da3d56104b |
| SHA512 | 832eae174940d36b11f544ade7525ea88cf3b09df2a2093a2ffce215d31a8c6da547823287ee2a16f6bc3a25313f59ce3091ce2474357345af32e966d75671c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e
| MD5 | ad147daee08305dec01a074967fc8636 |
| SHA1 | 93db16c05d6ecae608588e16e03ffc1af64a7ef8 |
| SHA256 | 35af96d637b1ce81a63ac6f1284fceeda5f74eda61b2a107c467b91ce472200a |
| SHA512 | 894853b75b87cb396b6849a10d8bb35a29e65db8b5173f12e53abda183b70839fac635f4daf4bb676596a042e4090babd08c3bc85f11711187936041d0c0ed21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | 7321b66b7fd2f9d5a4e28b3ce532b143 |
| SHA1 | 299439e0f11923c19068f128eb9057970c9d4b2e |
| SHA256 | fa6961b9594ae30137eb916fc6a33e77da81d26959349fcdfa50688140202a0e |
| SHA512 | e5af2a6f6d90ec19a54636490eb2a4a23f28c83bebf1f205a62054c2b2543942c5dc68ef0d1bbb62b454fe0ff25b59473275c39d191183ce82fa1ab8cf49f829 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f
| MD5 | da3c7b254516e84002071746dffc6b0e |
| SHA1 | 6ebd8d3fd67508c5be1c66bed2daceb58acfb5fd |
| SHA256 | 12719736d93a67915ebb3c38c39b5034e2f7a1327e29bcc0282a6debbff1fa26 |
| SHA512 | 076d9dc9325a22dd227f832ba0c2a20fbd7970fd00ad2616c87529fd7ca45ede6c878b898e2786d83564f46a5cf24667dc55582af46303390efe5fae587ae7da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8
| MD5 | caa29f011eceac49b84ba76ca723a366 |
| SHA1 | 3bb4d036163b7f61877231ae2873f45dcbc4f3ec |
| SHA256 | b4f9d2686eae4c30e20be7bdc3885268c9a86ebf3c5dd0d46034673601da2ee4 |
| SHA512 | 316ffdefb87481f727b2d75a6a2a3c768b26f65f828e290e862f51c2de52aa92cd39dd8fbe4d3ea6fb90ae5f3c07081eb64c379cd13c3f15c50925143b4098b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5
| MD5 | cbdf5d866f6af55abd2c0b1ec1f6e851 |
| SHA1 | 5f4463569d745420cef5ffd194a97e6ee49f4423 |
| SHA256 | c3345d061c2f8dcde67d6ebb1f86eac317ba41053e7bec35e55f2f48a1d6b5cb |
| SHA512 | 0f0d6e6d353360ace1817a94d9b58d1801669232a46dcf506b153760f91d0529271ffc2e33704fb3a3cb4b83dd76464ba0fa756161da5d84e46fa9871bf53a26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a7
| MD5 | e40f4473774abfb64dbb130b9a8c28c5 |
| SHA1 | a81110958fe37cf62b66505c50ab64b8c4aef5b0 |
| SHA256 | 62c0892fcb75a5970ac213f333220014866f107829c4d0e2ba8653812401a348 |
| SHA512 | 1da8e7510bf40a06cfb363dca037fd4dff5da3d484d5a273c6c31dafbd8b7025fb8c8a434675a042b16a72e6650d01acf1aa0faf68b2c671e4950dee576f2e96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bb
| MD5 | bee3ac4a8b5d2df4674ed39d4ed70ff4 |
| SHA1 | 4e25933753764a8295ffe63842fc623c8a7f3b99 |
| SHA256 | e9c8f34ef798cc97a059e7c691862f6b28e95be1237fadb3b0385110ce669d3a |
| SHA512 | ab6267e0c6d2025ab156331ffb108218a4f5aeca58d5aeeb51e335b7f546c6a5a0452c809e83d19f409573437bb49f12864f3b53f4fe5cd8c4a3330c93c11e72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ba
| MD5 | d84c2ee41abb7110fceca8729cec1dcc |
| SHA1 | f62f9b4dd95fa41e0250e49c37952f12a6089e9f |
| SHA256 | 3d6b1c71eaf8d198c37002c8ce7c5f47ec23390edba849607b36fd9f5a8a0b9c |
| SHA512 | 3008086570c5d07775b0aa56b2ff4bd520307f2f107c676086fe862c78924b18bb8f94cd57e96bb587a1409baa74dfbf5ecef2202a29006dc9f31c2439e808ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3
| MD5 | 838f86891ebcf2117ff5accdcc9aeb0c |
| SHA1 | aff21f09cf5ec2e23ad50483a1638e1c7459acee |
| SHA256 | c508f355d72eaca5d12705866da7c20fc5ce24944747abfd44d91d750c63fd15 |
| SHA512 | 18eb2b5e2a40e145252a6da05e5bab9e640b18fc575a411fb3bca8e122b61cd8a9f28dafc1eb20fefebd998da4a4e875900779483be0a5a6a8528df5bab82642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7
| MD5 | 908a640e6d650a4a2602804d25d837bb |
| SHA1 | b0f994bbab5e3500482b9bd258eced5524d38b7e |
| SHA256 | ed09234ead34681473cefdf84f280cf3797fdeaaef0e931af5849f444063ed2e |
| SHA512 | 72154c9052125f7890e77d167f69e747fb00a247240f279069fb1af0f5c9d6e008aa750a11844ed1b83548082650ad1ca8ff25af9f4fd3fcca58b3af83ba529c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9
| MD5 | f561e44e67c51675b516412fb53b7307 |
| SHA1 | 0ac359652f0766d4aab8bd38a95a887ee0f7aaf8 |
| SHA256 | 73f6a8bf95a1cdd2ed30df83f5bb8e84f547b8b8b2943550179475ac2522deaa |
| SHA512 | 20272748d55caf6ad9818d7d9e8c146e1f985b94166839ae44093a7ac601a37b2c0c605f5bb40bc4b020176c68825ecd3f75277d085cc3ca1d9b6af2d69fb13f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b6
| MD5 | 3b4741485dae3f24e5260f8294f7e0f7 |
| SHA1 | 5b0f2bf225442e1804ba7b8b958d8c88b7e59a13 |
| SHA256 | 39bec4c6c2bd232ea670270aac309a8702a11956724cd47d76c978c5e0da6b77 |
| SHA512 | 7f0b8171dc51ede4f77ac8df320b67ba3a46c3094b3164f2e98174c6d8de7f5fc1aee834818f310a7f0063cc256a33dbda66517d4b8623eb893fc9a93e3279a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b2
| MD5 | ffa859d7ece517adddec801fc9447d04 |
| SHA1 | 572954607d5610b8989cf146940a4450ab8fc8db |
| SHA256 | 8a8d793cc6459a9553073548816fdfcdc3adbd6a7d1ab2ba58d947f5623030d1 |
| SHA512 | 649444bd949928c7c1b3943465c5d0a9a79a69654fbc63875d74b3da4076f75aea01171d7a4982c29cad8eb8ce2de6cc0c724e87058c9f0370bffe440131cf18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b1
| MD5 | 0c54ebff84401dd9fa38498379276fee |
| SHA1 | 1583ce86f3760716b8a89b5400450a32f6f802c2 |
| SHA256 | ead27df6821ff9c411e0b8cd48698cfb62ca6bd9abc3fb7771cea100913b103c |
| SHA512 | f7b5c5e4a7ee2112ee49d25ac99ac1f789527e37814dc8b6aba27296af7028a3f0d513fd87f68e668b962cc215c0e0ff7a95a19a24fcd5f9e9bec721741493ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8
| MD5 | 468cb4943d8d7df01c1d557eddd74c43 |
| SHA1 | 1ce7662592bea29274b87766ec4d9564ce445140 |
| SHA256 | 43336f231553e5f6b422482054f5e16b0e0530a21662cc8cdda0d59377f9c848 |
| SHA512 | 268fb4aeeb95f4571d8f0b05e94c3845f23b7f62348e2cb8a94450d90fc64f43ce63a02fd6a46e45499edbc86d896379f0a0661ec6ffb2ac1414ae0674fac51f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5
| MD5 | 12b099ee1befefc0dc5ab7c8eb6b29ed |
| SHA1 | 3988abf932e8fc60071240d01649513d60c9d6d8 |
| SHA256 | 109284ae4c91fead8ad63b385f1f37ae84f4b33e75b30139d98a3b99915662b5 |
| SHA512 | 6b14a7fac6d3229cd036d410c98ea43d6149c6a5541f24c44634a3746b7b308f58bae7ab669c112d200b78da27e222c47feb10f27b642e95cb59978028b999f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b4
| MD5 | 5494451f9a2990667f319e5c87312fd1 |
| SHA1 | 5124db43357ac3496689df3aabae2207c012df7e |
| SHA256 | 1c640cf9d762a203f97f93e5df19ced12867037959953b84afc471cf3b4e73ae |
| SHA512 | b902e174872c29735117eba2031e02ed28d7ffa27926e715a3efd6d7627b058a9bfea04721036a0aa1526df40dfb6fd4c09f448e8eefb1456c65175ab27d5814 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0
| MD5 | 5100d400380e4a1d43e37c642bf37f65 |
| SHA1 | 815e07556a963ca4d2df1c43baf6448a418da6e8 |
| SHA256 | 5df0d68b1d7d0b52838dccbe16ef5095305d7f767708a4023356a509e8ea6314 |
| SHA512 | ec73804d5c23f8d122dc73cf3892c94c7bb21ddc868d3e33f4dfe09c50962c0768a5ba05fb550b145e4c7feaec86ca3d25cfa420020546444aa3324bda5ca39c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af
| MD5 | f661305c596edf399236b6f9c0a78481 |
| SHA1 | 60a66df8b172c92df5acac4affd14490cecfc38e |
| SHA256 | a96362e5922ab1f4a1344fe9348ba42c096f4b19a23dc2d4e70bebda7dae7aee |
| SHA512 | c867f36984998e6f5b3482da1162a22168e2983ef1fe5522f94ac6ea9c758524ae081c7b6f0ddcc089bcc25b45f9c455a76a8129bf2924b3e9d3887e4b1e81ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae
| MD5 | 97d700cdeeb48150f5356ded3e7894ee |
| SHA1 | d4e7278e0c3f4bca6a7722ee82ee3dc8b0ed6362 |
| SHA256 | 5e7526b51f50e03a58af53c03400e5b01b579d76d326788f70a89612be118220 |
| SHA512 | 9e1aec34410f78599d32f7ae360ccf6fce965dbe365c8f1e115e5c720ac29785afa864b03692ccfc56ff3a11ea41d7a13d8302f4c0612e46fda71e1b98bbc2a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad
| MD5 | 0c6cf7ff6331f151f576535ee90b3226 |
| SHA1 | a7976d79671cfa7be3eee96487cc1afe0aeb620f |
| SHA256 | 53d2fb53f82fdd59bf95701ef0e815956b6138b4b6c7a4bf547249ca81b304d4 |
| SHA512 | 9937ef4a7332984bd6e0bb2498999cb5721daadd815f05be8bc37ded8fc27b44a529b02e1ab1624a4a2c260491378d88868a19551caf734834cdee454657ce6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac
| MD5 | d4200e94f53c52800602c3d34d7d9880 |
| SHA1 | d0afa73e085259449d696973dad2f7a23f5a7671 |
| SHA256 | e4c5e10758244e5cebba4cce5264c1c4acfce97d2117d66cc994bf9d0bc79b93 |
| SHA512 | c1c804ffa72068d21ec8425a67a9b766db5a55ccf98407ec0be6ac291435a70ea09a9e9f9e6517f6b77dd171003d1d4ab2743c46b0cb46707f7b1743bdbc90f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ab
| MD5 | 1ae327b0ac981154bc5db89b7559fd07 |
| SHA1 | dc22ab4b626f98c1426beb66e7724882214ec411 |
| SHA256 | 162048186cc782459b762a834b08ea5d0cc17453eea41bdcce65fa0aa5fd2634 |
| SHA512 | 93bedcb6c7050f252b15bc520a8781819d3040af0c5c02860819fdb8311c3841d25c774807085380bc120eff97a35c7d56ebde32dd45d85481422c4fdfe27a88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3bb6bdbd6fb6bdf070e9839595b4719d |
| SHA1 | 07f345fef872ce79a86160c5547114644a8ab630 |
| SHA256 | b1902ac6de68b1a9010b38c71d834c2e1fc909a183c970c0db0ba033a4d55b75 |
| SHA512 | 7f91a2ea8724379e69e0f33b422feab47014c41f4cfd88685222fb446edbc6402f5b0aee449898125a6d51b169eb39c5c70c33e31ff2c3e8608831173c7672bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 22123f54fa1a771b395371997bf2da94 |
| SHA1 | 0fd77714e537939ab87ce697105124dee28df50d |
| SHA256 | 3b7a21504770ba6318bd086043ca85b9dd9380e05491625ed49e42813864bf00 |
| SHA512 | 77e56ef7396f7f63e52a678d1371f67daf11345b01638238cf30e11c63b6e306837c656a04a3bb431c6cba06418a51afc79e82311d098a2feeec851db11c3380 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c1
| MD5 | 19ba59d39a1e72e2791945edb2320ff8 |
| SHA1 | b3ed86499fbd06f307e7586761d0980c9e90978f |
| SHA256 | 195dfca1061ceb28d6eebe74e68b0c6c24773b06fbca5da5b03418d19bfaf896 |
| SHA512 | dbc1663013a2a4a5bc77a740e76bfc3efbd3f0e84a3c0cbdbe6a23e4dcd532b5d308567544dad35a35854b524d72e99ed296651fee5dd15b87fc3a739a0ccbf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2
| MD5 | 6ed0713b74187117344ee8a1e77f874c |
| SHA1 | 95f0872b4809ec29d9e948f314a2e973fe74ff13 |
| SHA256 | 9004cbbd7d54e6b0cb5f19e364851c3f87bebad2ac8ad9cc394f615ba0e4d728 |
| SHA512 | a3a25fa0bbf54f9044d817a17e352e10084860117b4c786c978dd4894cf17c6f83ca754296e79f2b73d15f9a4a162813a1c30304561a577e75623a012e855a17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b027ed94b46b0a6aaa33431f2f181444 |
| SHA1 | bde28330d047f60806585f162777b949de0d72ec |
| SHA256 | 2bed2a99676fb2b9519f809504135c6c1cc6f6b9bcad2189d6f866f6ed958ee0 |
| SHA512 | 21a804b67826254a76164af8b1197f3e9f209df8644065ae2dad903902d87b04119409a056ab17593c2647c14382e790e2b9591f221195f4ec04db8c20693014 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ba2668a8ccc55bb628648abed2866ad6 |
| SHA1 | 932d86a3b347ef861267030a7a14fdc5b358322a |
| SHA256 | d5afe7b47cc5904c88b1385e4247b963e2541f96248aad6cc61a1fd8b988e9a5 |
| SHA512 | c517a10431076d57c6ba5ee5cceeb6402b76d2cf5bc2650d006d6a27770f98b41bfc20861cf80eedf5bc85b5ce03b4c6e28fdccefc4f886dc9de64dbd8901899 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 76808026354d12ed3df626529ed28ada |
| SHA1 | 76fcbfe016a0721c70e53bcfb96627bff49adbad |
| SHA256 | b911ff42573d9833779c74cb5484024742e47cb0e5d62a03499d7f1d03adc2a2 |
| SHA512 | cae85832c026ec174e1df594e3b5984b10d7f08cbdc7f539705e56195db9368db6701ddcceb3589d1b4f7e6ff35f4e9738ec976e9d702c70178fb552ccc248f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1fd829f0b9679023e6587be10b40f9be |
| SHA1 | 410046ee0dacec3dfaec1750b70c4f60dccd8a46 |
| SHA256 | 520ec6e7eef98136e20b90ac671fb7ed28de82de97d7c68c84007ecb991903a3 |
| SHA512 | 27536e6249ebb2604daeb295d6f2c0bd9c81d1e77448aaa495b8ab705aaa196e88d6e9f0bcfa502dd96f651c456b874aaf0a6c29b9ad4f16d0523a0ed674c13c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5
| MD5 | b275fa8d2d2d768231289d114f48e35f |
| SHA1 | bb96003ff86bd9dedbd2976b1916d87ac6402073 |
| SHA256 | 1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1 |
| SHA512 | d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f4
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4bfcaaae3a318c6bafdab3ac63d42406 |
| SHA1 | 278c8fec241c2a83b53303960efd3541f3e597ea |
| SHA256 | 04d8ab932de88cfa10175ca062153e7bc3247ef6387b9c1780327d2b65ca55c3 |
| SHA512 | 01ceb69e128983de70103dc363e3d784e84d3eafb8c2ba3cb9fa0a6ace05d9ccf55b95ed0bf7e2fbdc65fbbd03f154ed43de369157ff5bc91094933fe07cda5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d3c2cb5684031e56b32eb119b9ee3ab |
| SHA1 | 3a667ff9a15e25bb6c0f85b9b9d963747773ef76 |
| SHA256 | 4841a65b4ebf4c49d703977f0bf95cf33662fed7fe249d375dd5cebb2cea4ffa |
| SHA512 | b778a9a8b3fe354500a53efcc514ec503a665023007b62f6ed2b8172b0152bf4b03478b855825ce457392a943c8ebba943e22c27cf842f7afabd408d6031fa11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f3
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f6
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a91af25779841505064e41c74f1218e |
| SHA1 | a4a5317e79f3eb735a63c8485982d6e6bb5ce8a5 |
| SHA256 | 9b96bb1f0d6b3710e7ce3a1402ba3bb0b63042a336d2779e021a770e00a293bb |
| SHA512 | 89535d180096db3cbaefa5a751cf83226da672cde99bbb5c5123f83e792ee56980714ff668c6a6f69d1028dce99f990b47eedd63ca6dc15766e7268d427be723 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b1fd194c1f95e0c18c49e507535ade18 |
| SHA1 | fb3137ede06ee57019f0ffc27b38f538a03859b5 |
| SHA256 | 4dae09cf37a45730257839d81eb549bf8028c88e5b963d3b44965f0ebfbc1831 |
| SHA512 | b82d8a19b31e147670ca65e1cebb4f571d8d206f014f9ae71bce2ad6a7e5a9c54ce46c8fb2f6ac58d2b79f8f911f977bf0ee7ce440cbd7f2beb9a678b06364e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000108
| MD5 | 914f6154623fb86bbc0aae5b80718394 |
| SHA1 | 2eb8ef1eb2c13fa81ad70c8dbbbebd3fcb2d201b |
| SHA256 | 55c16fb463bba8eba8f37d859cf9719c10b68e0854b6e6c0cb24d642e8374a86 |
| SHA512 | ffb7aa18b5a92198c84cd283662aa19a65a05e54a66ad79d3aab9ef7cf31a4fc8375190822c9d2dd32cbfeac677d47b874045944f4b7d55ed089fe8af79ea2fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f8
| MD5 | 8b06b747bf45671dbbfd53cdf42b39b7 |
| SHA1 | 036ab57ac56e3e82e24d25b1e8fc3da0e758dff5 |
| SHA256 | 77b7ba43678eb41699aadb083add7958be7f1a7d3bdeca68e356ce734bebb623 |
| SHA512 | d8545ae12e2ee9da79e099d02e94b227e79bd7d4b79ebb65fae983c68b1234d3556951805a659876e184db92c8575512e84fa850ff2f2f90bf93e8eb17aa7b32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 188c1843ec77b84646df3637ce01677e |
| SHA1 | 5b80642a085922cf7433ba9115dfc6d5e4524751 |
| SHA256 | 313312e655c8117120675a824c379d5b8a491f9ada4cd16deacd5f1d448f25a4 |
| SHA512 | 8d854f69313f697d698be4be30b24ad7adb34bab152117263b9659eb205d3a42d82056b6d81c92f5efe01e892baf3424330c2f12407bd402c7005b299cf82745 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7f3c68dc65a3b4558b32307e24ea4ce |
| SHA1 | 7e2814d94bd287fa6191d8c9bc7dd72d5bb45751 |
| SHA256 | c02f341faf86d864a4d1f4434f9b73bd1358c931f1f79370619785165393b2f1 |
| SHA512 | 16b6da04773071e4c219b83e35e48fe4cad8c09be2c14b6ffc9eb4340c13e91ea64052707ef21ee17780543efe8fd1cf3e5bb1ea2ae4964b56ead91c83d4a09e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 7dcb081a203ddc3c5eecea68481bdac9 |
| SHA1 | ec4aa6fd624e3a704531d4b9c61b0004b33718a8 |
| SHA256 | 3128803c051db6c1d16e591a9e67bd11cde24947ce21c46638a8a7ee62698179 |
| SHA512 | cd41bd8be0988e0ce357261f2ea9c04beced02434469542e5775d33c9ba27b62dec8ce1906e717b3d45509c284e6c45c96266e3702a73ba09d0a1fe71bb65e79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 9c55c987c0784f74cda1516f91aff47b |
| SHA1 | 42d967559aa03d3f07a9332a2425824727575747 |
| SHA256 | 6e6130a6e68979ae8c55d82e4e639c04a7a41c8c89a69df7757918c68a88917a |
| SHA512 | ef8262c1ca05c0df2521fabd3adaa00bb60a302485e2045d95152e9d85a3067785ff7629e7691201de02ee7f3949f35946162ca2e2b3f02f68b6393e48e3dcf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0
| MD5 | 20d68ab013f734210e52827f729ad8cd |
| SHA1 | d77906a5fd0f401238f47e9b642c99f6d3352ad3 |
| SHA256 | a486849c3ad81bfc80b5f359b1d0b479c370191287b94361e0ebb6e638cb2d65 |
| SHA512 | 160eb0ca466f27c59806437fae3276919851b65b0ecbe3f2d2630546c00b70c84f71d7243dc3090b18956898542375fc707438f70e64eeb26453ad0eabecae21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 2d0be76cb8ae35019c6bc9c3fce230d8 |
| SHA1 | 6147843936dbb2a40842dcb90deaa57bef9d3edf |
| SHA256 | bc4826f22c72d36b9a729af5354604dddb9f0db6bb2fb2128a6fa1e4c8fc4360 |
| SHA512 | 6bba40c09367ab5855ece5f6bf6e1979ceaa76640e831e24a93c913b1fa3a9d3867a2eff76b591d0da706c95ee3420e53586f674a7794acbf1c78705590d01c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 66b8239b454e795e5e2094f84ef0c501 |
| SHA1 | 8d0cb1c1481b371a9614fd6393dc8501f3ec00ae |
| SHA256 | b1904f66ae24d8b73ac3571d223ca03ff43aa1f1267d6fb2384620dad9319731 |
| SHA512 | cf8799060a1dc7876e29f8307257baf1dcdd2a2ef7d88072bb6666a7deeb8baa5852ff378c727ffee4af25c00fc89741ca4457934729a29b1350be130046f59f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e239929a95f56ab5_0
| MD5 | d1bfc4f62bfbde36ab143325812b9129 |
| SHA1 | 4e6c16d3399974692a76d416b6cad3210132473a |
| SHA256 | d09f0dee48f469d79ecc3d56459b8ef180012e25ec3e8c357316367e883057a4 |
| SHA512 | 7ce496c984088dd7665c00b1b202a20cb44908cc83055b57e03376dde9201b947bdde528ad39c16e59ae0482a4bcc96813c360073589fcca25974877f947481f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d45aae6d8d9c9ff2_0
| MD5 | 5259c654161677a43af7612fa16dd49e |
| SHA1 | 9558616b4353825b4d0da448e77992440d08e76b |
| SHA256 | 54e1df2e1e87f1c8220397ce2099191a9a10d16145358e2bef8dd94c7da5948c |
| SHA512 | dccd7f3e07ab6ebc0424469682d2ee85bcb438bc3c6d865fb1780ea31605795e1dec0d6d77568928260d6aa5cb5de68933e0c8caf9cbf2f6d479fd7865afa5c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78bc646c0524ce58_0
| MD5 | dade2a34f607e80d44d76ae7683c8e93 |
| SHA1 | 60bc053baad809f7d32bdfb4afe0860489b4d828 |
| SHA256 | 61a80dec17daabfb5e376c9bf8f38b8ce82018d0597ccbad15ebb779061eb398 |
| SHA512 | 00a826ad9c7ad4ddec7f3b5d690d34cc21872489882f80c954c3aed120c0a6a25f9e62156ea219be9d354909cf3d494fa56ab2a76d436e509928ebfadb1f06bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ecd7b5fa78384dbceacc85534f3b3aa5 |
| SHA1 | 5d4142cc6447115aa442a99cc480494d3e70ca8b |
| SHA256 | e0b948e69971495e18d25072ec38747d9128424f107bd029ae9069fd98d18347 |
| SHA512 | ddcdc82ccbf353c6be03fbc5a896c6871a4aedcd3d54d6158f93193b5ef4329f489015a6c395daa61517320c5b933dd76ea84cf8e171c6e2c96e110cb7d4afd3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e4e9cac9994f52eb7d7139668e0a9891 |
| SHA1 | 230c4e5987c7e4a8cd6b3f5a0a64487737026ecf |
| SHA256 | 6334723bb4d5597e6ee8f1f8524541ec62446d90aef5c7509ae9d9887ded2be6 |
| SHA512 | eabfab6e8efffec751449e77da775b63bbce508a9b22a04ded7ec06d5f544eddb06190f37c500799283a50ad369809997d51c647e8f01d15f986b764f35888df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 754837d37e2ab5de6b4fa9e9fbdebe51 |
| SHA1 | 1aa7294b2b24bdcf10422164b91dd484f8bccaac |
| SHA256 | eaec34e1b6e11c78dfa5f1694832e0e4bbdb376b402219cde20950bd2392fde9 |
| SHA512 | 4fdb3ce42584ed1dac3ef955464e74025f25a6d1a5027f8594832fe0a80c7cc9aa33899e0268acae50cb48b9ad812ffd0deb9d9e6f1f9cd81fb540b08b624983 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f139f229e6f0497_0
| MD5 | 11810922bc781024af12889df85835ea |
| SHA1 | 34f755d6b69ddd435b4341fa6842d91f43a8f5f3 |
| SHA256 | f35352167211f8ad370b047fffe1853d649a3556af8efae3ce516620272238bc |
| SHA512 | deed346c7d93a35d58d6bcf92c669354676f24c91f640bf97d1d6381f723fb47f8675009cd26d3c1561c944c4b4a074306180222b305e2f37f7100361af87c35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c91c845c83814759_0
| MD5 | d51f881eab18bb470bb3b185d4987c20 |
| SHA1 | 28a71b75f6a61c8e3c1bc7c0600a939011da6171 |
| SHA256 | 1f743db35f939bfbbf33fa009b5f21bae4d5452aed7156074b3ffdbde40eaef8 |
| SHA512 | c582c7f0ea170b0f0c22a40f9cc9f3aa1216f509e0133cd58abb5d7d50857da4b915a10dc25620dc42bd93968d1d3d5fd78431d79b2633e8fc68a3d4d5bf1710 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 9cd6fe05b110e473e238c00a54294db1 |
| SHA1 | 52543195b5c88f64467d7018a4de82bbf603b705 |
| SHA256 | b5025821db9b6ff16b4d9a1550e7d8e77b27c4844ecb7c8cde2d80ffc6179937 |
| SHA512 | f799c20bcdcc9a8066b782e4bdf49bbb3ab0360a46d55cdd756f92ac96441ce8cd71fb44721fe31a3d9248a5ad945e52d532b48157989a9de589d07a80e347bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0
| MD5 | 657d7d1e0cc9f4a45a42c86b722ec57a |
| SHA1 | 185ceec0a563d6cc1582e33e69e0c49ffbf6b5ab |
| SHA256 | d6bf03243e04dae45982cfb8b644485048905d9865a7ea98554ae303bf2c70ab |
| SHA512 | 5f2dd7a97fda369cb95c2a2e5c0b195db65fd526b8a8bda46f63d53264ddb9e53db9c09fa47e6b78c1489aa730aebfd819a852a45ef9c6f6e9f98524cfdb58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f9ea5d207f5efb4_0
| MD5 | 82e339e64e690103562b5282719baaf1 |
| SHA1 | d84b4677e07a10ab5a987377fae54e65730d6305 |
| SHA256 | 490e4b4e858aad209754e37ef1a3db4d0a4d995f45cff8641bb2f5e5878f8abf |
| SHA512 | c587a4595c7bd1be4b733a8b15263b6102d0db17ecaf6c436ce849c0a953805ab466d3e4b319a19f08bfe387b461f0a7b6e81716cf7507d96ab33305d32890e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0
| MD5 | c20cdc19ce963aa636529ef4a7f1b291 |
| SHA1 | 491b374b5f646a5f48080249f0f713c00d4bcae8 |
| SHA256 | 5793306c43d4e4764f968327531a4d27d298402faa6cb7c7d2b29e7308a35657 |
| SHA512 | c5e2bc43dcd61951c246d975a359ecf6fe131c2f6a8b2ecd67af8cb09fc4d7c329d633d1864b20d890a3f3e99d6f2755359551cae9d2b5ebfb54540597304b97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0
| MD5 | 93008be68417e11047a3aacc0540dcab |
| SHA1 | 2a7503e29b2b19fbe1e43e976f0deeea36510c3e |
| SHA256 | 8e7da036451504836d16fc9cf96190917fd6735f05e11df5f62cc35327a2a3d5 |
| SHA512 | beff4b748c6ee535afaeb731dbe98017f3e5f53bc125aba5cd134f5c43eb9d34d49e7566123e854183880e67cfe5f3f20442493265bd41c398518dd37911071d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\782d018d3f59e184_0
| MD5 | efe7d2554d3ddad64783afbbf9ae3140 |
| SHA1 | a243dd55704488bceac5307dddd4367a025bf2d5 |
| SHA256 | bb76df1b9dcc3a29c6b81db431c6862e70e93162288ce4453e7dba2a58805eba |
| SHA512 | 7c8bcaa1e34cf66bf0530bb6b8752ec9750c05a5be7cad3d05e04fdd5d2f12b6aca051436b2afbe012234db6f181eb3218a31c7bb3df06426e0da8be7834df74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | a20fd0d6e1d48ae1259f97f61c6a31aa |
| SHA1 | 1e032f9db8a761fd6a5e2073af1f7491fe8e60ea |
| SHA256 | 6b3ae9f7f9196f04d35b0b65f3213321c5f1443d8f38911bb1013d1b6ff4bae5 |
| SHA512 | 09ef996dc67212f2175d9def8a72e279c2cd8901fad1f8d72c33c9c4c0ad39b5c350ab0b560cb4433c25076e67195a5954f0da1d13c58daed78c1934db496f72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d693ac0f52716b_0
| MD5 | e5ebece7c5c3a0d9ede971fb4761e95d |
| SHA1 | 3486bf7042317e3ba469ea04555acd8dec2625bb |
| SHA256 | ad35d13d3f88f15f0a01dd82b1be8c786d79ac3b2814a47c6b566b7dc593eca1 |
| SHA512 | cb88b2d9c6ca440bd25d1f21513411ff68456d267569f36ed8d8e63a76795345efbf213c2780e41fa728ba49dd3ea688186beab78d9008419ed66561ae55ae69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | e09de009b3a0f3ca400191300881f3fe |
| SHA1 | eace3767c33fdb6eed70049b1585281b530467fa |
| SHA256 | 77ba3ee3790f3bc3c279d1dd4a61edb2a5ce83c6b901b8839b209d387c43be69 |
| SHA512 | 0e27e93704b8dba9475eec0a4df53a368c509bf3ac78ad592c55d114f424ca0e50943beb20bd115a175b179e7c9b767d48b78b12f093b12aacd3eef91339b037 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0
| MD5 | f5a6d5dce476e5fbf877ea307a3e89e9 |
| SHA1 | 6974ea45d7c7d8bea95731666270e24f2dcfcbff |
| SHA256 | 5a89566aebccedddebf885551b642c6907993e673df54f788d522d2a92cd65d1 |
| SHA512 | be6e463642e6c57983a9f7b641a468f9755144eeb487a9a924a94436143551da1188a262b0d0c45aa9f51f69b918f36bd0472003b9d1eeb86d172d6357ddd33c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | ace83a457019e337cb770e041d3c3aba |
| SHA1 | 8bd0c98eecc672b7d08f982fbb75f0c6fc145a4f |
| SHA256 | fdd6cb9beea69e946f7100e4149e69439f22387ef8abc75c96d45dd4438afe6b |
| SHA512 | f53929170999d1b5b76a1c8e2df0f9db89719d7e950ddc3d214d9358516029fb5031e4cb6862501db0ee08df106d9c1ff76d951ee56b523fa8ee2aeade63fd8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | ff1889d02355274e3d06602b383f013c |
| SHA1 | 18907f0448dc6d36878b3106a6b93913ffd72b6a |
| SHA256 | f1a5709c2ce6d40916d7aed08cd8d13735089e377cd368b792b5b7eeb181e64b |
| SHA512 | 0ebb791976330cf82a8970e8986ff8dab2125e4c3b5edb0d2901a4d7ca3f6bc486b02942bb1cdc65b7c93be270b7aaa054344b86e687fb3fc33eba58e957e770 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f1d94d5862e00f1_0
| MD5 | 1820e40350b8e118f7257a1219cf1f3b |
| SHA1 | 59c792b9f4464ceef15581ce17cb1d540ff6e93c |
| SHA256 | 835ca48068d1f327f4bb3ee89493cc2ba84681105d1b36abb5e03ec1b591d346 |
| SHA512 | 930d10b66ef3fe181a4eafd6334ef81c5ae79f672b02c5c9e4d611764a70afb6ce57b60c6d9183a92c7adace4acc63d8da2061fca8a61d5eb029dfe4df0ddf4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6db290dce274a012_0
| MD5 | 41d41c40e8b37513e57e8f6b2186259c |
| SHA1 | e448336de0e805694f4c5c0117d6404b3279baa6 |
| SHA256 | b8d48357cdbb3b9a0e58a57581719df207e33016ec31d81efde067102955061f |
| SHA512 | 6772505ecdb41fdd820b9455b50b566717f7de7c2734bfd86810ac731ace8edab54c67d509a27dc6e508f0c76182bb9ca8c8e5d59d2f8202391a1fd640631b6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8551150be49776f3_0
| MD5 | 5aa1e2ee7d1d0b2224b77245388f08e6 |
| SHA1 | f1fd277331abae0305b42745aa636558bf8387e4 |
| SHA256 | bf79ca4d88168ced96221b70f9b98958ad9a779a3b82ffb6491b534ae4be5a84 |
| SHA512 | f53114396a04eeb90481270f5b777e80797c9b6ce966cab64bb1cfbc099f10ae01006ce7ec37e9de8df065574dc38b53cdfe95d4a11dc7fa399ef43e4974b450 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c211c9dc68f4bf01_0
| MD5 | 8a55d560b6f647a91ec82cf7eef25487 |
| SHA1 | a693feb13788e78f0a5490289b7b84c4a53fefc4 |
| SHA256 | 64107ffb32efb48a5940f5f72d8461e02cdc67ea50e024985c9a5b89d0cc2b47 |
| SHA512 | 0a6ad8de423b8f8101b4af90910213f014bb1e785fc313ff1902d348bad726cf74f1dc9b3401aacae922b4ee7ece0baa7221baa6ffad44e733fa856cfb8a406e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0
| MD5 | 10aacd7c5f8aa053fb2a369a22c02462 |
| SHA1 | c0d60c9e74ecaae085c6f580fe73f10f2c68909b |
| SHA256 | 93970545cf233f3b0ce89ec7bc0644e713e239428a7d117820eaedcd9391b0b5 |
| SHA512 | d5980ca546624c6de0750f9322629d06030ae6363f94efbaa519f4cc4ca0e1384fd57e67a6eb6c17fb519dd25a1d146c43097fd776f9bf90eb710529d3b16685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7eb3a5f164f57242_0
| MD5 | ffa1d4e765d44f679227de517720f303 |
| SHA1 | 5210f3fb2b76df9988e6c699bc37c9e290e90213 |
| SHA256 | 7f95251fa3eed114e37c967c1ef284734c44f0f791453938e6a591c9c8ddfb3a |
| SHA512 | d5d5a4a6d4d5ab84b6d2e94f83d59b2b7a0882d6de0a7bcf7a85ca7af4952066587789102b0fab2dc696fe9891f0e5a078d8bea1ad255c32cbdf7a3651c2b97b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c8d24c1d75137023_0
| MD5 | 37188bdbb3fbb297c7b2e19542195afe |
| SHA1 | 548d2d693671b72d2c744342ad6b698a1f103bd3 |
| SHA256 | ce2e810552676c49761799d1291475368f9eeaeb4b128d746656d80638402ddc |
| SHA512 | 2178cab44fd4dbde551057b7f942931fb69ce73f313c39fe93bdd746ed3cb44be6640b3e880dd63f7fd75e5442795e38bd3c8f7e39609cefc1ae7aab7faa352a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ff4b179c1c05fed_0
| MD5 | 046549ad8f4d17c3e0ae6ff948eaf218 |
| SHA1 | 5ccf4e913c8d86ad7fd1ddf45757ab4083ce5632 |
| SHA256 | 16577d6ce4de78dd72e372bd33d44939a4cc8146b1c40bd63a5afa2f1feb4b67 |
| SHA512 | a6d008113af4993e52afa67c1d0219b3927ddbbf42acb543064800c28f0f38597115a2f9a4cdfd3d2d0fb5fa66f1267453a7dbfb54a48e800a6ec0268ac0acb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 37a403bf33aec1ff980a1126fde1553e |
| SHA1 | b76a5e9751eca10f357c76c81d612d0529c68b93 |
| SHA256 | 64d7aab8de2a222a5836ba1a4b39d5084b59ca6c43ee2546088578e197890144 |
| SHA512 | 90675a1e1ae8f7bd2726ae4518537dd8728c61f6fe20187033ec6ab6e955075f4772ba29ea912c72a3ab5f0bc1313e8ca49ca6443c80718b9d147f8a4cbbc672 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d6a6eb60ef3d5082f5ffaa220b98ea85 |
| SHA1 | 7011453622c3e7f3f0ad3dd3ed1753c6cea633ae |
| SHA256 | 82a1cc834e3da868387769e44ef1da1d8cdc202695db730c040424428e3d1fb9 |
| SHA512 | 6916445c92956f8e0e00f32c8d23914c17122b2018520fd524044640e39d268f95bd12807dcd65072a197ea87bb85d8e745e7a674289be08cfa68faf387e8803 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 39eca0437264e754dc4328215b47e9b8 |
| SHA1 | 2b4957ccdf49dbbf9166bc7d58aa35ae83d7210b |
| SHA256 | b46ae8383a5d0768412dd1c3b8c476714c4ec5309570ced16d53c102e9b5305a |
| SHA512 | 7e926266ab53dae35427340ab03c2a4d45f14f496374ade151eec03e14c1e9ac5cbd1264fdfaa25f3e0c29b8672d4eca1b620b68479e6bcbb151fb05df58f3a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8a5f14803e3467515963370bead59847 |
| SHA1 | fa705ce5df746c7cc9c82e783fb0b8352ed7fbab |
| SHA256 | 113d911dea7b317341a661d81ef13e3d9d7253c08c6967fa07c7e5980cf71952 |
| SHA512 | 80a845e33ab31bdf9423c2d381935b07832c33dea90594cc99e914789018276e6692051a2782137ad2df5e843bdcd4f684851114c605cf5a99ed1b44f6aca4f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2e8e2dc8686969ec63701f8568f9bc0e |
| SHA1 | f5e7f62eb1d81d78a3fcced7942f095e2a656f45 |
| SHA256 | f964ce065836b4a9735ae5fd546cd0e3c74a7471bdad200ba6ff095a10939192 |
| SHA512 | b02be34eed5d48e124137035ab135512e44b81b881f3c28f4762c01665fdc2532ed70dccc2fe78e5d4b9fac1c0356a8005614e669d948552ac6a096615e84158 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7edd5999ebe4a92fed33b126e09873ea |
| SHA1 | 66689acae0b3d9dd705875ea6e68bcf0098ba068 |
| SHA256 | c8c79c04da99166d1bd4777f7186ddc2494912b2c2a1967aaa5e972882121f0a |
| SHA512 | dc53452a2194120add791ba9472135844012c4123a28e0d1bc0617a20e5bce480b17f6cdad006cd5933e64e9a4d32bd4f259319afec3fb560d195faffac0d843 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72834688459f9f78bd6b4c62cd39efd1 |
| SHA1 | e128608a97807d678446dbba85c65ee8e4609100 |
| SHA256 | d64ca5a2ff383d0e89145f7c20550ba5e74ac7695e0340acae27cd4a25100acb |
| SHA512 | 60db4b74c3f64996ab4fea59d9216f3eb70c2576ba9a138394105f3bab3eb5b1b9495814fa6eee4f8845d89988f902d7b2dd5ffb75c34ca9fd60527808680917 |
C:\Users\Admin\AppData\Local\Temp\46b6bca8-768e-48ae-a631-72433f42f968.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6840_1337124286\ad55f00c-3c7a-4d54-aeba-51abbf8ca690.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c7a94def13f90561f8e7091d68f58abe |
| SHA1 | f3164f8767a13bdbc0e30160807792aa3db326fa |
| SHA256 | 3f05aba941867dd5a90671038574cccf816acc8bc8dadb67b19ca0d1e3e19ef8 |
| SHA512 | b0382104ce0830cf09f3606e0e2e84af437c2c22ed980487e26d92bbecbfb2e2fa76b3aac9c28908c8a67cda8a065459e72ef66013a5952aacd6251de0f02714 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6840_1337124286\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d29377ef279c5a94c29a9ef9774d0b58 |
| SHA1 | 1ddc19d1240147ea59ac1c6c56e0de1cc71fd14d |
| SHA256 | 43166632d0526682febb2c8d630263689d5a0ecc2c03e9259639b4f547929c71 |
| SHA512 | 321ebce1d669d74a4b039d338a93c49c44a93b540368312cc75aec84f566dfb43b192b28bb05ae186748c182f95c1a81d8f0afdda910c0f6c3d9b49b0995bff2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4c29489afba907cf100e4b2854fd8e28 |
| SHA1 | 5d2835922ca7a2aabec7dfcde21bbb13f45775cf |
| SHA256 | 322100a2b81108a6b6b87e82af2ea7b4a95befe8c5bca704fb0f4b1e2ec183ab |
| SHA512 | b0a7c649c1ce4e4444031523f0e9accd621ef633339f90bb324c92ea4176bb67af317cfc9c66ab9c765d1f91fe604fc28850d2938ea0330a157971048b89506c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 46f307a8bf8016267d79565a671d1ec4 |
| SHA1 | 96439b793ffed5da6f69b22c1ce2402286f56746 |
| SHA256 | 0a7ea5f6cdcd9039b35d6fedd23a14cad61ed993d8fb6ab9d13c5fb2d58ed46b |
| SHA512 | 07da0d41b2e74645513ba07f9993ba258ccc14b1fe01996119a28d7bdf7498d98a3cd1e323a3a34693fda08bb757de0b12260e5229e4965d2615ef17346d5149 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e1eb9bd0f4d7c64bb66f15a34278212e |
| SHA1 | fc873084fa9ebc34ddec92284d44da92f3dbfb9b |
| SHA256 | 53e2eb6cf87ab9a503843357a7f13d5cc72bec803cbe02c34e592aa828c65e28 |
| SHA512 | dbd850d98bbeeb6b2b19e2cf07e2bb3c173dc13352229e36ade1cd340f6f90c033a408bea9409eee7841d9980e44fe24bd486b5daf4882e416b6450da1385c3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d2633c9dfeaec39df1adb1ab47a6bf2e |
| SHA1 | f4b8a4fe40fe547af9317854d2a9210bcf81fc9b |
| SHA256 | d3250274270d4ddbee5257d02218ced2beac13efc24f85be951100737e2c5ac2 |
| SHA512 | 9b5f9c7e041315ceab3f5dc8af51a0dc849094de23b4a75cb24001fa478b05a5f5cd89c27217a1edad9996bd25ea6d970f296ad9610a463c16d3ea0c560e0711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2fc2cb60a88ade7816902920199ef0bf |
| SHA1 | 526b309f96c0609b77b65298bdc704483cca4dad |
| SHA256 | 05005f17c9e9f28a07d9329f3881a3165e0a8e5bbfff4824d7c69cf4cf27e280 |
| SHA512 | b74683a8ecd29b10299f55dd1b13f2b50e9ba1a8e878ec0c3c02463a4d4f8e2db7d199e85c3b37e454276ce6ba68ef0c7f40547566f78842f276a2e6741b7453 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 673586bd899d95f1e2fe7b0931f00729 |
| SHA1 | 8c5aab281da8dd4b224e26af20f1546b54da6212 |
| SHA256 | 8da8e92df02260392a4d4329da7f777e46ee95190e67e0222ed9bbdc1bc39fd1 |
| SHA512 | 2fc2a0b0ac0ce893222125602b1d528c826256f6fba9b3791fd2f511d1f708615dc569414570cfdf0d2b64c93e414f26218079220a3f92be4d8b9316b197ac83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b2a329c00556a9b3459ba3f7c506d88 |
| SHA1 | 16f15cc2c439bd6b4c265da71d0541051d08091a |
| SHA256 | 4a177d3856c1a7faa0ef478c7ce68a66c3817e1338c0951daa1ed3805ac87b0a |
| SHA512 | 4202fc2dd534db830461e5de43507549fe6caf0014f09250ddd8fb18c65c48b1f55883d983d53e2b2a888e9d5390ae65445fb6487cb8bb7d46490705d75699ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3f15a80bd03fd4ac6eb5ccda51a70745 |
| SHA1 | d44490b66a55d5087268a8abd896fed94aae741a |
| SHA256 | df2c345aff76e4e3f673e9d30fd50f1507a001af8888673b66437f2ca800da25 |
| SHA512 | 3d46d60262e46e189d37de0b69473c272f981d4eab497a94cc8b6a6f46c54789165f9a8163436b3d4ca45b57fdd36da47beacf31f3233df854e3b02bc2597560 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ed16c2f0897c35cf75c1080b89b3216 |
| SHA1 | d64c2d6511ff7e3ed150ace7972c147c2ae47f5a |
| SHA256 | 7798c01fb91dfd7c4df66f6ccc7e19afd803bc9cfb180c5beed8858627af1089 |
| SHA512 | 5c31feae681bdfeb595a0545486bad9ea520c2064066ad9926a896709f36b4f84caa0e5e7c8a4b8d36a5c1f7d3a214a55e4e3117825edbffec11d532e52bdd44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 815495c5b6d53491058fcf5851b51df2 |
| SHA1 | 36d54d6379ba20eb81de6824d70b8eeb96b33bbd |
| SHA256 | d9d994c470889c630b3d250ba34f4bf25ca581fa4f57bb9f09b064fe78c4ff08 |
| SHA512 | 414464919284957363dbe58323b77b5a9dac97f61633fd2e1e659e6433019e7021130fa97823058aa3d4daffd57e33a66c487ef345bdc379134ab6e0c711045b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1dd70577195ae3db5e0d3202812f69eb |
| SHA1 | 070db4564516518fe558c387c4bbb33e5f652083 |
| SHA256 | 46fc7348cd3014caf846eda3c0dd7ee5802a0d69eb535c4e75bc41dd7b97aa3c |
| SHA512 | ee286e4d527093edf65f477ddf3a640bf63720a6700e100735ebdea878b638f7c82f62bdd69d695abbb95df6fb0840eceaadbe4090bd03b7fedb8441ef309940 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 42f941f725163c6ed8ce03329fe2c1e7 |
| SHA1 | 9a4c5d205d29bde482179fdf01b86dc908181d78 |
| SHA256 | 85a3219bf4959c3a8e4bcb0068afbc0d355c13de3aa6cee3c282226de9e30c9c |
| SHA512 | f736a54737767ab7a3f560cc4ad94b326a7e36ea22bcba0f3dceb44822790be95a256cb2358ed375ba9ce9e68b39316545a979e1667cb729e6884241fa88f67d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe0922bd03337ffc38391ddecc429b95 |
| SHA1 | 63f90c43a0ef99c45d9981b3016a250b6327d7f2 |
| SHA256 | 4ed0c6a3d36f9e4128bee8cd01a4e198f904646c016e8766d519742a9d462a68 |
| SHA512 | d0b566e9e25cdf120584d0a862c213fca47d3bf5f442f77e012268481957c8cdf95b8aabad66dc3d0e480c6399623be522816053f5c29ec2e5df28e74f149718 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dd2ed3fe3cfb2bbe3ddd19bcff96d927 |
| SHA1 | d54095cdb9b47b436ee80d1970af4956e9ba59c7 |
| SHA256 | 1fa72398a5356f223f290d337223b083ec2abd15d311aa5a1dd6976057e802bb |
| SHA512 | 236721ad3a5a638fc036324b8ca2036564a878cbcfbee4b11c0def0de373ac37d427249f1cb72daef4fbb78d08bb9f79c5fe8cf165356047b249d14fe1d81d19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9c97002a9649075058a7e62002a6374 |
| SHA1 | a8f24dd89bd50590e37ea3b6fcb91c4cd1502f85 |
| SHA256 | 19cc103aba770cd4479251a80fea002c672f10205a6bef17ad94f77bdfb7777e |
| SHA512 | bc34ea975e9df7c4c9716976b42d6800e3e59dae8a8bf7313173250498aca91fe6807b0e8d3d8e0707d7ebd4a89018d4ab9515a265e90b610a95919baf2f20fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 97dbeb1dd3b3bff59bd5cfc0c3232824 |
| SHA1 | 29af246f96cc60a5db98031a440c2b42367bab15 |
| SHA256 | f51153fd4a03318ed684b754d14854f2a7c57e2c8fd69b64f9768fb268349755 |
| SHA512 | bfb04060587a95cd5bf59d585e78be958c21ef6586d8fccbc0ddd9db55bcb82242c16fcee729d79580b7c86184078bb80a28c1c8bc5062980264cdb9ff6390c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\c4ec185c-b28f-4a0a-9cca-cadcdfbbbac6.tmp
| MD5 | bfc397305d91b6fd3b4d89d41e77d645 |
| SHA1 | eee6a68bcc5544fe98e04a7ae60a3a36043ab0b8 |
| SHA256 | f5f08afa74997d9fedf1edd3c3b131852f9b60d7f9aeff06ce94bfa4297b16e9 |
| SHA512 | 171cce7c2bc3040a0159f9fd82ef663b0308b85d5f8c642182e63d42f197d59a7ad60775b42d51768b82ce018c43b503d00c2e9527764e0eea8c7a722c74f77e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 12ada1c99783bd079be675f80f2ad92b |
| SHA1 | 0a0a4f2abedadfb1b3037a5d533902c6c51819a2 |
| SHA256 | cecf40e4fe64659b2ab72575d7644964e2ad91f89b8e20a6f1aecc43eea7a580 |
| SHA512 | ce9a839c5906c1e0b9d37df64a7041f989505f80c16692e5f902debf9b348077da62bc30d2539600df48df421b9a0d489c296dd24f18e19f502959dec3f0a1ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 278a6f5a4497ab2172755e6146007709 |
| SHA1 | 70740e8e1c8857cdf3bc9b0655d09f10854351f2 |
| SHA256 | 03b49eb9c5db6405cf00850c2a30d97257c1a74f3df0fdaa94e4df215f73ba12 |
| SHA512 | aa713e19b467a90245e268bd31d38fccfb1b08bb57d2569d53fb0d4ca201707df2d561539a9b23c6d21b862eb6770764b63ed960379d66686fd945dcecfab598 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ba91238d0b52b19488d99ade0d4c41b2 |
| SHA1 | 108f2d79e15066dd7c25b3d3ac1de532d94d9a53 |
| SHA256 | f98e0a35b9188d126d7471728249b460bed6583693e8796bbcb6ef2f9b96bcb6 |
| SHA512 | ac060816a9c5b5e43a5af244d322a5653e6b3b7c613903d1b0eea0c6df8a522b40a274fe1097bb5d0bdb4aeb9c2d50cfa7728cf1467372b548707db5cadf5dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000153
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000155
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000158
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8c33c0a9151fb10a556c0609650d6b0 |
| SHA1 | 5d6492f5455627f41b72877974aca49fe3b2935f |
| SHA256 | aaaec1a191d1c7c687f27beca96cf8bbc5317c3e9732717ccab4a3c5ec2e7845 |
| SHA512 | d568a355f4214813ff342eba34df979d5f9386af9f97556f367e7c084d99d423bc6bb3f2ad373159d2b9cb0976b8a67dce18fd877f6c35a52cf16118a7d9f06f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f7c618170b70ed0da80a30546aecace9 |
| SHA1 | 1d22ab541c0cad06bfb8d733348147fd2ead642d |
| SHA256 | fa2e999934faeab16a20ad36793d9c9b4921b4374d2b876f3866f3b6728e99a5 |
| SHA512 | 6f7023a7dcb88be34ba4539d231c6faec5b2fdc4f80299e60ac998dcbd9f6f313a044d1234e64034ae9843774a4f216332dbff9b0f22016fa739cb229c0f2b80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe60b78c.TMP
| MD5 | e840fcc71e9dd0e46af74b4096741711 |
| SHA1 | 85ad278836202095899b45c1d89d90299f954f47 |
| SHA256 | efd233dc01bdf97e9599363e70d23f9aebaca64cd79b81611f8334c7940cf7a2 |
| SHA512 | a6893b61ef037f2aae706277d532d0810f5b2b84a1e79e9598eec0f16b896c4ea7416c4fed9b9089705361882bcc5d604c1fa9a6040b74ebca552cbcf00f9c53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | c43cde1df0ea78fdbc95fbd9dd54b2ea |
| SHA1 | ef8e520350a7d886808b72e30c99f1e5c1ff04f0 |
| SHA256 | 600c38ba4b80a07a848b67d388e34fa35f0e4fc8593d0e619421c428871c193f |
| SHA512 | 17e941f594ab13ce08af86160e1a219b4f37a9f6a8f406808703acb11c4da258330d201cba961b48c9d9e45209d33ee1beebc54f00dec51205d4e0b8dd853912 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7478cd5cd8b4b88a005053fe702e7fb9 |
| SHA1 | eeb1aa1afcc4e438e2dec646559bbe74dc88fc97 |
| SHA256 | 591f10998e229cd31dcf436dc663643e61cf40d8453e3359ff651073cd58a36a |
| SHA512 | daf7bca59e551ae65a40228c4157193ba457fd1761a8af414e910f55fb4d9b959f861289e0703c3e70acb4b1bd575b700056634b0fd94afca1bd242b4f2d82ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5bc5205084f11da1ead1fd53572a123d |
| SHA1 | 215294a5703359ff74a8c28194c3c6a854913bd0 |
| SHA256 | 12c37e504955f8e3e413d4603f52067fec229f26b08e2056459ca1c7692e2eff |
| SHA512 | 2ef854525c4f8a0eaa83872368a2b8a1e85e126a7078954ce712990db96c1b4fe37882a87512482ae0d445d313b669e28a44967c896e241d891a71b9c7acc1cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2e8e416c86e74ae2042e0e01c5faf03e |
| SHA1 | 8f9de921d93a6de5a898078ba454593751c9bd47 |
| SHA256 | 81d0a2b3ad65b0c1183651eca1d66dcba1a23e4c3c62c2628c427a3f88d3d0d3 |
| SHA512 | 80650320f873d85cfbe58880b76600f96133e558e4f5708e5564a31dd5ade59a02bbc57ad1614bfa9c51f1935e84a82e7e1355c8999edb2a951c748c9f087f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000178
| MD5 | 65475f7581791c7dfbaed880e4d25d54 |
| SHA1 | 85819b038cdce5854c308e6d18c6028c26d99b71 |
| SHA256 | 722a68fcf354461f92f22c0d8bc4eafe8a4c987d58aad675d92158e22dfb9137 |
| SHA512 | 15ef150a59080ca1dafa9064d707fd0caaa8357b076acb47784d2d82a21535b3a72d76182d17b018f5184c96c6df346b6c1b3c12d7b06053bf45bccffdac43a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52d6f39f7ee63e8221ceb6dc4ce993b0 |
| SHA1 | 30caefeccfc58ac29c00232d9ad59d9eee8fdb2f |
| SHA256 | ee8f691803c66f324e7d52fa86a32e550f0934de052af357fe220ffc5e605521 |
| SHA512 | cf89ddd4e48a67438ee584181a1f491eba02750b808e95ccdd072fcbea5af9b7cb5d34a358556406ec4947139e07900191899b806c18160755d52a52cef241ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd8474976076c5ccf08baa1da37fa7b8 |
| SHA1 | c7996bdc41c3d5875085f623d2fee50f2f001fdf |
| SHA256 | 1ae796b693946c6e8be6cd5cb52d5b39feac52d270467986f817607d28f61616 |
| SHA512 | 58cda4e2c22c15446b6cfffe5497d0364eac7b6e7534b4acfc9fb4947328e797b0d17946db5d5187cd9fb796d5a71ae86374030d593b73d90489e06dbac38f8d |
C:\Users\Admin\Downloads\adfly.apk
| MD5 | d9349571d26ecb491d1deae29349bda3 |
| SHA1 | 2c563f24c5fc9c73bfb251e5f6309616d9cee63d |
| SHA256 | 82f9682ed49318bd53e199e3df61f244891a80bd7965e34f180bf22e09adf873 |
| SHA512 | cbfe5a880eb308b4a096a465a25908b8fa73fa9610e44a3678140d83baa6180e4ccfa7449cedbc109d910525d06bf28bbb68b2c69709361f4120d8967af333e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d7b96f48c72752f8924c637d1c7e2b6f |
| SHA1 | 34d9c77c84a98cfc06482ae44c15d5a0c2b6635d |
| SHA256 | dbf35343f773fe56eb4e7e68ec9a94caa390da0986e1a26d074aa8f48a350898 |
| SHA512 | cd93f4bd47e69e823fd844e49cdb2570a71c2ae5e5ca711301f27f21eee996cb179bd256b66f7fe71fd32e01f79c76dff248f7f4cac7b85fc9562064a163a7f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d00d95c2d3e24f13edbfdfb7340423b7 |
| SHA1 | 4f31cc35108b4db1ce60af1e98624e045fc87d8c |
| SHA256 | 493e1e5d93d21299c8da711a642761f398b0185574600e18f28079ccbde8a9ba |
| SHA512 | 135bd24dcfcb3247ac4de478768043480eb986904ed36481efaf3e4707413db384b9799d2715dddc39811dcb5049f170763d0b30e434c726a907a44c9f9171b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b66f92a70ec41d0fed8cc0e302ebe5fd |
| SHA1 | 638e50c6ffaa0b5a7e095f1a1365e7192bce752f |
| SHA256 | 6a2c3de711d3f32fb5e68609de59fa98cd04404b638adcf591069ed7a82440ce |
| SHA512 | 0a7f81c498d41e92a682301d6ea9e5a192c9383166e01ea77bd0be4cc975d158117c68907087b510bc47fbdb9d53ca53673dae6ec96f17196ceb57658726c94c |
C:\Users\Admin\Downloads\Unconfirmed 695717.crdownload
| MD5 | a141303fe3fd74208c1c8a1121a7f67d |
| SHA1 | b55c286e80a9e128fbf615da63169162c08aef94 |
| SHA256 | 1c3c3560906974161f25f5f81de4620787b55ca76002ac3c4fc846d57a06df99 |
| SHA512 | 2323c292bfa7ea712d39a4d33cdd19563dd073fee6c684d02e7e931abe72af92f85e5bf8bff7c647e4fcdc522b148e9b8d1dd43a9d37c73c0ae86d5efb1885c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2b35fb9a550643a159359ad6c33b4fc0 |
| SHA1 | d452921933f1a5838e59ebd3ac7842b90a72f415 |
| SHA256 | 659eb5ccff6083adfc1788f6530900389e454dc81eda8b9a88dfe94d1806deb1 |
| SHA512 | 700e0f3285440d3f4ad9b850f069e3c47763cc4b7771cfa6febda602bd36e0d47cafb7eebcad24b43990e97389a4aca31db96fbba82ac764731f87b1d3bc5ded |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7e897d87631887ae120922fb9a100bc3 |
| SHA1 | a5a5b54fa7ddbfa4fd1c5de126f19c8f390a718a |
| SHA256 | 86913c0f7a6cc127e5a0b46f53ab2d29210c84cfdff3d08b1973feacb63ab87e |
| SHA512 | aa0d6f006d8f7bc3de643ad4253a84ddfa7abc09cd08a44865cb4000013b1b0a847486017e232f3e4b2a0301ca6a3707ce7a1f7b0aec229fd7b5325e50cace64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 95ef840cb1253c0ea71688671cdd0501 |
| SHA1 | ce71ed19080f9e06ad845586d32dea0ef0f051ec |
| SHA256 | a15c0eb3fa5d3608644aab455837b051fb118d0e3671a57a4dd815d6cf3157f0 |
| SHA512 | bd2a20d0ff8dfa235686d92c69adeb085806309a19cbb01cb19800b3fab1258dddda9b62e441741fb65ad2b4df79f7ff86f89a8c723264f6c89676cb2ced9628 |
C:\Config.Msi\e620c50.rbs
| MD5 | c653e8b68642338b8d994b5812cd2e58 |
| SHA1 | f6f9f15a3c80c0eac89212ad4d7a7f89547793c9 |
| SHA256 | 554ab185b7614ec79c9194efeaa51c6524f447eb76e21bb0a77aafe3f91ea8b7 |
| SHA512 | 4561df511f37dc89d95316aa1dfdf52b5679a7aaee56202b0e7d97edaf51738328f8e821662ceaa643995a5f46c712ee4e07e87b66491d143cd0338c0152e2d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 319bc16796bfc4b929dcd6252a5e48cb |
| SHA1 | 2117f816141c576949fb9a927538fc6bd3a83f4d |
| SHA256 | a82be3b03ec005bf003f48eadadf8ea791acdf2a0057236e84abd3a28dea7699 |
| SHA512 | 91bb53a1550d499d1a08fae4e9837655f5e5fd36062ce52e5b54ecc280cfb06d8a11f59bb2f0f10bc3a19ed1d7517246af248cf2c59f1811121b83e4aa294560 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4613e82c5618751a07f160a535bbcd91 |
| SHA1 | f4815265746d69447b2873eadcfe0a0314a81c4b |
| SHA256 | 3105bfee7a7d3a55fcc017020172bfe15d9c3cb4817eb45352b092d1d940e596 |
| SHA512 | 33a21758ebc698a27355b99ab7b50dd2b46015cd4f7635462aa1b234872e6499e92e16d54cc9ebe5b5dff1348179d0313397e8414edaaf671d88a682ab73e6f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c4bac0b3fc55ccf9ca15b033ab54b932 |
| SHA1 | 9eb0793f658e07b9840ffa1d69ceef2c2b0f2846 |
| SHA256 | 3164af828078a612ae60248112a9d6410ad8d3cdf78fb57ffc899c851d0c4ca0 |
| SHA512 | a2d0723f39c7c7041bfcfa43297cf1d3a67dcbe304c870032668d8fa1db28d596cab1b6438d0e83c43bfd0798e0adf033bc5434cbbf838a43044238164a48575 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b96bc31a9d0319f490e304101d9645f9 |
| SHA1 | 35c781ec66416943870cb239a0b3069a7643c916 |
| SHA256 | e3116a0efdd088fce520cd5d985827be0400c24fd3eeeac18c12eb80a3468c3e |
| SHA512 | 8366bd6961dfdd35fe01f9d776b56c00911452d93881de06c5a99288315864941275fc2e67d0c9767ca2864fc5ebf0dd8ed258928a6f5b921fc7878e3559550f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b6547d15486f1a8b_0
| MD5 | 250382bdbfa729d13093c72600ec80e0 |
| SHA1 | a16f682a01ed1df28e3117191b5085a661ad8a14 |
| SHA256 | 2cba4ee653f353d03dbff93ec29ebd960c9298cc18cf89fe94a58de753b9f98e |
| SHA512 | 29e0a2a40998ce2cff4046232c75276c04c0a3cb51baeb9e5c51c855ec7c2d96505f851fcd05c9fed901e783671374b9e05809e6c2cab3f4338a0ea5bc40c741 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2d7c6383de7559f019940bd8a3114ed9 |
| SHA1 | 5f1c6ec80ab5eebdbf591cf7b5e910dfb65cb468 |
| SHA256 | 5c37eecf7bff55dd76a540b2d1935adbff9006db1d77f463c2066f7c51745727 |
| SHA512 | d900c2572070dfa9a811e84d3299cd96dace89335786fc31d3c7a9ed8614cd2fe156b1ef33dece63fde046254f72815804bd3c697d603d262d183eda35afd2ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0aa53e4b3d84faef69559c7579bf704f |
| SHA1 | abf5b8b98dba2234b9927d308659bd2bf7a978a4 |
| SHA256 | bbe3d6e2d1ce670fcf051bc898dac168703d6c3c9832ddbd1106c9475899a196 |
| SHA512 | d4a65a08780bc08ed9cb02720320afeabb5465efc3712a0beeb62ee75753fca0bf1f54f183997787e26c283ad4c21f3c52c0b4a8516af7e749089bd6002ff848 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b31209bc00bcf8f3961253d2a5175686 |
| SHA1 | 58a63cbe29438fc9d97a649d19a476508502a812 |
| SHA256 | 3f9484ec433f83add50da5af3a5e77872e0df415c54f54e2e7571288f050f7a0 |
| SHA512 | d0bf680fc8f57bda0f4a155c7c0f18a2cb7d6d3c6d810d88b7c0fc6c305cbc327029788b09261dbcd547c29f447b3738635a645c400cd6246cf6ce0c9989d273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 76ddd47e5f5fc2c6d5a10dc54fb91ab8 |
| SHA1 | fa0e3bfdbc817268ca971ddabcbeae391e3d6ad9 |
| SHA256 | 1d0b1a8cd3e45f5ec604d015f6fdee0a06ae79cdbdddef3a55db3974d1e51b17 |
| SHA512 | 484484a0d07e1fb69c95a64fb663b10fa7d44aa2b9b64466f51fe0871e9a5595a977c1e945b969d346ae2f3449d68e3f3e274a14ec5315cfd8fbf35cd3059a71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc4124079ce40c850c3e07517d255542 |
| SHA1 | b7411f42b209e1c8daedbf961d0f0bae56418713 |
| SHA256 | e3e9573449d6da19a3f910b9887fc6a10f98d2f038576b0b5ab2627ac04b26b6 |
| SHA512 | 0d308f523869d63e26551946e69d500ef5f97a735b12a3491e1501042ae154db60d329602aed15442c1cd2270404d942e7cf687ea45e63585c8c1a39b023a68e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6c9763285176af6224516a67b4e5c0c1 |
| SHA1 | ba6d07ab37db49408827ec558aae691f5ff716d8 |
| SHA256 | bdad6151439c7f53522e979aaf8879828233c7551e5d19e2e8fd7b7867856ea3 |
| SHA512 | a9706e40c6f68ed5a106b3dc9d2aa3adc3a9b9ba923c3b5863555cf4afeac91cd9d5eb25fc5db89e3545f409b16b6527a8313c073e26619215aebba4653df371 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c373c9f7dd5271f4c3d6d9c99a4fd2c |
| SHA1 | adf9178239cc5671408ea0293eb58066e4711529 |
| SHA256 | ba786e4aaf1259640e85e03f89d220cc76a3c1377749b9b2e213eaf33e288371 |
| SHA512 | b6e274dddc33181842f78d789b904fc01c4f9873056c1f08ed4a0aa6edb3494f68e08fadfbc501c244cbef2663b2f994c2c3eec50a333d5d20f897e86010d680 |
C:\Users\Admin\Downloads\Unconfirmed 870710.crdownload
| MD5 | 5c7fb0927db37372da25f270708103a2 |
| SHA1 | 120ed9279d85cbfa56e5b7779ffa7162074f7a29 |
| SHA256 | be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844 |
| SHA512 | a15f97fad744ccf5f620e5aabb81f48507327b898a9aa4287051464019e0f89224c484e9691812e166471af9beaddcfc3deb2ba878658761f4800663beef7206 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f577d52a7c98511ebbbdcf764168f7f0 |
| SHA1 | 3e579827db31dc17466ef6658b6258a7080fb6d7 |
| SHA256 | 2bd6e4075a11a9fd4430184788c524cba3898e4f5a00ba69e065711fb3fed83c |
| SHA512 | 999275c28b73a989d367a4289d919f57c96529a15926b0aa2a496e0cdc70a1bd7dcbf99d49337c81bc24f68a98bde5246331e45ba1deca30b352ea4e9a272563 |
memory/3132-5802-0x0000000010000000-0x0000000010012000-memory.dmp
C:\Users\Admin\Downloads\u.wry
| MD5 | cf1416074cd7791ab80a18f9e7e219d9 |
| SHA1 | 276d2ec82c518d887a8a3608e51c56fa28716ded |
| SHA256 | 78e3f87f31688355c0f398317b2d87d803bd87ee3656c5a7c80f0561ec8606df |
| SHA512 | 0bb0843a90edacaf1407e6a7273a9fbb896701635e4d9467392b7350ad25a1bec0c1ceef36737b4af5e5841936f4891436eded0533aa3d74c9a54efa42f024c5 |
C:\Users\Admin\Downloads\!Please Read Me!.txt
| MD5 | afa18cf4aa2660392111763fb93a8c3d |
| SHA1 | c219a3654a5f41ce535a09f2a188a464c3f5baf5 |
| SHA256 | 227082c719fd4394c1f2311a0877d8a302c5b092bcc49f853a5cf3d2945f42b0 |
| SHA512 | 4161f250d59b7d4d4a6c4f16639d66d21b2a9606de956d22ec00bedb006643fedbbb8e4cde9f6c0c977285918648314883ca91f3442d1125593bf2605f2d5c6b |
C:\Recovery\WindowsRE\!WannaDecryptor!.exe.lnk
| MD5 | ea06ca646cf81271614f24d95c389f5b |
| SHA1 | c91be80b6c81d8b75e72db62f7c5f6d63b51feb8 |
| SHA256 | ad6f6b2ac9ddfb66b71bd153db134efa6d122c8bdfc2893e30894b7e8b420d9b |
| SHA512 | 4475ddddd25f4b6e33eef78c240753bbfa8ce4b8bef2a33df680483ce95d65bb72b49eb36ab99e370ada5aa880e3039b5c2e0c76d461193c8d19bb706b150beb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 15e7ddab643570389fdee983e36af176 |
| SHA1 | 6cd37579f5e46ef653c6900bd8d138d0b5385c89 |
| SHA256 | c5470538731dbb5583cc3b460c0037c14b3b1ea1dd9f78f29261eab9e6ee48b9 |
| SHA512 | 7414f2255a9d19601905c454b8c0ff340acb7dd36f6537ae0215636ebbcb17a069b8928c3ced23ee717f32c67ee0234ff77e116aa4c4dcfebcfe69e46084c7ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | acd4b60a7b4d3e3fd36ce56e474b6bda |
| SHA1 | 04d80ab7a099e82d438079332c7256de03189ae0 |
| SHA256 | 1f269fc84c32764180b0d9b3f610c6c6aa3f21268e481839187253fef81f11ae |
| SHA512 | 0fcbf5a2cbe64456d54df3b0eb089ad4eab9e0b5b4c1f748994c87f5291b5bbf51b8afc5d05b785023c9c477f4898aa2efc3208aa9a81c0d5ec650eb8d5b0e0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 53f5668d238c74e594378b69e08cad39 |
| SHA1 | 481edd1147f26de089410e85e37d821894664930 |
| SHA256 | 9a92a4d869957f5d6813276e7bba76deea84eb980e831956724fd05c16eaddad |
| SHA512 | 1cfadef01c4979a82d882848e0ad23ef689191a191705dae7aaa9267866c48a6fa606b5b132328f09f8c0af3beea21f24f61026d74b7342f36a6f473ec04c3c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 07450474da9ddb9d9ae6d2a95e7454e8 |
| SHA1 | ec1331a120284bebd85b5698d03bc988810f13aa |
| SHA256 | 8307b108c8ce32dbd01ceb51b23e244b1b2ccf6c1b3ed6b949a67b543873b932 |
| SHA512 | 9eccdd14e33ac62ab3c5bae554bcc89e242b5085c8ccf94d57beac79c55e9dc01997b03deeb83cba61ced0dfe684c35d2c986e6a72b3c0bc0993fc167e6f44d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3e423b68def1d56f3991558fd44e8fb9 |
| SHA1 | 48384cac7cbdeada95747359ea38450a21ac8430 |
| SHA256 | 8415db65f975552e90bb92e3af275a5c892d7cd03fc0a1066d67011f397d9ae6 |
| SHA512 | 296371ee9581f3ef5f3ebd23f75570f24240cfb6c916b5e56fad35d1cdca59c41ad555dd74811fad646d47dc5bacd392cbca2df3cbd5e6f9c1ed61f374ba10ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | df157ba995039222ba899db5cdef7498 |
| SHA1 | 1e496af565c600753fbddebd21ac69365373750e |
| SHA256 | b75d0ab5e4d7c55985c29a7c8e385555c0e22e7781f13a0802a564f9af395316 |
| SHA512 | a4f53807ad0aab1d38cd26a30d49af8c0e1376ed323c575cb6352237d9e141f392cb54e05e235d13f3e39730506761f8dd9ef56af718193a50d89f28a003feda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | efb2d3a1a89925e1a634e0ccf3ae1fd6 |
| SHA1 | 5018f59f9fc3242bd7f5be4944021ff2e6bb8cc2 |
| SHA256 | 91c989a456649ee7f4f9c6f48b51f5b0dedbf2829311dcd16a6652092227bba6 |
| SHA512 | a0227a04051e2a340f23061777f22aa74107a3a07467a55897ffab867b1b8bf9dfa2d22f6dea624481b7915f37b65c78459d147bbec00f2e4d2f89884b9d3a51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 63b36861601fb71ef12f51c4dab84f75 |
| SHA1 | 8c3e7826c64a995b0f367a55ea8858b5d9b989ef |
| SHA256 | 655f09a13736f972f612e9578078afec52dad4be828d0a01e7e263405c529dfa |
| SHA512 | a22b4330710b247fb5bf80a5daafe3b53125762f5d2e5958a7f4ee39f0a699480537c38ea28588d4ae5d5304e6b79027e460c2f764542b2a8d0ba07df4a89029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\dd0d8e1e-45d9-4dc7-8257-6e3c73c94197\0
| MD5 | c2c4450dd9dd82f2214c555cead43118 |
| SHA1 | af8f5b2955f2f1976128d08045b35d6c939495f5 |
| SHA256 | 838fa0b08fba45c99233254dd2e1b02840c6f2c842a3848ee1fd343d0f3dc6b7 |
| SHA512 | 6e30efbaab63f33776e263a72a42a52fa15cf145edee80b129b50ac80be97411285dc1263cb4609896be6150ba49ba59fae3f906e9cdf55f8539da0d79837de9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a630ec62f54e6ae3ff8a83f3aac64a8f |
| SHA1 | 83f0f4aa3b5bfe2c2ec95165f9c15918fd10df00 |
| SHA256 | a961187cb03c674ed1e8aae5dc32a13d061b31459bcbfb24a95eb8cbee2a0b2a |
| SHA512 | c69d5fc75c4a9a3340d1fcf04dad3b97f5c38ad78babe128bdade5e98e4d1eed21516db3a0700f46f71c9f7eb7d8d95fb99039941c6763522e11ec1f5fb98045 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe660640.TMP
| MD5 | 6a0e8ad8fb8f2039e183a6dcc9ae82ad |
| SHA1 | 25a8f66ad6280c74b5fb0c8e3e31e3abb139f68a |
| SHA256 | 915c92abd8be6f1d39e032f261c4afd8a203a05eb1f2c1abc5de628e62c6b9e0 |
| SHA512 | c3dba389e0914052c959598e42283eafb638356a4508f5eaf9113d03a63741ce942f2c10d29db080a9ca9bad8c6ab7854361272202bf1010577d158129b8d940 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0e0c255c9c0977905f080a094f6751bc |
| SHA1 | b8e8f3c52074087725676d1a02abcc55a935973f |
| SHA256 | b7177469ef9f205977dac3e7ff86d2cabd99e7b1e227b8855ad370b34a905ed9 |
| SHA512 | 9f3cad9917371019297f57105e47674d8069d48ae7591e63dd7e5e89b360ed9741805475e5b91c89da105d0a6cdfb766af43dc3080f242ccb7b86914c3950b73 |
C:\Users\Admin\Downloads\Unconfirmed 960509.crdownload
| MD5 | 0f743287c9911b4b1c726c7c7edcaf7d |
| SHA1 | 9760579e73095455fcbaddfe1e7e98a2bb28bfe0 |
| SHA256 | 716335ba5cd1e7186c40295b199190e2b6655e48f1c1cbe12139ba67faa5e1ac |
| SHA512 | 2a6dd6288303700ef9cb06ae1efeb1e121c89c97708e5ecd15ed9b2a35d0ecff03d8da58b30daeadad89bd38dc4649521ada149fb457408e5a2bdf1512f88677 |
C:\Users\Admin\Downloads\Unconfirmed 874971.crdownload:SmartScreen
| MD5 | 4047530ecbc0170039e76fe1657bdb01 |
| SHA1 | 32db7d5e662ebccdd1d71de285f907e3a1c68ac5 |
| SHA256 | 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750 |
| SHA512 | 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5da03353755d501d56d7c1ba8eccff50 |
| SHA1 | 073ca06529a924c8f584a810ab76c14eee6a7e18 |
| SHA256 | 90678c31845b6caeb386a4f7f547c9db436fe3605899638f8c92ddf62783f5f0 |
| SHA512 | 4cb2810f2ab0f0d267553e18963747ddc08f966acc68cb6d603de9704487997de11bcf458c5f15edb92f127bf65d0b883666bce26c18172f3121adb8c43d1753 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 27532973c2a0a14bfbd6969a4d2a4df1 |
| SHA1 | 0caa2df3c0c8052906d291fe6e9b0632e9a1cca0 |
| SHA256 | d2968cfc53e218b261c7872c9fc27dfdfa7a2f63ec1127da71f0230d982dee68 |
| SHA512 | 863864523c593f95a60b6ae3e344094e092430c50a81a380cd5015b6a278cb9657384423420a1207b8b5f2387fca4e0fe76292bd8c31e6e8a66c46b7c7c3fd96 |
memory/7148-7739-0x00000220C2BE0000-0x00000220C3BD4000-memory.dmp
memory/7148-7742-0x00000220DE120000-0x00000220DF6AE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3aabbfdd3274ffd30d55ed3d7f58ca52 |
| SHA1 | d2c4f18f58af6bf59644f1da72074e7f596be553 |
| SHA256 | af527555e59b32fad09c467b808b4de2c2e75a24b5d4e719bb574fb3a1562dab |
| SHA512 | 5f1b0c87c600f65098ebb51e97019ccd4bc2af96111b5eed44bcf36476e708d95777a69705ba968275d65876f539500b2b55ce8c7a6369e285ae0e9a94dc8a94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8dac4a5a9f4dbb97e0798a976a9521ee |
| SHA1 | 252618c756fb61115298ade7a5c86f245c49ea65 |
| SHA256 | 682a96d6f4219deed75eb3c42b1d75810899d30814d703a3ee7b67cb097a58de |
| SHA512 | 053979b327b1d2621d2bb6a40d863cc3ed8b350d7677c2fd1e4f601f587a527c6ce0b5adf642f3f67326f3690ad545a78354b190697a6b094925ceb2cb099dfc |
C:\Users\Admin\Downloads\TaskHost\t2D5B.tmp.ANNABELLE
| MD5 | 52488ef3f42a79048b8cbb5503816741 |
| SHA1 | 56651900d95ee36de389c29b7a7e6dedbb421eff |
| SHA256 | 9ce5f9abb2fb204df9fc5db071bdfe0fefeb86da178d8c7b8e4ea29784c48154 |
| SHA512 | d42a0c76a4d24d930a9b6ee15205a02a6edec97ca16e9febc6eb47d05ff7d6f2af7c3d430d416bf464dc561289428d412acc856718aa5ead58de51b1e8facd5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f79c9332d3e4edc29ee747bfe94166b |
| SHA1 | 8422fe5f911a9de55072a76a9de7b47cf1ed7269 |
| SHA256 | 59cd6c3cc5eb3f421783e1f07ddf33a3d8aa4e489c95e1a8b01ecccfebcf08ea |
| SHA512 | ec5a5a9b96cbf0da52c75730927b148ed57830cc8456aec720ead59c98e955c078e54ab27addfa46458ae606b52fee102b591243578217eea98744eae32ca194 |
C:\Users\Admin\Desktop\!WannaDecryptor!.exe.lnk.ANNABELLE
| MD5 | 1a51f57286312cedfb86ba8ccfadd7f2 |
| SHA1 | 8376d567867f0d91ee9b38aaa6687556efa6736f |
| SHA256 | 4866c12c2aa5227d553cf56c3d339e5ae357f15c9b7f752712265d57ba5bb300 |
| SHA512 | 72f26e6b2419d11e0121fee5ece58acac430f8b70e4854c078b56d353378a3b090753d2af746d9caffb70642084582476ed5dad8c7733124629fefe915d222b2 |
C:\Users\Admin\Desktop\!Please Read Me!.txt.ANNABELLE
| MD5 | 81c1845fff664ca86f152adc8fe842ff |
| SHA1 | 8c1e93c4a80cadc66690b01734e3faddf886b2d2 |
| SHA256 | 146bab79fe96119a1be2c3c8a62d188685b5e9cd0817551b5a5377cabcd55c7d |
| SHA512 | c37490ada3296d8e555748bcadce5a7223f6ad255f6c14ae52643640031882591211c9a05dabc988a9fbc437dad8ca6b8af7b996956118774bf8f507b3e9d10b |