Analysis Overview
Threat Level: Known bad
The file https://roblox.com.kz/share?code=84f12fdc925423c7c7f53a9a9971741b&type=Server was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-30 23:03
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-30 23:03
Reported
2024-11-30 23:12
Platform
win10v2004-20241007-en
Max time kernel
507s
Max time network
484s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://roblox.com.kz/share?code=84f12fdc925423c7c7f53a9a9971741b&type=Server
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe649f46f8,0x7ffe649f4708,0x7ffe649f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,8936855212629442321,12253274891769349470,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3524 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com.kz | udp |
| RU | 45.10.243.43:443 | roblox.com.kz | tcp |
| US | 8.8.8.8:53 | 43.243.10.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.134.25:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.25:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 219.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.134.221.88.in-addr.arpa | udp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| NL | 18.239.50.82:443 | roblox-api.arkoselabs.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | sc0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | sc0aws.rbxcdn.com | udp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 8.8.8.8:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 88.221.135.74:443 | sc0ak.rbxcdn.com | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| NL | 18.239.94.14:443 | sc0aws.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| NL | 18.239.83.27:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.118.128:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | www.youtube-nocookie.com | udp |
| GB | 216.58.204.78:443 | www.youtube-nocookie.com | tcp |
| GB | 216.58.204.78:443 | www.youtube-nocookie.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 74.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.115.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.120.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.118.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.33:443 | yt3.ggpht.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| GB | 172.217.169.22:443 | i.ytimg.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 88.221.134.107:443 | apis.rbxcdn.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.118.77.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 13.107.246.64:443 | devtools.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 94.65.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_2456_VBYXQXGLLBKLVHIM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8878c2106eedf33383f3732e9af3b022 |
| SHA1 | 5cb07cf0a044221d913196165088eb0280454de6 |
| SHA256 | 2c97437a90ce3a3fe2f38751da5d84927ba98ec757e1a541b640c780fa160ba9 |
| SHA512 | 068737a6eeeaacc2eac78b9576bb89a79d205d53e68f7534d9ea2eb5d1a27c9b753176cf94f8085758dd8c1c2571f087b881bf0bd5b79a5a0cbd3aa7efca3c84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | dba41a0772d2e19723bc595357bf5993 |
| SHA1 | e7cebd6861d1f19c2904a137f1102fe808780e78 |
| SHA256 | ab96b9dffa1d9abffe715b79fb791e0b25ee67bef0751bb53416053ca70cd8a0 |
| SHA512 | ec6ef7519ae07709ff0a84ff449394ac506dd2f3a50231046ee52e7c7bea91339c3af4e8b03948fdcdf89bf9ae885f4e21b1f45ddfb7925feda3ca49a90be774 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt
| MD5 | 343859b4ad03856a60d076c8cd8f22c3 |
| SHA1 | 7954a27de3329b4c5eefd4bdcb8450823881aad6 |
| SHA256 | 8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f |
| SHA512 | 58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe57c91c.TMP
| MD5 | 8786acd2c41120b8ca91215212bd46f1 |
| SHA1 | 7be4e4ea2072ac19381e3c89c4307c5b80b7e8df |
| SHA256 | 8b44878a3593f37525e0ff4e5750c1bdcc5d4354cb00e6780c2ed4fd01d385db |
| SHA512 | d1f85c5c2e0c97f68f3babed826abce2590a3bd3406bd258d0c06a6857293f21347aa53d75aa05535e3e93e6b1b3a44f2360b21dc978878b38a3ec28ce855e09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fe7c61947b74fc79d7a698b71aec8ffa |
| SHA1 | 2acc4908583601a68185c3d3694bf6a0ca50e6b0 |
| SHA256 | a1becb383db492e0ec6d095d892157e827aedfa4d8072aed03c38f3ba2e429e4 |
| SHA512 | a79880bb0c5c25626f607fb96717fb0bd758ca414e2a6e34c0594ac60d9ecf4b30b1bcf493ae5161211d7b8d266446a2ccb7b1a89e9fb68d1f38c6b8f78f6287 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c763c316-bdc9-4f1f-938b-fe324a9c2dd6.tmp
| MD5 | 3c53b14207b51b4850bac813510693a3 |
| SHA1 | 4773aadb14f33e3f44d9d84866e1a19955c40adc |
| SHA256 | 6041b2afa645b08d3ebafa1c893efe0e858f139d1dc63af9b488ec4a361d887d |
| SHA512 | 8ed839267f87883b9dc8f729d97e0c7b1703f78e5e6d32a2f5f2d57c63db7499c64aa965c5050de1c2068ef9fdfbfba0a1087fdbff025a1367e60a0250556a6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 11b3077a741a820f682cb0681e17d420 |
| SHA1 | 2cd220da609af2f236d9f730775ec57388bd43ad |
| SHA256 | c4b3079d245064d3ea206ef1c24bb09670d9c4faf8cc6853badd9305ccf2f978 |
| SHA512 | bb4621581c1324224cb357a23e625f6137503342744c00b68718fb1ce79ecfcbffbb9632fb2a726e27a98fec4e76baf6f2a21cea42a904bd56b3ef210080f747 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580aa9.TMP
| MD5 | 86eba48d5f1c74f13107861f5fc4bfc8 |
| SHA1 | 1c1ebd44aec76aadaa1afcd8eff3344c6c1d8e6b |
| SHA256 | e6b7657f2c16706bb1206349bf95dfb04c380d27aacaf00b60c5286411075192 |
| SHA512 | 9d3b6af414ca6d6373a682aac5ed482448cc3f8ed57f83e7aedef25a94765dcefe68ac53ef2b9231ba0a5deae1243f4428f1b119bab43f62410cb226fb80f3d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 7fd069146ea79b16633bc8b45f90482a |
| SHA1 | 98dfafac54f6f5db51e3baea698208833ed1b642 |
| SHA256 | a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7 |
| SHA512 | c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0c79741b585c3f2d5c2a5dbce7db1943 |
| SHA1 | fab78c4f35e5b068e1f08901e1a1d3ddbc8f1b90 |
| SHA256 | f58e38113818edfceb383def987f4e5457f57ec5c8e41f5db041370462542b3d |
| SHA512 | f0abd6095f48bd73fd8c4fbdb1c4bb07ca87784a774c7480fe565c21f282feb61458923c2fd093e52e6eaeb1ab9dc8a8a23a5655639d0bd109fb659cfbbe6d3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58123b.TMP
| MD5 | 8f1468920b6bb6ddbc74251dd69069a2 |
| SHA1 | 9fb21c043cc198431251cba6b2319302a2768770 |
| SHA256 | c3ba325f04a4ebf33a412e69a05a20a0b0f778c2621787ed9b921ea0c23c10d8 |
| SHA512 | 8bd1770791a1f22a16263740031eb7a59c37f9ed3e7bcc0ab8611afa39648c22445aa7cdd07facb61a072343ce69475178023bd49880f07ecb5b5a73db90d336 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt.tmp
| MD5 | 7d06dd07fe602c284f33725dd2a2d4c3 |
| SHA1 | d930a714894fa380b842674ec9d52d040bc0dc2c |
| SHA256 | c7e6146bd3c704f80befcb45c6b2458dbfcb83a5734f2809f8567d6db96bc8af |
| SHA512 | fcd37604c73f725aa304e2c7936f62134a802d3d53ae21eb77c2d0dc999d6364134688e0e432b5685b265413c10cc39a66cad11d43eaa46350caf643b6d0853d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | d150fb711ad72a3862ff09555afdf572 |
| SHA1 | 169f55f7080a41082dc8c35271c63974f5abd5e4 |
| SHA256 | f3d793f104b300132dc7dc0c652a240ebbca770499b6531cc2a0f67336e589af |
| SHA512 | 9e8470b277a95a5ab077007f4d841b78863c67829dc917a5a5af816e5eeba52609d11982b9a2c20e8ae047782238340d1d96cb1fc8cff20477990e712fe1e75d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8c122ab94e1bdb5a7c4d1ac67ffec02a |
| SHA1 | 062021ef4c2bc62d794908073a33f915b72c7596 |
| SHA256 | 4960859eb648636956419fcc85e0a7f49deda742700b9d5e34a1b436da3c3550 |
| SHA512 | d140d834e14e4408a3ad8fcdb5b87537bf32e02f6c7bf5c04c8992517de191ff387a3419ad49e8d9325f1bde3ec83812b886905819b28d2c0fbf5f7084bb3c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eee3c5c05c3ab7175caa400deed53bb7 |
| SHA1 | b875c95bd7cca6a466fafd9dadba0fbcb11788b0 |
| SHA256 | baa00006c90bce0275c81afd79009b311be2b5c28fd469be6117781d19ff094a |
| SHA512 | ead6156ddc91b414b1c64b07fe6329ed0fb13fb87fc462168ce4ae6bcf515489c9dd7e4204229f14f2054667f2d994151032c9b470ff9cbe472f46058c82e866 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2ae60a8273091158fc263c49db7bb53 |
| SHA1 | 60f71107efc899722e28492dbce2df946a7b3367 |
| SHA256 | b2748a240e6a45325052e818d3077f257d5fe00061ca726b6cde2952f2439f28 |
| SHA512 | 8486c6239efff120f564f5cdeea674793f466d6780525e909b25eec588be5897144bf50873b1715547c0e35dc633189c12f745554df1bfee026c192eaad518fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 976b510f95777f412605b61e28aaf2a4 |
| SHA1 | 7509bba58d6cdd037681b97bbe63cc583e80b754 |
| SHA256 | ee4ce3672b578104f9b6a965b9f0576928891d457198a37371fc4c411b5b2662 |
| SHA512 | c6e3fe8ae0ba9d63b75a2ebb05c898a936c7b45a1f955738daff560f31a36fc9ce2787d0c21172f59f8a139313eb70515e354f6e291564bc0aaf9ffb6d4dc1aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\412db764-33ec-45c4-8ed2-43494f79caeb.tmp
| MD5 | 05b2431d0bcbddc733e041fd0c44b7f3 |
| SHA1 | 5bd77256d76af7742d61afd1e8b02a2257db772c |
| SHA256 | df9a3b57455af0db70d742c22530ef96edf0ed4afc98a43e4a1674d64c18aa86 |
| SHA512 | f8c9525c37baf7af23eabd8d847120e93958f0a8d8f790999a54621d00908d776b108399677f0f5fef099d18c698b526fb1e0c6baeb09ea6810e56ff9cad2281 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca7773f2a88a07db434cd911a9d9c29b |
| SHA1 | b7d3ffcc51320e560b467207dcd5895f54be3578 |
| SHA256 | 30db3e199f639a1fad418f29ec067e2eb5cef7dfdfff70ab6ad7ad822a3593a9 |
| SHA512 | 513df52374ee55d9c7ede32d790bfb03ec85e5f4c75cb60fa1fcedafae66f0a0a9f8911ecc5ef86025eccc3e25f7df5f2a739b74a7e58284e344e994512408ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a87607d563364c6faca9e43c676976a8 |
| SHA1 | 614ebfe73aac34cb985da67564488a9519609ea8 |
| SHA256 | 8d90eabefbc41ff1d18dfa8978041f669709e56eb2c3f8cb6b3f6bf14ebfee7d |
| SHA512 | 1f4b56756f52f89e02c022c80483d240c892e4ac378277eccac3e0a22cb8cb731e45633cf87a744ba30d82b776c77fc3a186987b100cf2d3551e094f9a4098dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d3b312c32e3a9aaee2132e771347493f |
| SHA1 | d2a8720b794784b6e2d27c99cdf169918dec2f13 |
| SHA256 | e4a225299c6ec6cdeea69c758dd243ceba5bdcf1af262fae861a3ab5e05c15cb |
| SHA512 | bf2627bd879c122276959c43b81971086088123651db5c59a7b6addf8c03588951eaf48e58ffd07ec5117bda63c99b91a0e63788448394a78862e085e37fa767 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b3a8035201fcbca0c5643d662a8849c2 |
| SHA1 | cd775431835bc30dc5e68840b65d775c515bc8e3 |
| SHA256 | 56a008adc7fd56f9e11a3769379cfe28b7d879236d2944716e27b80bce0b4ca0 |
| SHA512 | cd01efab138902669e46279d9265224c7f935d43843668ff1b838f9cc25639ce56ff77450e3881376341f7c5e461d31f7a5746a336b2d2f28a8f2f5143cabc78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 35e8ab52cdd1806dd7a8bb814d1ee32f |
| SHA1 | 470643fd23cdc6bbae75039942e6debcb8d36233 |
| SHA256 | a221b477a7e649e3b94d16f8e68aa1ff2c5e03974dbccab754a4c627410e5930 |
| SHA512 | 5097a42add01d28653f258a17f91aee6ca01a5f97138b080166beff2b46fb19cce8070862a7416b79a2222502d66006607a71c18cc18787a6add933f67d7d49c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0e2ff80b2865b7794a451e3bc4911ef7 |
| SHA1 | cb393768990b38bc78b9a78202096d0a19501845 |
| SHA256 | 51f22595c874300a1110a4c77c38494b6eb9f1fee9c944c786d16f4128ad7450 |
| SHA512 | 7bdb5c1b21729685b38aa9028a2be069b383ea54f86dc155e27c23486b57d688599c58d6bf53576639a09ff139028eaaa608d604ab87168a3ad67eca31f2f6b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c69e27c0436115c90ff3bfa0757b1d49 |
| SHA1 | 093c6119dfe8e1d916bc1142d20313d27fbf8b0f |
| SHA256 | 8a1188f29d51e809fdae9ee5d9721c9ae42c5849485ba2de2028f13b7f33cc13 |
| SHA512 | 570c0ed4cb01e9db9501392e874533d9c8fd9a59dd43f7ea8bbfdc590fef14ad3324c0ce0d95e385e820dad83185df18ecaa8d6223048a0de99b70caebb77b5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 72d60524be2b8541234edf5a672a3026 |
| SHA1 | 5352d49fec34c22dd0cbdc43fbd62dc639cfdca6 |
| SHA256 | 5c5aa5a74be3018528c6c0489a4fc4ab09940304ca96dc4f65ba176b32c30233 |
| SHA512 | f26b2150b266c876496d94cc1930fac2b853003eab689dd3146b1c78d88c3b61b04492a621b80ab9f045237a0b88fab2e311a2061b5d57ec2827e155c95ef5cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c0615e9c-120e-497c-99b7-6b1459446561.tmp
| MD5 | 6cd24b6206bf37482ba6b3444f07114e |
| SHA1 | e885c5b113c19b53be1d2756dfe0316932424eec |
| SHA256 | e65a5703d75a62a53f867c3fafec835e10d4e133545d7c25a20a7383b71f0847 |
| SHA512 | 54ed4dc91ff31cbd3587ae5219f2ca912ddcb6f83a792ab7b7af388839c2c2972349ab031d1de515ebc2fb2140e371a8be8bfa341c6140354fe6c806516e0f94 |