Analysis Overview
Threat Level: Known bad
The file https://shanghaidaily4d.com/RET/TRG/SOR/ was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-22 02:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-22 02:23
Reported
2024-12-22 02:25
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
149s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://shanghaidaily4d.com/RET/TRG/SOR/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe72d046f8,0x7ffe72d04708,0x7ffe72d04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7320 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x244 0x3c4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,2172776504424247898,9407570356472634491,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8884 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shanghaidaily4d.com | udp |
| US | 104.21.64.1:443 | shanghaidaily4d.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.64.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yahoo.com | udp |
| US | 98.137.11.164:443 | yahoo.com | tcp |
| US | 8.8.8.8:53 | 164.11.137.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.yahoo.com | udp |
| GB | 87.248.114.12:443 | www.yahoo.com | tcp |
| US | 8.8.8.8:53 | guce.yahoo.com | udp |
| IE | 52.51.246.114:443 | guce.yahoo.com | tcp |
| US | 8.8.8.8:53 | consent.yahoo.com | udp |
| IE | 52.49.15.142:443 | consent.yahoo.com | tcp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.246.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.15.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| IE | 52.49.15.142:443 | consent.yahoo.com | tcp |
| US | 8.8.8.8:53 | uk.yahoo.com | udp |
| US | 8.8.8.8:53 | search.yahoo.com | udp |
| US | 8.8.8.8:53 | geo.query.yahoo.com | udp |
| US | 8.8.8.8:53 | geo.yahoo.com | udp |
| GB | 87.248.114.12:443 | uk.yahoo.com | tcp |
| IE | 212.82.100.137:443 | search.yahoo.com | tcp |
| IE | 188.125.72.139:443 | geo.yahoo.com | tcp |
| IE | 188.125.72.139:443 | geo.yahoo.com | tcp |
| US | 8.8.8.8:53 | consent.cmp.oath.com | udp |
| FR | 3.164.163.59:443 | consent.cmp.oath.com | tcp |
| US | 8.8.8.8:53 | edge-mcdn.secure.yahoo.com | udp |
| US | 8.8.8.8:53 | mail.yahoo.com | udp |
| US | 8.8.8.8:53 | login.yahoo.com | udp |
| US | 8.8.8.8:53 | uk.finance.yahoo.com | udp |
| US | 8.8.8.8:53 | uk.news.yahoo.com | udp |
| US | 8.8.8.8:53 | uk.sports.yahoo.com | udp |
| US | 8.8.8.8:53 | uk.style.yahoo.com | udp |
| US | 8.8.8.8:53 | noa.yahoo.com | udp |
| US | 8.8.8.8:53 | opus.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| FR | 3.165.113.7:443 | opus.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| US | 8.8.8.8:53 | popup.taboola.com | udp |
| US | 151.101.129.44:443 | popup.taboola.com | tcp |
| FR | 3.165.113.7:443 | opus.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | 137.100.82.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.72.125.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | uk.search.yahoo.com | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | wnsrvbjmeprtfrnfx.ay.delivery | udp |
| US | 104.21.41.177:443 | wnsrvbjmeprtfrnfx.ay.delivery | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ganon.yahoo.com | udp |
| US | 8.8.8.8:53 | pbs.yahoo.com | udp |
| US | 8.8.8.8:53 | c2shb-oao.ssp.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | display.bidder.taboola.com | udp |
| IE | 52.16.161.1:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | video-api.yql.yahoo.com | udp |
| US | 8.8.8.8:53 | bats.video.yahoo.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 151.101.193.44:443 | display.bidder.taboola.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | udc.yahoo.com | udp |
| GB | 87.248.114.12:443 | bats.video.yahoo.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 18.203.163.140:443 | c2shb-oao.ssp.yahoo.com | tcp |
| FR | 52.222.169.27:443 | sb.scorecardresearch.com | tcp |
| IE | 52.209.201.22:443 | rtb.gumgum.com | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.41.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.163.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.161.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.201.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pm-widget.taboola.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | beacon.taboola.com | udp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 8.8.8.8:53 | players.brightcove.net | udp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tsdtocl.com | udp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| GB | 2.18.109.17:443 | players.brightcove.net | tcp |
| US | 151.101.1.44:443 | tsdtocl.com | tcp |
| US | 8.8.8.8:53 | pbd.yahoo.com | udp |
| US | 8.8.8.8:53 | am-trc-events.taboola.com | udp |
| US | 8.8.8.8:53 | americangc.com | udp |
| US | 8.8.8.8:53 | themoneysolicitor.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 8.8.8.8:53 | cds.taboola.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 141.226.224.32:443 | cds.taboola.com | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.224.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4c7f4a198ecefbb72d89c6986228ee80.safeframe.googlesyndication.com | udp |
| FR | 216.58.214.65:443 | 4c7f4a198ecefbb72d89c6986228ee80.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 52.210.241.175:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| NL | 178.250.1.57:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | metrics.brightcove.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 35.244.232.184:443 | metrics.brightcove.com | tcp |
| US | 35.244.232.184:443 | metrics.brightcove.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| DK | 37.157.6.243:443 | c1.adform.net | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | cm.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.97:443 | cdn.ampproject.org | tcp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | tcp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.241.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.232.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| FR | 142.250.201.166:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | edge-auth.api.brightcove.com | udp |
| US | 35.244.232.184:443 | metrics.brightcove.com | udp |
| US | 151.101.194.27:443 | edge-auth.api.brightcove.com | tcp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | tcp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | tcp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | adssettings.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | manifest.prod.boltdns.net | udp |
| US | 8.8.8.8:53 | tb.pbs.yahoo.com | udp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | udp |
| GB | 87.248.114.11:443 | tb.pbs.yahoo.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| JP | 211.120.53.192:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 3.223.116.44:443 | ssp.disqus.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| JP | 211.120.53.192:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| DE | 37.252.171.85:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.59:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.116.223.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.53.120.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | bcbolt446c5271-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| GB | 2.19.252.141:443 | bcbolt446c5271-a.akamaihd.net | tcp |
| GB | 2.19.252.141:443 | bcbolt446c5271-a.akamaihd.net | tcp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| IE | 52.17.32.26:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 2.19.252.141:443 | bcbolt446c5271-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.32.17.52.in-addr.arpa | udp |
| NL | 89.207.16.140:443 | yahoo-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| GB | 2.19.252.141:443 | bcbolt446c5271-a.akamaihd.net | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | crb.kargo.com | udp |
| US | 44.210.213.98:443 | sync.ipredictive.com | tcp |
| US | 54.156.21.112:443 | sync.srv.stackadapt.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| US | 64.202.112.95:443 | b1sync.zemanta.com | tcp |
| NL | 89.149.192.197:443 | ssbsync.smartadserver.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| DE | 18.196.193.73:443 | crb.kargo.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | b1sync.outbrain.com | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 64.202.112.95:443 | b1sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | 197.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.193.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.213.210.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.21.156.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.47.18.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| US | 104.18.26.193:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 52.16.7.35:443 | ap.lijit.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.7.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 72.119.184.18.in-addr.arpa | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uk.yahoo.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.98:443 | www.googletagservices.com | tcp |
| FR | 142.250.179.98:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| FR | 142.250.201.166:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.20.217.172.in-addr.arpa | udp |
| IE | 52.31.75.164:443 | fw.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| FR | 172.217.18.194:443 | googleads4.g.doubleclick.net | tcp |
| FR | 18.164.52.51:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 34.206.208.113:443 | dt.adsafeprotected.com | tcp |
| US | 34.206.208.113:443 | dt.adsafeprotected.com | tcp |
| US | 34.206.208.113:443 | dt.adsafeprotected.com | tcp |
| US | 34.206.208.113:443 | dt.adsafeprotected.com | tcp |
| US | 34.206.208.113:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.75.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.208.206.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| FR | 142.250.201.162:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| FR | 142.250.201.162:443 | ade.googlesyndication.com | udp |
| FR | 142.250.201.162:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_3028_QFTFMXTUCKFTXTSZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05d7088972c1b524912131d355352f99 |
| SHA1 | f20ecc9acfdd6c341e0a7d9633947ac620931e62 |
| SHA256 | 378042e1d59ee1ffcfc664c021eed1ccbe7a7e85e96e6684a82925a03d8b4f19 |
| SHA512 | 4857b5df8b0b84cc37c6b4d0d01af0f3cbc40621b1eb8be78161e5946e8e8844fb8388140fb700d1442ded27e3ab2ff0685d2f70e0f0b8333ef99e6100aff37f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dda7a4c540da14c05cfaf7fe98eab181 |
| SHA1 | 14997e85ba17d19c73c992a753ba1e0e5619abe8 |
| SHA256 | 33bd9cbda8b6709c9ace442a52c1dd5a38225bff0a8da160260bf69919ea1fa3 |
| SHA512 | 2096083e9e08e63ae4e47f0ac9a1432d46eb09029e59a3bf3df55de8ee51c66f2ed9752338ebd9d56b30bbce9a86942a7dc22c0b7930a6846174511406040158 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e6e780ff55d2a56c9e3cc845df86e63 |
| SHA1 | bd9edb7b1c6b91d3b62074e5917a3a25f221059f |
| SHA256 | dee0e8ef09a329bdd0aedf09c34362dc7485271b3d4e6b877afd59757067c739 |
| SHA512 | 74f6d7e2c47bed2ccf431ea606d1df2e751fd8edbfe6c1cb3a1263bb5498bf79c7492f94d504432737d93cb0245d9827963a5137559079ed57cd80193dffd8ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 74f6fbdfc8631ab621c06b4a823ea28c |
| SHA1 | e8bd5a84038f8fc72c0eb1fc813e745bdb04d6c0 |
| SHA256 | e19f3d8be2ee0d8ad3d8918607a346c229b9464d959be861a81e25dba8257b91 |
| SHA512 | 2f43d3ca6b3db3bf0b52699ebb128e1c070ebcfdf3a068117a2fe0499bab62cee0261ce21e509651eec10fe344746f4890f901d615a328dc7056196d88624c1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 7c702451150c376ff54a34249bceb819 |
| SHA1 | 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2 |
| SHA256 | 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583 |
| SHA512 | 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | deff94aa931ec2e925e54db217a0f546 |
| SHA1 | 54b6e6eac087f32d7f56c189430d9c8f8c3eabee |
| SHA256 | 514f090fbfa0d31283c551f1eaea7be58bb0d26d70576cce4279e67c7278aaec |
| SHA512 | c01b16035baf26a93af63ae25343c2490bb2ec8db3574e3a47942bf18520144cf1912739eeaeed69c20940bd2142da715ee1d4c0f3064c71c2c6c29072f3c7fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586aea.TMP
| MD5 | 4beb4e3dfd203b52302f8de8d5c9dd4c |
| SHA1 | 5a5f9ab11ec4103c339dafd4d4b416c9ab6c47d0 |
| SHA256 | f4f9b1f49a3636361a91d677ad9f2c86dba135b67b02118f7485f421e3100016 |
| SHA512 | 882c1cd41dab4edd84f238dbe08e39dc26612b80c789a3be314e47c14007fb93ab0763f22ae70932c7472e33ac67f7d4ef96c6a0bffefc0d959916b11ed3bf4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a58d64a2700368b118418cf585e7f999 |
| SHA1 | a9199ce8dff2f1cdbc888adf6b8c62ab5a25fdec |
| SHA256 | 7dbbe80c5b5191469913bcfa2009f115ad367f39d0f8c3170add541a907b0c40 |
| SHA512 | 23a0f766972d29f02fbfdb9d78cfa401747caab4aa8c2514bba21f60014fe0902cf5c5221c94adcf8a4006858fda1533f66ef11d8dea1a6baccc58d8508b2fdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 55ccf226f498b18208ece77cf3e2f41f |
| SHA1 | 2c955d95bd388aae78172eb5aec87c1e1637ba39 |
| SHA256 | 571885d7c149fa08a7bc941427248b678602cdbc9e50a13f3eb98ec17bf30487 |
| SHA512 | 3701724982908cea55949df268740a1c73cb35b1d8315b879e6a9288d6d6a04ec9f0b9e1a7e919da23118d1af813fd887caf1bc42b70a258dc6d6127e72ea8be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5899da.TMP
| MD5 | d2ec409ad7a2b9e04d5682b57b7326d4 |
| SHA1 | 3bce764521b8736e156459e5c88cf3273a35806c |
| SHA256 | 8be7a9b203e1ca35bb78adb30740e2578b129a18740c5250e8773871cf48a1a7 |
| SHA512 | 81b95721b588112675b6b43ca1f52d38853c7074cd80a78cd3aa2c18b053491874117987cc2d41cf634aba0d51865d9f7d3e3fb6e470c6070d689f8f917f8e04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 129adaccb9e886ca510bc1abd0515beb |
| SHA1 | 09362927f083dcd7a470add1342d6cdbade55e4b |
| SHA256 | 196d1e71d8af8725444f54f37901a991749583bb626ba50d32cc42e56c9dcb9d |
| SHA512 | e721f2f2b3457f4e7462054e8c6810fdccc39c48193ddda2d909850124bc82980a2d82de2a67ba560dda1d6f612f71a4fbc66a0415bbe507542734ea3b206d0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 35fe37e08d59a3191e5937bbf348e528 |
| SHA1 | 64555d7ba585935ad7031b1dcd85e32d665c5e19 |
| SHA256 | e0050b274222e7bbe0d963be219a27e4a47fddcf1a72da32f744a04eccf91615 |
| SHA512 | ef3b2acc746dc86ce4e9d075c133e0b65277c14c6347526e25ad5ede7a0f9403478a5fc6a2a19babea02012b5770de1b7484e68c1dec64502d362f8197289f93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 53331221e18c0cc910d850413e9fc02d |
| SHA1 | 177dee698ad1d08b8201610043efbadf2ebce72a |
| SHA256 | 3e948412607e5b0d4e1753df7178525388a21e9e4ae05584882c2db6e5145896 |
| SHA512 | fdb790bc39fc722942db60047bcaea9ec0b63a69035051d083e9643c1755594c7a733cbf60b436e05d3d9d6deeb8565243d54ea7c22ac1a8b925a365ee044d78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a43e885f994cfb9096fb1caf92d510a6 |
| SHA1 | 2f1a9b60e469affd3e1a77df9bdf7e89b2165b77 |
| SHA256 | bb524e6162a47512a0d9b030bc0a6c39d7a9391a4413070f05f7f43a02023476 |
| SHA512 | bffab605d4607fa81377db17f76998d2052b52ba03771c9fbff2eedf5355f2a028e6b2251ad16128ae37d93a257472990c54cbbe72a444d0b32592b27612ab3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 66a228799165ed3a3f92461a49d79b86 |
| SHA1 | 83063282f617d312892e19c97d4c5bd3689042a6 |
| SHA256 | 2e710f99947b026eb083aa68b71f918fab70c79f71d84752b30af71e5b030793 |
| SHA512 | 9038e6cf753493f0d495a99d667eb9a1307e098060739db4f2a716fe77b1b6195103229f3b1cedd5ed4f56236aa33fc12910051234f7b4d9aeaa7d8ebd165c97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 00bd4556d9672009a7cce0eb5605fd1d |
| SHA1 | e6aa062aa34cd745dbaa2b0fb851511a5ea734dc |
| SHA256 | 11e4340eefdc92053fa38149176a0c17f55472b8fd3897426a76050aedcb8621 |
| SHA512 | 34f87481e0cfbab27750b392d885092bcd6e11796745b5ef7f39e9564b8d29d169cf8d72795e45745c366c18057d02120726951d2729c699bc60e6518499536e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 820c0dbaa7a1b420d09e3f7454792683 |
| SHA1 | a2d3d7ec13c940673639ea8861d2eb8d532fa6ee |
| SHA256 | 420d6b7e036dd3550438a29820d59e7565a9bfb88a78868f5bea65213dc559ca |
| SHA512 | d64711aecc4d2f444843502e272172579ef77cfeeb90a91f5819c470b0ca8560fbc8ce22be0f4362a220915c9e8733d5d31762aa0a8c934a2ed2df62fc785e6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 5f66ad83906391bf4c33378d66c0e2ed |
| SHA1 | 1f309bacad6bbb0afcd06d892c4507cf1d3f89fa |
| SHA256 | f1d012b259e7e5748eacbf25c2f31da136ff125fea00764c8ff5b465dd310144 |
| SHA512 | 8c5818ba7a738044595bea749c4f6bc17871c9042bca876e6a182a661ae91ac62c15ab71e40a93b5e35378ecf3138b2124e3acd37a4f563f79156370ee413497 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ff334acc8e6ae3e22f1ef38875826ad |
| SHA1 | 88a4795c629f4b0d7d080724ff5c300182c5c296 |
| SHA256 | 61661f4f4bd8de379251452e56ac7b2837e309ad9992b581fb25b9d69477acb9 |
| SHA512 | 0eacb6bed1221875e04aebacfeb9c77e6a0e1184d63260f05208d9b97daea9010205583b8ea5992385af215f7244442f1fb3e734856ea80127f609ca22af0a92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 9c3c2a5162776e2fdebddc53197d6501 |
| SHA1 | 56bf2ead5e5bb49032e88d55ac8c4cd2d865b35b |
| SHA256 | 2aa494e96b3e229b37c8cdd519fc587f29c04303e3f26af3f3199d7925fd2062 |
| SHA512 | 6dd7d19326094c2a9056716cbdf1655e03d04c77040dde0aa6a40244f2a5f867ba58641d2d9094259ea91dedccf0f820e9c1778a120ecc9b1ad1f831c415c9ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 93e6db9e77a363fdce74bd2740f7dee1 |
| SHA1 | cb34d0f364ed0cf3076350a0b8f950e5d08d718a |
| SHA256 | 8613cf2b4b45b96a8bf9f9476b6771df3da40e3eb2d994398efaef82db67a85a |
| SHA512 | 68101f66c51ab362d5c4592c65650173419946e762c9140284441fb98fe6967a21cd8839a9b821b97c15147bb39d008948a83c14f48149ed61b67e3c65028ad2 |