Analysis Overview
SHA256
4a75f2db1dbd3c1218bb9994b7e1c690c4edd4e0c1a675de8d2a127611173e69
Threat Level: Known bad
The file MrsMajor 3.0.exe was found to be: Known bad.
Malicious Activity Summary
UAC bypass
Downloads MZ/PE file
Executes dropped EXE
Obfuscated with Agile.Net obfuscator
Checks computer location settings
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Unsigned PE
Browser Information Discovery
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
System policy modification
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-17 12:23
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-17 12:23
Reported
2025-01-17 12:26
Platform
win7-20240903-en
Max time kernel
118s
Max time network
119s
Command Line
Signatures
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" | C:\Windows\system32\wscript.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Enumerates physical storage devices
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2084 wrote to memory of 3064 | N/A | C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe | C:\Windows\system32\wscript.exe |
| PID 2084 wrote to memory of 3064 | N/A | C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe | C:\Windows\system32\wscript.exe |
| PID 2084 wrote to memory of 3064 | N/A | C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe | C:\Windows\system32\wscript.exe |
| PID 3064 wrote to memory of 2496 | N/A | C:\Windows\system32\wscript.exe | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe |
| PID 3064 wrote to memory of 2496 | N/A | C:\Windows\system32\wscript.exe | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe |
| PID 3064 wrote to memory of 2496 | N/A | C:\Windows\system32\wscript.exe | C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe |
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | C:\Windows\system32\wscript.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" | C:\Windows\system32\wscript.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe
"C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe"
C:\Windows\system32\wscript.exe
"C:\Windows\system32\wscript.exe" C:\Users\Admin\AppData\Local\Temp\AD30.tmp\AD31.tmp\AD32.vbs //Nologo
C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe
"C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 172.217.169.78:443 | drive.google.com | tcp |
| US | 8.8.8.8:53 | drive.usercontent.google.com | udp |
| GB | 216.58.212.193:443 | drive.usercontent.google.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\AD30.tmp\AD31.tmp\AD32.vbs
| MD5 | 3b8696ecbb737aad2a763c4eaf62c247 |
| SHA1 | 4a2d7a2d61d3f4c414b4e5d2933cd404b8f126e5 |
| SHA256 | ce95f7eea8b303bc23cfd6e41748ad4e7b5e0f0f1d3bdf390eadb1e354915569 |
| SHA512 | 713d9697b892b9dd892537e8a01eab8d0265ebf64867c8beecf7a744321257c2a5c11d4de18fcb486bb69f199422ce3cab8b6afdbe880481c47b06ba8f335beb |
C:\Users\Admin\AppData\Local\Temp\AD30.tmp\eulascr.exe
| MD5 | 8b1c352450e480d9320fce5e6f2c8713 |
| SHA1 | d6bd88bf33de7c5d4e68b233c37cc1540c97bd3a |
| SHA256 | 2c343174231b55e463ca044d19d47bd5842793c15954583eb340bfd95628516e |
| SHA512 | 2d8e43b1021da08ed1bf5aff110159e6bc10478102c024371302ccfce595e77fd76794658617b5b52f9a50190db250c1ba486d247d9cd69e4732a768edbb4cbc |
memory/2496-8-0x000007FEF5B23000-0x000007FEF5B24000-memory.dmp
memory/2496-9-0x00000000011B0000-0x00000000011DA000-memory.dmp
memory/2496-11-0x000007FEF5B20000-0x000007FEF650C000-memory.dmp
\Users\Admin\AppData\Local\Temp\5a530dfd-bc51-4992-a05d-f09d41a331d4\AgileDotNetRT64.dll
| MD5 | 42b2c266e49a3acd346b91e3b0e638c0 |
| SHA1 | 2bc52134f03fcc51cb4e0f6c7cf70646b4df7dd1 |
| SHA256 | adeed015f06efa363d504a18acb671b1db4b20b23664a55c9bc28aef3283ca29 |
| SHA512 | 770822fd681a1d98afe03f6fbe5f116321b54c8e2989fb07491811fd29fca5b666f1adf4c6900823af1271e342cacc9293e9db307c4eef852d1a253b00347a81 |
memory/2496-17-0x000007FEF4460000-0x000007FEF458C000-memory.dmp
memory/2496-18-0x000007FEF5B23000-0x000007FEF5B24000-memory.dmp
memory/2496-19-0x000007FEF5B20000-0x000007FEF650C000-memory.dmp
memory/2496-20-0x000007FEF5B20000-0x000007FEF650C000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2025-01-17 12:23
Reported
2025-01-17 12:29
Platform
win10v2004-20241007-en
Max time kernel
319s
Max time network
321s
Command Line
Signatures
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" | C:\Windows\system32\wscript.exe | N/A |
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Windows\system32\wscript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133815904315966031" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | C:\Windows\system32\wscript.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" | C:\Windows\system32\wscript.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe
"C:\Users\Admin\AppData\Local\Temp\MrsMajor 3.0.exe"
C:\Windows\system32\wscript.exe
"C:\Windows\system32\wscript.exe" C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\C9D9.tmp\C9DA.vbs //Nologo
C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe
"C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc3235cc40,0x7ffc3235cc4c,0x7ffc3235cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2104,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2324 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3216,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4484,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4732,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4900 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5020,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4904,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5244,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4924 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5224,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4916,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5356,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5556,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=860,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3544,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3572,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5552,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3352,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=3276,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5132,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5172,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5420,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6068,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6200,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6544,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6708,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6720,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7008,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7132,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7384,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7504,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7564,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7684,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7800 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7932,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7968,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8220,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=8248,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8372 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8380,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7952,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8764,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8664 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8800,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8908,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9060,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9292,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9476,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9488 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9632,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9768,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=7368,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9624 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x470 0x3fc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=3616,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10408,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=9896,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6256,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9976 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=6164,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5516,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=6560,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5636,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9936 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=9952,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=9920,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6652 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6588,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9140 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6556,i,15195035220283428685,14808882089068340408,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5432 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.98.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 172.217.169.78:443 | drive.google.com | tcp |
| US | 8.8.8.8:53 | drive.usercontent.google.com | udp |
| GB | 216.58.212.193:443 | drive.usercontent.google.com | tcp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 142.250.200.33:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.186.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yahoo.com | udp |
| US | 74.6.231.21:443 | yahoo.com | tcp |
| US | 74.6.231.21:443 | yahoo.com | tcp |
| US | 8.8.8.8:53 | www.yahoo.com | udp |
| GB | 87.248.114.11:443 | www.yahoo.com | tcp |
| US | 8.8.8.8:53 | guce.yahoo.com | udp |
| IE | 54.229.20.111:443 | guce.yahoo.com | tcp |
| US | 8.8.8.8:53 | consent.yahoo.com | udp |
| IE | 54.229.20.111:443 | consent.yahoo.com | tcp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| IE | 54.229.20.111:443 | consent.yahoo.com | tcp |
| US | 8.8.8.8:53 | 21.231.6.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.20.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uk.yahoo.com | udp |
| GB | 87.248.114.12:443 | uk.yahoo.com | tcp |
| US | 8.8.8.8:53 | geo.yahoo.com | udp |
| US | 8.8.8.8:53 | geo.query.yahoo.com | udp |
| US | 8.8.8.8:53 | search.yahoo.com | udp |
| IE | 188.125.72.139:443 | geo.query.yahoo.com | tcp |
| IE | 188.125.72.139:443 | geo.query.yahoo.com | tcp |
| IE | 212.82.100.137:443 | search.yahoo.com | tcp |
| US | 8.8.8.8:53 | consent.cmp.oath.com | udp |
| US | 8.8.8.8:53 | edge-mcdn.secure.yahoo.com | udp |
| DE | 54.230.206.9:443 | consent.cmp.oath.com | tcp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.72.125.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.100.82.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | noa.yahoo.com | udp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| IE | 188.125.72.139:443 | noa.yahoo.com | tcp |
| US | 8.8.8.8:53 | opus.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| FR | 3.165.113.7:443 | opus.analytics.yahoo.com | tcp |
| US | 151.101.1.44:443 | cdn.taboola.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | wnsrvbjmeprtfrnfx.ay.delivery | udp |
| US | 172.67.149.20:443 | wnsrvbjmeprtfrnfx.ay.delivery | tcp |
| US | 8.8.8.8:53 | pbs.yahoo.com | udp |
| US | 8.8.8.8:53 | c2shb-oao.ssp.yahoo.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | display.bidder.taboola.com | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | ganon.yahoo.com | udp |
| US | 151.101.193.44:443 | display.bidder.taboola.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| IE | 52.17.58.112:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| IE | 54.72.208.215:443 | c2shb-oao.ssp.yahoo.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | udc.yahoo.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| FR | 52.222.169.76:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | triplelift-match.dotomi.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| IE | 54.246.227.151:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.203.116.124:443 | sync.srv.stackadapt.com | tcp |
| US | 34.203.116.124:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.228.93.54:443 | match.prod.bidr.io | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.149.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.208.72.54.in-addr.arpa | udp |
| NL | 64.158.223.137:443 | triplelift-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 112.58.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.169.222.52.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8c52467d3183fa2e63b55cf9abc3247c.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| GB | 172.217.169.1:443 | 8c52467d3183fa2e63b55cf9abc3247c.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pm-widget.taboola.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | beacon.taboola.com | udp |
| US | 8.8.8.8:53 | tsdtocl.com | udp |
| US | 151.101.193.44:443 | tsdtocl.com | tcp |
| US | 151.101.65.44:443 | tsdtocl.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 3.209.19.249:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | pbd.yahoo.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| US | 8.8.8.8:53 | am-trc-events.taboola.com | udp |
| US | 8.8.8.8:53 | cds.taboola.com | udp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 141.226.224.32:443 | cds.taboola.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.66:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | uk.search.yahoo.com | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| IE | 212.82.100.137:443 | uk.search.yahoo.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.227.246.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.93.228.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.116.203.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.19.209.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.224.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | b1sync.outbrain.com | udp |
| US | 64.74.236.191:443 | b1sync.outbrain.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 223.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 34.251.207.174:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 52.215.68.3:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | data.adsrvr.org | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | sync.serverbid.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 81.17.55.122:443 | ssbsync.smartadserver.com | tcp |
| FR | 13.249.9.226:443 | sync.serverbid.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| FR | 18.164.52.46:443 | s.ad.smaato.net | tcp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| GB | 95.100.244.195:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 174.207.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.68.215.52.in-addr.arpa | udp |
| US | 151.101.1.44:443 | images.taboola.com | tcp |
| IE | 52.17.58.112:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | yahoo-match.dotomi.com | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| NL | 63.215.202.169:443 | yahoo-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cdn.lijit.com | udp |
| US | 8.8.8.8:53 | pxdrop.lijit.com | udp |
| US | 8.8.8.8:53 | beacon-fra2.rubiconproject.com | udp |
| US | 8.8.8.8:53 | imp-ew1-secondary.lijit.com | udp |
| FR | 52.84.174.16:443 | cdn.lijit.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| IE | 52.31.168.245:443 | imp-ew1-secondary.lijit.com | tcp |
| GB | 88.221.135.48:443 | pxdrop.lijit.com | tcp |
| US | 8.8.8.8:53 | ox-rtb-europe-west1.openx.net | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | ie1-bid.adsrvr.org | udp |
| US | 8.8.8.8:53 | choices.truste.com | udp |
| US | 8.8.8.8:53 | adrta.com | udp |
| DE | 69.173.144.155:443 | beacon-fra2.rubiconproject.com | tcp |
| US | 52.223.6.21:443 | ie1-bid.adsrvr.org | tcp |
| FR | 18.164.52.79:443 | choices.truste.com | tcp |
| US | 52.21.151.100:443 | adrta.com | tcp |
| US | 35.241.44.144:443 | ox-rtb-europe-west1.openx.net | tcp |
| IE | 34.243.104.137:443 | rtb.gumgum.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | staticassets-creator-design.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 178.250.1.22:443 | staticassets-creator-design.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| IE | 52.213.154.13:443 | fw.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | ipds.adrta.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.168.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.6.223.52.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 155.144.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.44.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.151.21.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 98.82.158.241:443 | s.amazon-adsystem.com | tcp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 137.104.243.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| GB | 95.100.244.20:443 | hbx.media.net | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 98.82.158.241:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | dsp-ap.eskimi.com | udp |
| GB | 216.58.204.66:443 | googleads4.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads4.g.doubleclick.net | tcp |
| DE | 52.85.92.72:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.154.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| US | 8.8.8.8:53 | dsp.360yield.com | udp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 98.82.158.241:443 | s.amazon-adsystem.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | 241.158.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | d17ebhrlbr4s4.cloudfront.net | udp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| DK | 37.157.6.237:443 | c1.adform.net | tcp |
| DK | 37.157.6.237:443 | c1.adform.net | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 52.23.100.133:443 | sync.ipredictive.com | tcp |
| IE | 46.137.30.176:443 | dsp.360yield.com | tcp |
| US | 104.22.51.98:443 | mwzeom.zeotap.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| FR | 54.38.113.8:443 | pixel.onaudience.com | tcp |
| SE | 13.53.196.230:443 | d5p.de17a.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| GB | 87.248.114.11:443 | pbd.yahoo.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| FR | 18.244.38.214:443 | d17ebhrlbr4s4.cloudfront.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| NL | 63.215.202.172:443 | pubmatic-match.dotomi.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | 66.206.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.30.137.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.196.53.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 34.1.237.230:443 | csync.loopme.me | tcp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 54.85.52.128:443 | dt.adsafeprotected.com | tcp |
| US | 54.85.52.128:443 | dt.adsafeprotected.com | tcp |
| US | 54.85.52.128:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | medianet-match.dotomi.com | udp |
| US | 8.8.8.8:53 | hb.trustedstack.com | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 89.207.16.204:443 | medianet-match.dotomi.com | tcp |
| GB | 104.77.160.201:443 | hb.trustedstack.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 133.100.23.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.38.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.237.1.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.52.85.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | up.yimg.com | udp |
| US | 8.8.8.8:53 | sp.yimg.com | udp |
| GB | 87.248.114.11:443 | sp.yimg.com | tcp |
| GB | 87.248.114.11:443 | sp.yimg.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.search.yahoo.com | udp |
| GB | 88.221.135.17:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | www.avg.com | udp |
| GB | 23.214.152.223:443 | www.avg.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | static2.avg.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| US | 8.8.8.8:53 | 17.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.152.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| GB | 95.100.244.132:443 | s.go-mpulse.net | tcp |
| GB | 95.100.244.229:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| FR | 13.249.9.45:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| IE | 52.210.83.154:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | mstatic.avg.com | udp |
| GB | 2.22.68.120:443 | www.nortonlifelock.com | tcp |
| NL | 20.50.2.58:443 | mstatic.avg.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| IE | 54.77.158.239:443 | symantec.demdex.net | tcp |
| IE | 54.75.135.140:443 | cm.everesttech.net | tcp |
| GB | 95.100.244.132:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | oms.avg.com | udp |
| IE | 66.235.152.221:443 | oms.avg.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | wxl3auyx22mn6z4kjuia-f-4307c5caa-clientnsv4-s.akamaihd.net | udp |
| US | 104.17.209.240:443 | zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.83.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.68.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.158.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.135.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | 684dd311.akstat.io | udp |
| US | 8.8.8.8:53 | 240.209.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.upsellit.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 34.117.39.58:443 | www.upsellit.com | tcp |
| US | 172.64.155.119:443 | privacyportal-de.onetrust.com | tcp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 58.39.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.223.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.184.233.64.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 23.214.152.223:443 | static2.avg.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | udp |
| GB | 95.100.244.132:443 | 684dd311.akstat.io | udp |
| GB | 95.100.244.132:443 | 684dd311.akstat.io | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | wxl3auyx22mn6z4kjula-f-9b314d843-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| GB | 23.208.241.36:443 | bits.avcdn.net | tcp |
| GB | 23.208.241.36:443 | bits.avcdn.net | tcp |
| US | 8.8.8.8:53 | 36.241.208.23.in-addr.arpa | udp |
| DE | 142.250.186.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 27.178.89.13.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\C9D9.tmp\C9DA.vbs
| MD5 | 3b8696ecbb737aad2a763c4eaf62c247 |
| SHA1 | 4a2d7a2d61d3f4c414b4e5d2933cd404b8f126e5 |
| SHA256 | ce95f7eea8b303bc23cfd6e41748ad4e7b5e0f0f1d3bdf390eadb1e354915569 |
| SHA512 | 713d9697b892b9dd892537e8a01eab8d0265ebf64867c8beecf7a744321257c2a5c11d4de18fcb486bb69f199422ce3cab8b6afdbe880481c47b06ba8f335beb |
C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\eulascr.exe
| MD5 | 8b1c352450e480d9320fce5e6f2c8713 |
| SHA1 | d6bd88bf33de7c5d4e68b233c37cc1540c97bd3a |
| SHA256 | 2c343174231b55e463ca044d19d47bd5842793c15954583eb340bfd95628516e |
| SHA512 | 2d8e43b1021da08ed1bf5aff110159e6bc10478102c024371302ccfce595e77fd76794658617b5b52f9a50190db250c1ba486d247d9cd69e4732a768edbb4cbc |
memory/4444-8-0x00007FFC37523000-0x00007FFC37525000-memory.dmp
memory/4444-9-0x0000000000470000-0x000000000049A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\5a530dfd-bc51-4992-a05d-f09d41a331d4\AgileDotNetRT64.dll
| MD5 | 42b2c266e49a3acd346b91e3b0e638c0 |
| SHA1 | 2bc52134f03fcc51cb4e0f6c7cf70646b4df7dd1 |
| SHA256 | adeed015f06efa363d504a18acb671b1db4b20b23664a55c9bc28aef3283ca29 |
| SHA512 | 770822fd681a1d98afe03f6fbe5f116321b54c8e2989fb07491811fd29fca5b666f1adf4c6900823af1271e342cacc9293e9db307c4eef852d1a253b00347a81 |
memory/4444-16-0x00007FFC46D30000-0x00007FFC46E7E000-memory.dmp
memory/4444-17-0x000000001D650000-0x000000001D812000-memory.dmp
memory/4444-18-0x000000001DD50000-0x000000001E278000-memory.dmp
memory/4444-19-0x00007FFC37523000-0x00007FFC37525000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\C9D8.tmp\winfool.exe
| MD5 | d8fdfdde14071709a1876756c0400e48 |
| SHA1 | f8b1f6cdf8e94a20adc6dfa5668cc99386687ba3 |
| SHA256 | 0e57dde466b0b18304142bc943714f38e786033799a86a9c2f4109458c029224 |
| SHA512 | 6e015c780834afd71170bc1da3dad024c3ec37caa159ee25b951c46fc041eafad0b4d3e834ee25870585f2a2031ebcdfa4034da681819ef465ccf76d6f025e53 |
\??\pipe\crashpad_376_QRZGSKUVKWDEQKFQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir376_1182835032\b85a6d9c-c0db-4375-90f5-9569f19ab559.tmp
| MD5 | 14937b985303ecce4196154a24fc369a |
| SHA1 | ecfe89e11a8d08ce0c8745ff5735d5edad683730 |
| SHA256 | 71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff |
| SHA512 | 1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c |
C:\Users\Admin\AppData\Local\Temp\scoped_dir376_1182835032\CRX_INSTALL\_locales\en\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 1db7ad1d2ca49f543a94bada9e5808d2 |
| SHA1 | dc7571acdec8ddc0c94209601a502a91339d8709 |
| SHA256 | 44186278cdc383eeaddf60bdf1bd95064dd5d10b2ea2c679a264a6e6fd6df733 |
| SHA512 | 0072bdf636d1e180aefc1de1cb6918d918464e7da8a2071776fe34c01ef5211c282c124e8c5275c9b377436ca5f8cde4c5a513bfd12ab8a163a880528ecb7a9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f68b3e8312e37f460044a9a1f324cd2f |
| SHA1 | 4f12c078e72ef2a7c35c8206202df67209dedd2d |
| SHA256 | e18698e50b176c930f4014def19dadcdb367d28f52f04f8bbe093d0c7343a587 |
| SHA512 | eb5f836dbb5c5c5857828639f855d06db0c21f833bf20c5f055e6208b5ac2fe4dff25c06f3b4d6d515f2f160e1a9d9c6d556799e0e9f1a34060021df5627bfe9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce0051d52d15c7f8feaba1126334523c |
| SHA1 | 48ff6a3d0dd9350690de573828622d920b291d6b |
| SHA256 | c7fe4bd1f6526ddeae9b4f8e1f8287ad2697ed1c993327e05d16f5273548b054 |
| SHA512 | 51c5a837a3bcbb4c142a55f7541f443a62698bb4ba75f1b4f3a9b9d2341834a0d2974e5823a9f070976290653cb556393052ce82a8945630652900e1140b3ea9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 46c22642e82e60148d69edf2b5207c24 |
| SHA1 | f9b34c3878dc6379b13a3679aab59f7170fc4c70 |
| SHA256 | 7a896a68e454e1c5c9a97576c5a8a48cf2c9a6ec87cb7e38ec36c4f0ac6ade6c |
| SHA512 | a69a95081f5497c26dd7e4df2be60da31c897057f3b5207795ea0f0b6c93a369e691f81a5966625c8ac225029bf4a3bf14f8018357d7faa445da6dc6492134fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | d474ec7f8d58a66420b6daa0893a4874 |
| SHA1 | 4314642571493ba983748556d0e76ec6704da211 |
| SHA256 | 553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69 |
| SHA512 | 344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 0f1d84a711d8d2fcad96c590a7ef6847 |
| SHA1 | b03ee562457800a6269c41bfca68624f7413e446 |
| SHA256 | 971ab68c012212353b1f264f48814392a3b67fd9e0ee8d8eef4ed5402748e85b |
| SHA512 | 2c639169bce9e78196860fdd19a584591b701b1c2fb1561aaa925d88f8ef121da033e7de7f4884d0a6ca77cec288acd7e2f12883a578d5823f982896ed84a508 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 128ed19c7f2217aa55856e88a402dec0 |
| SHA1 | d21a556b2cbb5b02eb8e4fd7c20c0d5be4a06a27 |
| SHA256 | d66631d9e1bf2fe2f8e2b04a5e9102c7075cf22580ce07153f110b203c5cf907 |
| SHA512 | d3a63cd60fd0ea4ab0b26b53fb599b12c6a420f004a7c837fa700f13c94104f9093f123c96ab93ab22becf31c2d6439e6083cf18a58f53cd365a168770901835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c33da90eace14ffc0ef0e1041ef188ee |
| SHA1 | f6e92737043556c8c887c3de69f96b180e2403c3 |
| SHA256 | 72b3c586afc0c5b7c2c173361a5792675a15c375c66229a891a1621d63242ce5 |
| SHA512 | 6188a96cbdf8100c871726e86c29770d76804bcd512ac688328ef652bd056cf17fb2cbc1fe00685f86ad478a5f4f604d7eea9a6636e83cb58791bcf7d8530ce6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6fc1a81716b2b58dc3007c9137d1bc2b |
| SHA1 | b645007290c020dcaf6093d7510d0f8b921a840b |
| SHA256 | 72391b4d1507a383b3d6524dc38e9f7f380b649f73e9d5feb86b9a37a5693149 |
| SHA512 | 050154e65e309d62354cfec8fd6f1d15e8c5259bdc0fe7ca2dc98a261f3d19b242636ceff8e41d1d2157a182bd42cec4fed7f267f575469ed0cebfc051571b72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 2d89ebcc9a86a6c06703358088edd0e6 |
| SHA1 | 8a890180db52517097e0d218d8de04283bb8d2fc |
| SHA256 | 992875a06ff3829b8d449817cc82f2fb99eb113ea9acbc238380b5cea4d94c51 |
| SHA512 | fe0606aa27bc2f843812f91abcd587defa953be2416a7712d1407e98d489820b1d9023c423af56efca8cf808c9d804f3aa405f6e564ea4ce4ad0eb860cf19ff4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3d472d363bd259c5f6045f250a0c9d93 |
| SHA1 | 279cfa2028028cddd051c3fecdd07d3263af785f |
| SHA256 | e8a41a6d82856beb0366ff74dc44e694a5466f395d64de2e739ba505f3345c43 |
| SHA512 | 0ce59fac20633d9b0648c25ee173d896f8a2ae1a3856e6476fd6b10f39b410864a4098d0c21576153c0105d1e00d6f3c4e94b8bd141b5bd18fe4ff19a843385d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e4d98a612a32bb2a2328ab0c0c3fa26 |
| SHA1 | 7c0d84e07b2f6f5edf0cf3a005bbffad084a949c |
| SHA256 | da08ce1b98d518735ec026694a2e82f4ced09d27398101332b2a5e4bd558288e |
| SHA512 | 9d60a9627c83ac1c9ec0734384d973ac3b854b0753e2df6e4f089e513fcf31238f961d3348ac4a1bf6f1e6cbf9f9ba73d6e7f6390eb73cc85cf9190d488c12d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 62003c0291ab36747dfe02380b6db0fb |
| SHA1 | 19c5672448f373e94c5e8054b4d7e1c1afe271b5 |
| SHA256 | d44983d7bb4f42557857de030884da126fdb2ca80df019d18ac58d1b325d3764 |
| SHA512 | da83817ea36315adc856ab7737ef8a27d8e9800679d2ae5cc82940fcb460022b8d2ceb7853a722d708d7ef57d2a978603c10b18bea2d279eed2cd34d3762d30b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2801513708e146d8a4a5ae7180129364 |
| SHA1 | 3b068e5630a63519241f3d61023d4744fc5ceecb |
| SHA256 | 37dbdb416ab46ded0822c981c41a7b76c8035e9d6e3a620d42a295300a96c41a |
| SHA512 | dda8000213062b2f9cc25554e7e708268b3727416c2fa4e6ccdf51aff7195a7c395c2d3abf81372c629d6fbe5a2907edc91a0330f9b8dd543883c5766a77095f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 697f8b9322a674e922780cafe1f37abe |
| SHA1 | da1e2f20bf92815fb59b15e62fde8f25ac792c61 |
| SHA256 | 56612e4b572043410b2cf957a32757d836f999afbc74a95be74298e40f6b81bb |
| SHA512 | e3b1b0cb98a1840a16e1d7f6d0fffe18fc2ffffbf0e91ce3e37511298df31066fd5e525da038177442d617db4ceabe490df330b60116a043bac4df0115bef83c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0be712176fbe28ab8b5c620e5fd715ef |
| SHA1 | 99be3b724fcacca7869aa845cb97981235756d92 |
| SHA256 | d49ac701dc58f9cc6517ea00598c5bde35ae1d13fdca3cb85a9fdbe8f1240457 |
| SHA512 | e5627702a0816dee749cf3641f2ef23feabcbdf7b3966d3f7798a9714cbb4dc13e90afbd82d05eacffc33d84541f63e2a8439f0cc8d19d3463e7947dc657b520 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b4809a230be05e8cf0ded200bd9d58e2 |
| SHA1 | 0aec641fe8169aa9a517c2e67a506e629a81dfaf |
| SHA256 | 481de0e84f3002ba41f18d85a03267a578c9d4ba1f3210cb08debfd14bf2136c |
| SHA512 | 8718b1c2b428f709c94bde2cfb06dbc03fdd3d0622d3bd0caea1dc8929f4316291996fe311dae2ff56d477dd3966f12fcfdff273f418115741538ad15780a127 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0eea9098d3b162ea67b99a2d205b1982 |
| SHA1 | b9972986d4991979429105f13d98bb1bdd312b50 |
| SHA256 | 980dc1baaedeb90538f3db9484ad68e6eaa21f508de1ebf65c30c0517daaf6d7 |
| SHA512 | b66787a1e8febf393e522eac8ceca9e1360f7011d26ce623bcf188e546b85f6807fadbeef7145fd0b6020d884bd2f7181b77455c0a663a76f5543e8b03c63174 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_uk.yahoo.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b1b403ec090e182b6cf60ddf2e68a3a1 |
| SHA1 | 1536e3162105264f4f1286ce32f9aed733dcb12f |
| SHA256 | 5439d07ff72f2e2f1f670bc6c2e93247b8bc75fa5ebde8a402975ae1b8abba44 |
| SHA512 | 2ced50b284cdd33b5afb1c0020125062aff203d226e404e2b90d07fbaf254a5487d801b7c4ade2946a5d13bafd32b5656c435448567136d997353b8e7c1396d0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ba7e21ec6b12af4cb4c81fdd6fde1b7f |
| SHA1 | 47ceeec6fb405a0f5ec6c67c07268aebe850d7ea |
| SHA256 | f40a538be376deae079bc7adfc1f098e57919da1db87b9a7b956806ce0b78c99 |
| SHA512 | 4960d89e39f469a3553747560d893c3fbfd0ded8cd16dd380f28efb2417e8b7d659d47eb0072a179b7800126e9596fdee25dfe35edbcedc104c55ed37d4f79dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f13e5d41c64a1f2b37df39b12208db6 |
| SHA1 | 8e9191a2baa61652ebd04c565073f8a320d519c0 |
| SHA256 | 5cf7dd54f025ebf05c9cd6efcd7530cface8feada546e72b75e2fb51ce953924 |
| SHA512 | d64c8c5e51a0b59444d905636ffa0ea305ab16a15caad0ef224d01158070d2097c4a60f193a0e789703af09f0cf542b9a1b4297b546066a3d5c0cd40cd6c0ac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e8cf29489f8d41f6e79f4575ded53d33 |
| SHA1 | 10fccc6f10b1d2f5d7f59305a3eb179430056155 |
| SHA256 | 4e17545fcd96f4a6cda213e53ff32f749e930af89933eb3574f7352e516c6b17 |
| SHA512 | b6e1b5ce0055f28a94231079dfdce8103eddcc2152a4eedd0afb5fe9a97b524f8283413a4e6794408f636ddbfb69c919cd165b99d2d17ee92e75f2a69457ff66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d11226e950dfadf73a679022c2f799fc |
| SHA1 | cd630260000f299c5abb91b61b4b98905be46ad9 |
| SHA256 | d37a79656f1c2bcdd2bb2831979fbaffb7a69ee239a02920cbbab185b13291fd |
| SHA512 | bbae784af1bf1f24989a4022181b2eb662f5444996ba023335bc070788582f82ca23bdc9ea6fb4ccdff462b18530baa489d2828a0218fff4218b8b5081acb78f |
C:\Users\Admin\Downloads\Unconfirmed 616469.crdownload
| MD5 | 5c59ce996f4c793d68ebc2b18994564f |
| SHA1 | 1db527752e81cbaf0e3b6d0888563f0bd07ab569 |
| SHA256 | 2194017d8f0aec16809379e82fdbc54b7531c79ca349c2c1bf8e5b1bc4c19b36 |
| SHA512 | 9196a4bb067fd93077610472e486ec614f06663e448fe20bb51fbbd1201cbfe266418ec245f24450c343e348736d216561f2c81208d97ef448afb9ffa7cc1296 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 69db9b24927762b1970458ae9ed43892 |
| SHA1 | 35691da60b14d0ae384da8e9172ed0a219aa4a3f |
| SHA256 | 5fde6b4b0eee3bbc6ec272c8278a628b1fb04a528c6581db35bd5ab2fd666e5a |
| SHA512 | ec8895c70458d198c14c11804f3051d662627618239194edc16f69d7f6d360e83d756afe46900fe89203fee97297f2ed0fd02ef0e65b33ab012a13a251d0714b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1f00332e7f975919e373422567416456 |
| SHA1 | 25908263443a6073abb3b0db1354fdb05f4a5f93 |
| SHA256 | 6de31eccc4d99720141c6fd06707e1abfa5c300e88434c874b362c742c46049d |
| SHA512 | d2a266117e6bb777e0e98c9d07eff9766b6ab6ad3a63b3b4095e081bdcfba882c78c82481809db6d310fe92a7c755b9c62deaf588efb5cb396bf22b731116eda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\7500ef2c-23b4-42ce-ba37-58faf38f1901.tmp
| MD5 | c2e957f3873f20ca830a93f8c68d422c |
| SHA1 | 908fac6a935d29718ec45bf6ed622ff081269bf5 |
| SHA256 | 921165e819f793a8f49bcc2ff92ec55f17fc78d88efebd433c98c6d342562bff |
| SHA512 | 254164ae0352cfb7f4bdd8151027a223f6ac8a859c4817c207c6091853834eac2a3cb2ef6ac8ff05a580fe524e5b4b8544bbdc9c25ebb9fdb767d3f20999eb73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3d5b16c6666b4aa44bd95e94c5ad708d |
| SHA1 | 54a48dda70cfb862387f4b7b552175aa228bd685 |
| SHA256 | 2950b47a1dd02078f6c91cc444b10c18d802b2f4c028909fd2b437816e573a98 |
| SHA512 | 7033de0e965b092886a11791b466243c3239fc6e0d1618f75923e90d77c42aa567a5bc7700f293ff49787ff1a2dcaf527780fa65e86629a0082d2a1a179a0101 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d6b9e0fbb81fd81080ce8b5990e5a073 |
| SHA1 | 4aa60d728eee22add0d354bd06298769ea2f32aa |
| SHA256 | 01ddf307a15472d8091951cb48a888d01b32ea9283306a9b9788335f7449420c |
| SHA512 | 7bf0ca40ef0a7552251552bfb475c73f042e2e0db34d5741c7c332792524295c1ca74b8926c810d28cae8d2e91d11db2ffd8e9a97c956b62bf6398a72c32a227 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 454267953ac0f57caa1cc9083ad5a727 |
| SHA1 | c94f413cfe095b2a6627d6a95b1e15e1831b8585 |
| SHA256 | 49e290d620740d56d652dca8c95606d393809e3b126853372ecb7039c3f3c1fd |
| SHA512 | b9b6b648f10cf59f4b73309f30fa9d7eedfdeedca0bafde91af24e8756cf0fc84f60c693f4d55f8adb06a292c0673bcccb3c3c587b37834198f95a929470ae6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 37671106b234cf3a90e527fb5173c7d4 |
| SHA1 | 380d615205b2a38f0da8c969d538b5f8e804fc69 |
| SHA256 | 0c4ad090d06b4dacf7e642be00d60b7d273fe878b0833d655de654a1779b0be7 |
| SHA512 | 800102777934f23f8055dd3c342920ca4f7684ada2976881eec27a3f74213369c5eacaca7200ef2bbbeaa903104459ff10baab333d36ff9b1ef147448210e725 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72a653a6caacf45baacbe0f8f125b310 |
| SHA1 | ad85cf65ffb656bd29359b7da687bcc196ba6554 |
| SHA256 | 23f0dcefa35e2adc8c09f3d457966d39414ab91fa5d9a8dbce35c93ee069659a |
| SHA512 | 0749b20b09bac5311c6c81b731590845a750869593582e3478364360ef004d66efcc00a34c779624907d376e9e4e3f00506f39f3ef000ec16774bcea01da6a92 |