General Info

URL

https://www.hdblog.it

Full analysis
https://app.any.run/tasks/4e8f9cd5-b494-4861-bc51-a310b335211c
Verdict
Malicious activity
Analysis date
2/11/2019, 12:35:57
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Application launched itself
  • chrome.exe (PID: 2948)
Reads settings of System Certificates
  • chrome.exe (PID: 2948)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
37
Monitored processes
8
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2948
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.hdblog.it
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\credui.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\imagehlp.dll

PID
3700
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x78,0x7c,0x80,0x74,0x84,0x6f5b00b0,0x6f5b00c0,0x6f5b00cc
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2880
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2952 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_watcher.dll

PID
4084
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=924,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=33FF2C0AC3CCF2B4F5A9F9DE1C426F58 --mojo-platform-channel-handle=996 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
2724
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=924,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --service-pipe-token=9FA4BEFECCF0649080EA9ECA35DF4D97 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9FA4BEFECCF0649080EA9ECA35DF4D97 --renderer-client-id=4 --mojo-platform-channel-handle=1920 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3208
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=924,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --service-pipe-token=8FC767577AF1E7C24CB24E9688133455 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8FC767577AF1E7C24CB24E9688133455 --renderer-client-id=3 --mojo-platform-channel-handle=1548 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2440
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=924,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=412AB96414725E69B1D6F7315401E136 --mojo-platform-channel-handle=3696 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
2120
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=924,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=E2C1404F64A159631632B31556A422E0 --mojo-platform-channel-handle=1940 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\zipfldr.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
520
Read events
478
Write events
41
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
2948
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2948
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2948
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2948
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2948
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2948
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2948
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13194358580084875
2948
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
2880
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2948-13194358578366125
259
2120
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US

Files activity

Executable files
0
Suspicious files
35
Text files
65
Unknown types
3

Dropped files

PID
Process
Filename
Type
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: bae69fc1045f7dc38a230a0494107ea4
SHA256: 287a50d6f2da039f4f1d0852de58de758401cc18fc39001cfee13e4cec0d4b67
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\46938e5f-fd35-48d9-bde2-2aa1660b3033.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\64aa77fb-d6ba-4cdb-b865-6c601035f272.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a279e.TMP
text
MD5: 6985d99a441b5b146b95f2200d5366a5
SHA256: ef1e65a2f773524dcd5ba3e35dd6f940b9954a1ee783b683235dda8c1a8e6333
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 6985d99a441b5b146b95f2200d5366a5
SHA256: ef1e65a2f773524dcd5ba3e35dd6f940b9954a1ee783b683235dda8c1a8e6333
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b5d5a06b-6d2b-4fba-8a5a-5c1a30c4bcba.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
binary
MD5: a0e2664dac74baff94ade5d6e4d60b12
SHA256: 1ead064c55a6c5128cc3665b8953040bb4ffd934c0ca3c978c4cfc35d3bbf959
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF1a26d3.TMP
binary
MD5: a0e2664dac74baff94ade5d6e4d60b12
SHA256: 1ead064c55a6c5128cc3665b8953040bb4ffd934c0ca3c978c4cfc35d3bbf959
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 721d411d48c2d6a9e271bce8accbec62
SHA256: 8b5d3575e53adc5fcbb830a0b682ef14f0ae459804d6523a5e4a51f7779684e7
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1a11b4.TMP
text
MD5: 721d411d48c2d6a9e271bce8accbec62
SHA256: 8b5d3575e53adc5fcbb830a0b682ef14f0ae459804d6523a5e4a51f7779684e7
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ddd78cf8-3db3-4612-a8a7-6f0909d444a6.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
image
MD5: 94876e7eab460eec48ddd5833ee2ecdc
SHA256: 92b421731599e27c6c1778bcb556f2e8e2cf3f5e990f5aea9f86479e7b565733
2948
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: ca5421001a10a3874e4bafe8d502724e
SHA256: d4c9d139bf54982bed0f45820c03312f22f36d052129f41d315b0e336e5656a2
2948
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: bb377df27a55c05bb3793cd1e125c869
SHA256: 3c4ec495f17d21cc236bc7238bc02728bd945c07157fbf875cac340269afc207
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabF5E3.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarF5E4.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarF508.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabF507.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarF4F6.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabF4F5.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4CA77D36767B6202D4786BF3D1EC5242
binary
MD5: f03e5a491f9e5c5c96c9e95e0e4a55c3
SHA256: fce2a00538ec425722b77790ed65d4cdd3ac341e69b3ac93f55b89fd9bdbb8b5
2948
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4CA77D36767B6202D4786BF3D1EC5242
der
MD5: dc32c3a76d2557c768099dea2da9a2d1
SHA256: f1c1b50ae5a20dd8030ec9f6bc24823dd367b5255759b4e71b61fce9f7375d73
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 9c9c896d64b0ebd88a066d833018e6e7
SHA256: 554a807b65d01b4199692b305ee1129ff69c7c5e10328aca6854c227b248c2f4
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19f217.TMP
text
MD5: 9c9c896d64b0ebd88a066d833018e6e7
SHA256: 554a807b65d01b4199692b305ee1129ff69c7c5e10328aca6854c227b248c2f4
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\1dccd2eb-59a3-40e8-8f4f-cf558f5e2d87.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
binary
MD5: 60f91ee06f55246380f2ce8fc7c66215
SHA256: cc19cc2e3c880765b10ea46c63a269ef6ebc6306de3e9042c4ce195eb36d2977
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old~RF19eeea.TMP
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
compressed
MD5: 8a1c4a394d5b61d39c3602cdf118e65d
SHA256: cfb0a5d5bdd40cb51906c8115937cccffb8f197a27d214f7c68bbd37abb37a4a
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
compressed
MD5: 2300462c9573d1bc7cd1c049c702b7a6
SHA256: 8298d2011568d5881a12ea89473f93536ae25e49f25737a04971ee69f894b900
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
compressed
MD5: 77c16dda25071c3cbdbcbd70f765dd72
SHA256: cb554c5667262f610004d91a301591737b3356689d6ac1f4b9d06269c0bf8ee9
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
compressed
MD5: 806a0f9861ef3dac903bab7ad1b41004
SHA256: debdd969af5d5c45ea726a65fd7694b7ce2432ef10c4f7494dfad71525f1153f
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
compressed
MD5: 830c62e4ee59a0e446e2a901de53ea34
SHA256: 1f7d838353d9fc7e3f43a1cd709c0f89cd54abbe860d7c439bf064d0f4dc29cf
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
compressed
MD5: 08b6c8bc13d4bffc06a6b08e71fbfa5e
SHA256: 73e53afde6c9a53ce2425c532f67dd7337587eccb11dff4c5507ee9589e31b0d
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
compressed
MD5: 27baa579dd8023aab37d6d3e7adba1b3
SHA256: 5c722d275ef0b8254bb2a1efb8401f5e463bfc5efc527edf8fc35866d03bedc5
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
image
MD5: 867653e4d0a2591e31473bc2a7df93a8
SHA256: b59af5ec9d0b2069953092e4183380568b37efd65d265136ef7f4ccac3d719aa
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: d932a31a0fb91833edb0325c6b434b34
SHA256: 8049465356163740d6e4c0bb56b9dcaa90149631646fa6bb56d01de223bd1f8e
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF19dc1e.TMP
text
MD5: 403ebe94fb220c678c90907785ce1009
SHA256: 67d1dcf0c13b72019c9fc56c57d48617e35b1bd883c83452ae2b8764c4472482
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 403ebe94fb220c678c90907785ce1009
SHA256: 67d1dcf0c13b72019c9fc56c57d48617e35b1bd883c83452ae2b8764c4472482
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\c0cd984c-8258-48a2-945f-fab8d1071f4a.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1
binary
MD5: 99d496b55c1d98070769172a85267d64
SHA256: 4566b50e8254f1771c2e53c1327f61bed6e15ca91e76c1551f3e4dabb209312d
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0
binary
MD5: 5ab75582c6ce50546c87bd5792e01e1e
SHA256: 96f8253e1337e8f68610afa15652ad94421ca42099972dd14085c7fbd954bdbd
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
image
MD5: a3e3723e567f8f97b4fe13d1b56507ec
SHA256: 032359b397ef4cde67647458d1787e7a2ee780cbf7c153d6975fb9f3193687c4
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
image
MD5: c081222769f0c72de90a3bcb9616919b
SHA256: 952a233754691bc24496b5125790516d2107c910041f9a8517feb0411235c0bf
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
image
MD5: a5ed244a40796565357b692ab16da7dd
SHA256: 884728c348516b609451cd9eeb55ce0345ca242b24da48e8194e793634911738
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
image
MD5: 569fccdb7c9e627f2dfcf14842d735a3
SHA256: f701a5bfd91ac6aa2ade11092008ef33ce70f7bfb004ad7af177c7d3c2ad5f6f
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 63ddfd7544f4114769f393c76c6de16a
SHA256: 930223dea609e5fced5b032ff61433ccfe3d00a6ae7e2a3ff7e8cf11243b44ea
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF19b26e.TMP
text
MD5: 63ddfd7544f4114769f393c76c6de16a
SHA256: 930223dea609e5fced5b032ff61433ccfe3d00a6ae7e2a3ff7e8cf11243b44ea
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a4e40.TMP
text
MD5: bae69fc1045f7dc38a230a0494107ea4
SHA256: 287a50d6f2da039f4f1d0852de58de758401cc18fc39001cfee13e4cec0d4b67
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
compressed
MD5: 01d5892e6e243b52998310c2925b9f3a
SHA256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF19b1c2.TMP
text
MD5: 27acaeb49acebf24d27cb82606cc1db9
SHA256: 2cda35a3f7e2298cefb804ab2ad7d8bf861d6332d6f7ba81c31ba7d5d4cab44d
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 27acaeb49acebf24d27cb82606cc1db9
SHA256: 2cda35a3f7e2298cefb804ab2ad7d8bf861d6332d6f7ba81c31ba7d5d4cab44d
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\8ebef94f-2f9a-4ab4-9762-de9e579262ec.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
compressed
MD5: 5b10b16e5045522f045aae82c3d6f1ec
SHA256: 44b7491565c964061aa73ab03229e05c2b443077e9f848723af352d25054b3f1
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: ba4564b44d088218905d19883b41c3ca
SHA256: d952c7c5835d2ad55617852b22f7d6ada54a14ef66cee42265ceac1674756332
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19b106.TMP
text
MD5: ba4564b44d088218905d19883b41c3ca
SHA256: d952c7c5835d2ad55617852b22f7d6ada54a14ef66cee42265ceac1674756332
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\bafa4e77-ce08-4cd5-bf23-fd52440ca84c.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
compressed
MD5: 96052ff82793864a6711878deb443b4d
SHA256: 547b45eddfb95b02265fbbf3e1780ee52d8399516622464d159a87c7cbbfe965
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
compressed
MD5: e33d4ad1b89f2675fddd531a1f0c7da6
SHA256: 13ce7f2b3fe3f49391b58faa6f32fa095e042ecca71608c7724d899b2f983cb7
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
compressed
MD5: 093456d525d5930a303812addcd46387
SHA256: c0e239f19939fea07e71e52ce997f2bbfb28e927e4cc08fa8cacc5bf4c2e40b1
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
woff
MD5: afae4754ef246c8d54bf675325a1fbd0
SHA256: 61f0e3fe08294977c6bd342bfad309eb96b2b1019831413555b0a2cfc05286e6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
compressed
MD5: 1fbf12389b3795f266f4d3299115c36d
SHA256: 8c28b158e148a6fe4f15709cf9309275dae4b5567e8074822684d9a81694243e
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
compressed
MD5: a32abf75460d61fcce13c3f67c038a71
SHA256: f827da9612999104e681cdedb61fd9b58bda8987a3bd5536bfa0ed23000a08ce
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
compressed
MD5: 9774da59cde9792c9836bb8ea7fe8023
SHA256: d80be1ef83d28f777a0de9b26cd914f2f9e653d4f77cd4e0586198142ea98fa7
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
image
MD5: 3a389d14e7d0c061066cbccb3cd4bedf
SHA256: 88d8d280ca25231089d471d2f808065546a628f9bae042aa92d69c7cd606fc99
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
woff
MD5: 0e6b9482ba429b6c5415d26617644f1c
SHA256: 5b1b7e719207ee1b03905e28129e21d1dd70af9eb1b6d9a24bb17db53d8d6da7
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old~RF1994f3.TMP
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 02536c23edc1e418a6fea313d20b2a39
SHA256: 8e8de8689482b477d0beebe0a4ac24b9cabcbfa84848f66b4c0f55cd96dc0fe9
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
binary
MD5: a7c866907473e4cd3175b06858231ea4
SHA256: 56b4f8aa89e50a934625a1ab245d5a70c6d0bec85569c186ff8c67cec1fbb832
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
binary
MD5: 429991d51101351b2e62894fb97a48a9
SHA256: fef78a7c2451d756301c630d61bd3dc96d448888140a2f11102dca615a73869e
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF199159.TMP
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF1990dc.TMP
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model
binary
MD5: 4b8e905a1b14517440e33f2b5562b6be
SHA256: 9de2cce0141fe28737f3cb856a74a2c237a5a756a2f8ad2a00a512fc39e13f05
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model~RF198f36.TMP
binary
MD5: 4b8e905a1b14517440e33f2b5562b6be
SHA256: 9de2cce0141fe28737f3cb856a74a2c237a5a756a2f8ad2a00a512fc39e13f05
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\a4f9d040-9cdc-4885-8bd8-49e4920607cb.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old~RF198c67.TMP
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT~RF198bcb.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF198bbb.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\000016.dbtmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000016.dbtmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\74802bb0-60c3-48cc-b75f-0942b928756a.tmp
––
MD5:  ––
SHA256:  ––
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF198b5e.TMP
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old~RF198b5e.TMP
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old~RF198ae1.TMP
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF198ae1.TMP
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: c10ebd4db49249efc8d112b2920d5f73
SHA256: 90a1b994cafe902f22a88a22c0b6cc9cb5b974bf20f8964406dd7d6c9b8867d1
3700
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2
2948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
2
TCP/UDP connections
72
DNS requests
45
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2948 chrome.exe GET 200 23.8.12.101:80 http://ssl.trustwave.com/issuers/STCA.crt NL
der
whitelisted
2948 chrome.exe GET 200 93.184.221.240:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2948 chrome.exe 216.58.206.3:443 Google Inc. US whitelisted
2948 chrome.exe 172.217.16.131:443 Google Inc. US whitelisted
2948 chrome.exe 151.101.2.49:443 Fastly US suspicious
2948 chrome.exe 172.217.22.13:443 Google Inc. US whitelisted
2948 chrome.exe 104.31.75.238:443 Cloudflare Inc US unknown
2948 chrome.exe 104.20.112.56:443 Cloudflare Inc US unknown
2948 chrome.exe 216.58.207.33:443 Google Inc. US whitelisted
2948 chrome.exe 172.217.18.162:443 Google Inc. US whitelisted
2948 chrome.exe 216.58.210.2:443 Google Inc. US whitelisted
2948 chrome.exe 216.58.208.34:443 Google Inc. US whitelisted
2948 chrome.exe 172.217.18.2:443 Google Inc. US whitelisted
2948 chrome.exe 172.217.22.65:443 Google Inc. US whitelisted
2948 chrome.exe 216.58.205.232:443 Google Inc. US whitelisted
2948 chrome.exe 23.45.99.242:443 Akamai International B.V. NL whitelisted
2948 chrome.exe 172.217.22.74:443 Google Inc. US whitelisted
2948 chrome.exe 172.217.23.131:443 Google Inc. US whitelisted
–– –– 66.102.1.156:443 Google Inc. US whitelisted
2948 chrome.exe 151.101.66.49:443 Fastly US unknown
2948 chrome.exe 216.58.205.225:443 Google Inc. US whitelisted
2948 chrome.exe 104.111.230.142:443 Akamai International B.V. NL whitelisted
2948 chrome.exe 216.58.206.6:443 Google Inc. US whitelisted
2948 chrome.exe 213.19.162.61:443 The Rubicon Project, Inc. GB unknown
2948 chrome.exe 172.217.22.6:443 Google Inc. US whitelisted
2948 chrome.exe 37.157.4.24:443 Adform A/S DK unknown
2948 chrome.exe 172.217.22.2:443 Google Inc. US whitelisted
2948 chrome.exe 213.19.162.57:443 The Rubicon Project, Inc. GB unknown
2948 chrome.exe 54.228.249.209:443 Amazon.com, Inc. IE unknown
2948 chrome.exe 172.217.18.98:443 Google Inc. US whitelisted
2948 chrome.exe 37.157.6.234:443 Adform A/S DK unknown
2948 chrome.exe 37.252.172.70:443 AppNexus, Inc –– unknown
2948 chrome.exe 178.250.0.157:443 Criteo SA FR unknown
2948 chrome.exe 213.19.162.56:443 The Rubicon Project, Inc. GB unknown
2948 chrome.exe 176.34.134.126:443 Amazon.com, Inc. IE unknown
2948 chrome.exe 185.29.135.42:443 MediaMath Inc GB unknown
2948 chrome.exe 172.217.16.130:443 Google Inc. US unknown
2948 chrome.exe 66.155.71.149:443 Peer 1 Network (USA) Inc. CA suspicious
2948 chrome.exe 23.8.12.101:80 Akamai International B.V. NL whitelisted
2948 chrome.exe 213.19.162.90:443 The Rubicon Project, Inc. GB unknown
2948 chrome.exe 93.184.221.240:80 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2948 chrome.exe 172.217.21.226:443 Google Inc. US whitelisted
2948 chrome.exe 213.19.162.76:443 The Rubicon Project, Inc. GB unknown

DNS requests

Domain IP Reputation
clientservices.googleapis.com 216.58.206.3
whitelisted
www.hdblog.it 151.101.2.49
151.101.66.49
151.101.130.49
151.101.194.49
unknown
www.gstatic.com 172.217.16.131
whitelisted
accounts.google.com 172.217.22.13
shared
css.hd-cdn.it 104.31.75.238
104.31.74.238
unknown
js.hd-cdn.it 104.31.75.238
104.31.74.238
unknown
hd.tudocdn.net 104.20.112.56
104.20.113.56
unknown
themes.googleusercontent.com 216.58.207.33
whitelisted
i3.hd-cdn.it 104.31.75.238
104.31.74.238
unknown
i2.hd-cdn.it 104.31.75.238
104.31.74.238
unknown
i1.hd-cdn.it 104.31.75.238
104.31.74.238
unknown
www.googletagservices.com 172.217.18.162
whitelisted
adservice.google.no 216.58.208.34
whitelisted
securepubads.g.doubleclick.net 172.217.18.2
whitelisted
adservice.google.com 216.58.210.2
whitelisted
tpc.googlesyndication.com 172.217.22.65
whitelisted
ssl.google-analytics.com 216.58.205.232
whitelisted
sb.scorecardresearch.com 23.45.99.242
whitelisted
translate.googleapis.com 172.217.22.74
whitelisted
ssl.gstatic.com 172.217.23.131
whitelisted
stats.g.doubleclick.net 66.102.1.156
66.102.1.155
66.102.1.154
66.102.1.157
whitelisted
ads.rubiconproject.com 104.111.230.142
whitelisted
cdn.ampproject.org 216.58.205.225
whitelisted
ad.doubleclick.net 216.58.206.6
whitelisted
optimized-by.rubiconproject.com 213.19.162.61
213.19.162.31
213.19.162.71
213.19.162.51
213.19.162.21
213.19.162.41
whitelisted
s0.2mdn.net 172.217.22.6
whitelisted
beacon-eu-ams3.rubiconproject.com 213.19.162.57
213.19.162.67
213.19.162.47
213.19.162.27
213.19.162.77
213.19.162.37
whitelisted
adx.adform.net 37.157.4.24
37.157.6.253
37.157.2.238
37.157.6.247
37.157.2.239
37.157.4.25
whitelisted
pagead2.googlesyndication.com 172.217.22.2
whitelisted
googleads4.g.doubleclick.net 172.217.18.98
whitelisted
beacon.krxd.net 54.228.249.209
54.228.202.240
46.137.90.32
46.137.176.25
54.217.244.94
46.137.189.8
54.217.228.188
54.228.214.7
whitelisted
s1.adform.net 37.157.6.234
37.157.5.71
37.157.2.247
whitelisted
ib.adnxs.com 37.252.172.70
37.252.172.42
37.252.172.53
37.252.172.27
37.252.172.80
37.252.172.12
37.252.172.39
37.252.172.40
whitelisted
gum.criteo.com 178.250.0.157
whitelisted
eus.rubiconproject.com 104.111.230.142
whitelisted
token.rubiconproject.com 213.19.162.56
213.19.162.76
213.19.162.66
213.19.162.46
213.19.162.26
213.19.162.36
whitelisted
match.adsrvr.org 176.34.134.126
54.154.201.99
54.154.0.227
54.77.151.154
54.72.175.179
54.229.236.204
54.76.88.219
54.171.170.195
whitelisted
cm.g.doubleclick.net 172.217.16.130
whitelisted
sync.mathtag.com 185.29.135.42
185.29.135.48
185.29.135.227
185.29.132.21
whitelisted
sync-tm.everesttech.net 151.101.2.49
151.101.66.49
151.101.130.49
151.101.194.49
whitelisted
pixel-a.sitescout.com 66.155.71.149
whitelisted
ssl.trustwave.com 23.8.12.101
whitelisted
pixel.rubiconproject.com 213.19.162.90
213.19.162.80
whitelisted
www.download.windowsupdate.com 93.184.221.240
whitelisted
ade.googlesyndication.com 172.217.21.226
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.