Analysis Overview
Threat Level: Known bad
The file https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Suspicious use of SetThreadContext
Checks SCSI registry key(s)
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Suspicious behavior: EnumeratesProcesses
Checks processor information in registry
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 04:53
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 04:53
Reported
2024-02-23 04:59
Platform
win10v2004-20240221-en
Max time kernel
179s
Max time network
180s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 8180 set thread context of 7440 | N/A | C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\ROBLOX Cheat.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.0.886562422\528364022" -parentBuildID 20221007134813 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4809bb07-1d15-4d61-89fc-c24a0c416dc6} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 1944 28eb182d358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.1.1530139801\747902158" -parentBuildID 20221007134813 -prefsHandle 2340 -prefMapHandle 2328 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {16ec0d70-dd91-4ff2-880c-a26f25698229} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 2368 28eb05e8b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.2.683182032\396263643" -childID 1 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {709c6ce0-1512-4641-8337-99f9c0633289} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3204 28eb486c858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.3.137854157\832822039" -childID 2 -isForBrowser -prefsHandle 3628 -prefMapHandle 3624 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20ee2db2-a19f-422a-a7e1-1f5472266291} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3640 28ea3e6d458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.4.893932663\481003859" -childID 3 -isForBrowser -prefsHandle 4852 -prefMapHandle 4868 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {062da05b-81eb-4333-b258-1a4caaed9acf} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 4872 28eb43c4258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.5.836649372\824457941" -childID 4 -isForBrowser -prefsHandle 5016 -prefMapHandle 5020 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc1848dd-04f0-4ad3-a7e7-2cbcadaca3c4} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 5008 28eb6b12b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.6.1130968403\587826523" -childID 5 -isForBrowser -prefsHandle 5216 -prefMapHandle 5220 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e642618-08cb-433d-8504-9cc74c84d9bc} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 5204 28eb6faba58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.8.1467037837\956539872" -childID 7 -isForBrowser -prefsHandle 3008 -prefMapHandle 9772 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8dd1cbaa-04eb-4355-9891-448b13e9943e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3024 28eb0936858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.7.2134895947\1392640869" -childID 6 -isForBrowser -prefsHandle 2956 -prefMapHandle 2960 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8d87c15-0efc-49ee-b71e-90328d65bef7} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3608 28eb0677258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.9.618680793\2045264986" -childID 8 -isForBrowser -prefsHandle 9272 -prefMapHandle 9240 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {71a33748-454f-4fdf-a20e-fb08574cce51} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9252 28eb1feef58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.12.934704827\1878418623" -childID 11 -isForBrowser -prefsHandle 9304 -prefMapHandle 8768 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {66142655-0041-45ad-abb5-0932560166cd} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8772 28eb1fedd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.11.1778081388\1644561003" -childID 10 -isForBrowser -prefsHandle 8964 -prefMapHandle 8960 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {efc36d08-715b-4fe9-8b9a-7829f950476e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8972 28eb816cd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.10.389481927\1398557123" -childID 9 -isForBrowser -prefsHandle 9116 -prefMapHandle 9112 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53a4f1cc-56e4-48ad-ac8d-b7f966820ac2} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9320 28eb1fef858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.13.915101867\214522686" -childID 12 -isForBrowser -prefsHandle 9072 -prefMapHandle 8736 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {518ee8c2-5bc3-42ba-96b6-678944491cfd} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9084 28ebab2ae58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.15.800586644\1425452932" -childID 14 -isForBrowser -prefsHandle 7956 -prefMapHandle 8120 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc930806-31d9-413e-98f3-d2cddfd3302e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7924 28eba512858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.14.1180624102\1832800208" -childID 13 -isForBrowser -prefsHandle 8072 -prefMapHandle 8076 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {56b58d54-47df-44a7-8246-16be2c5ca409} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8116 28eba512558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.16.53817346\137431065" -childID 15 -isForBrowser -prefsHandle 7636 -prefMapHandle 7640 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bb55daf-8237-468b-ae56-b76624342983} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7724 28eba5a5058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.17.1555996307\917676950" -childID 16 -isForBrowser -prefsHandle 7452 -prefMapHandle 7456 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0ae78b14-6f29-4e3b-aa10-6d30a6b75224} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7548 28ebabf4458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.20.1395699349\2040205613" -childID 19 -isForBrowser -prefsHandle 6916 -prefMapHandle 6912 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {81f17446-78dd-4c0e-b2cb-d0d5e05d6f7c} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6924 28ebb1d2f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.19.237540781\1819643799" -childID 18 -isForBrowser -prefsHandle 7132 -prefMapHandle 7128 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2965a7dc-b615-44ef-868b-f8b6475b78ad} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7140 28ebb1d0558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.18.1853517976\1221642504" -childID 17 -isForBrowser -prefsHandle 7360 -prefMapHandle 9408 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff5450ec-0731-4291-bf31-180ce7cf3559} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7356 28eb0938f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.21.994052489\943451808" -childID 20 -isForBrowser -prefsHandle 6648 -prefMapHandle 7084 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f90ffee7-de4f-4797-814f-6ee08a229423} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7104 28eb8375358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.22.339599510\331557963" -childID 21 -isForBrowser -prefsHandle 8936 -prefMapHandle 8940 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c21117ee-ad3c-45b8-b686-48d8c7161980} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8704 28eb0686d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.23.1973256761\265881025" -childID 22 -isForBrowser -prefsHandle 6528 -prefMapHandle 8088 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {32014e3a-ee74-4347-8777-cd92f970fd60} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6536 28eb1f85758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.25.487547448\1991748620" -childID 24 -isForBrowser -prefsHandle 6344 -prefMapHandle 6340 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e32e455e-e5ad-4222-8c56-0da08429e564} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6352 28eb7745f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.24.555506682\1902225029" -childID 23 -isForBrowser -prefsHandle 7744 -prefMapHandle 8120 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62c393cc-c435-4fb2-88b1-c9a484f45ac8} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6600 28eb6fab758 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ROBLOX Cheat\" -spe -an -ai#7zMap5571:86:7zEvent15808
C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe
"C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe
"C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | download2351.mediafire.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 199.91.155.92:443 | download2351.mediafire.com | tcp |
| US | 8.8.8.8:53 | download2351.mediafire.com | udp |
| US | 44.237.149.213:443 | shavar.services.mozilla.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | download2351.mediafire.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| N/A | 127.0.0.1:53797 | tcp | |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 213.149.237.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 172.217.16.238:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 216.58.201.106:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 216.58.201.106:443 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 18.172.155.29:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 54.68.131.243:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| BE | 142.251.173.154:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.42:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| BE | 142.251.173.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 29.155.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.131.68.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| N/A | 127.0.0.1:53804 | tcp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.64.193.22:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| US | 172.64.193.22:443 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.214.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.89.181.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 172.64.192.4:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 172.64.193.4:443 | g.ezodn.com | tcp |
| US | 104.19.215.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 172.64.193.4:443 | g.ezodn.com | udp |
| GB | 172.217.169.34:443 | securepubads46.g.doubleclick.net | tcp |
| GB | 96.16.109.9:443 | e6603.g.akamaiedge.net | tcp |
| GB | 18.165.201.38:443 | tags.crwdcntrl.net | tcp |
| IE | 54.155.211.205:443 | bcp.crwdcntrl.net | tcp |
| IE | 34.246.36.174:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 172.64.192.4:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 172.64.192.4:443 | bshr.ezodn.com | tcp |
| GB | 172.217.169.34:443 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 4.192.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.211.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.36.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 172.64.192.4:443 | bshr.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ut.pubmatic.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 151.101.1.229:443 | jsdelivr.map.fastly.net | tcp |
| NL | 185.64.189.226:443 | ut.pubmatic.com | tcp |
| US | 8.8.8.8:53 | t-amsc.pubmnet.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | t-amsc.pubmnet.com | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 151.101.1.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | 226.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| DE | 18.198.247.224:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| IE | 52.18.242.117:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 172.67.10.198:443 | prebid.smilewanted.com | tcp |
| US | 172.67.10.198:443 | prebid.smilewanted.com | tcp |
| US | 172.67.10.198:443 | prebid.smilewanted.com | tcp |
| US | 172.67.10.198:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | hbopenbid-ams.pubmnet.com | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.247.198.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.242.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.10.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | 254.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 18.245.247.167:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | hbopenbid-ams.pubmnet.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | hb-api-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | hb-api-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | d2avimlm6gq3h9.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | d2avimlm6gq3h9.cloudfront.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com.cdn.cloudflare.net | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | ae6f95c73258d7fa61fa0aadfd982904.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | 167.247.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | pagead-googlehosted.l.google.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| GB | 216.58.204.65:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| GB | 92.123.128.181:443 | e86303.dscx.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | udp |
| NL | 185.89.210.244:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 92.123.128.181:443 | e86303.dscx.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2271.mediafire.com | udp |
| US | 199.91.155.12:443 | download2271.mediafire.com | tcp |
| US | 8.8.8.8:53 | download2271.mediafire.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | download2271.mediafire.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 151.101.1.108:443 | prod.appnexus.map.fastly.net | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 172.67.10.198:443 | csync.smilewanted.com | tcp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| DE | 3.71.149.231:443 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | tcp |
| IE | 34.246.36.174:443 | id.crwdcntrl.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | imagesync-lhrc.pubmnet.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | imagesync-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| FR | 185.235.86.105:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 104.22.68.131:443 | csync.smilewanted.com | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | ow-amsc.pubmnet.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| FR | 185.235.86.192:443 | gem.gbc.criteo.com | tcp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | ow-amsc.pubmnet.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| GB | 185.64.190.79:443 | imagesync-lhrc.pubmnet.com | tcp |
| NL | 35.214.149.91:443 | user-data-eu.bidswitch.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| DK | 37.157.3.20:443 | track-eu.adformnet.akadns.net | tcp |
| FR | 178.32.197.52:443 | ssbsync-euw2.smartadserver.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| IE | 99.81.115.10:443 | ap.lijit.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| NL | 185.64.189.116:443 | ow-amsc.pubmnet.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | gbc3.fr3.eu.criteo.com | udp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.68.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.242.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gbc3.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| NL | 81.17.55.172:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | gbc6.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | gbc6.fr3.eu.criteo.com | udp |
| NL | 185.89.210.82:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| IE | 54.195.226.61:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 213.19.162.80:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| DE | 52.58.248.46:443 | rtb.mfadsrvr.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 213.19.162.80:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 213.19.162.80:443 | pixel-eu.rubiconproject.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| NL | 154.57.158.26:443 | ads.stickyadstv.com | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| GB | 108.156.39.117:443 | s.ad.smaato.net | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | 10.115.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.226.195.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.248.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| GB | 18.164.68.59:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| NL | 35.214.249.77:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 34.194.178.189:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 81.17.55.109:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | zemanta-nychi.zemanta.com | udp |
| NL | 185.89.210.82:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.82:443 | secure.adnxs.com | tcp |
| NL | 178.250.1.9:443 | widget.nl3.vip.prod.criteo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| IE | 52.210.106.172:443 | match.prod.bidr.io | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 54.197.247.108:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.155.221.32:443 | jadserve.postrelease.com.akadns.net | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | zemanta-nychi.zemanta.com | udp |
| US | 8.8.8.8:53 | 59.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.249.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| NL | 213.19.162.80:443 | pixel-eu.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| NL | 208.93.169.131:443 | am1-direct-bgp.contextweb.com | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| IE | 52.210.106.172:443 | match.prod.bidr.io | tcp |
| US | 54.204.62.38:443 | qvdt3feo.com | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.106.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.221.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.247.197.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync.smartadserver.com | tcp |
| DE | 57.129.18.109:443 | wt.rqtrk.eu | tcp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 38.62.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 104.18.38.76:443 | cdn.indexww.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 8.8.8.8:53 | chocolatedepressofw.fun | udp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 8.8.8.8:53 | prescriptionstorageag.fun | udp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 8.8.8.8:53 | turkeyunlikelyofw.shop | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 8.8.8.8:53 | associationokeo.shop | udp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 191.202.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.147.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 89c7aa736cee17a36d2201a2f8ef98ce |
| SHA1 | 608421eaaa0aa65a46afef1d8dba2058483134bc |
| SHA256 | ceb6de102d3422f25fdf08bc151b6d88087383f908ff1460bb130763218cc6cc |
| SHA512 | eb0be06d48ea1e752ba232ba96204aec6db2039c33c7a677395ceec62b2263961c03e30164e23188dc40d0bfebdbe74490f5be10ce3161f503055e5f0dd76eb6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\pending_pings\0468bf49-b54d-4190-833b-b6e6ed10f204
| MD5 | 52b36d65e97c1563f58ff0e32751f7d2 |
| SHA1 | a794b8c0fd50559d69cad0030ba6abe28de13e60 |
| SHA256 | ba98f95bf7ec44e6fe63eea74db7124e3cb11cec1d3f618e539d635e5d3fd9b5 |
| SHA512 | 87aacaa0d088f83cbd9149a4c3f9d01bbcd17e06b0f527f52668904840401834007ab557f23e90fe649d4f8fc97ad1ec4ef07423ebbc9ec2b16fb8644d46a636 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\pending_pings\01ee59f5-e52b-4d26-af9e-0a4a045bf2d9
| MD5 | 19379e3cd2b3fecc1d8a7b26a2506bd6 |
| SHA1 | ec66e7b811a5fd4cae6399a167d17749b7fe8290 |
| SHA256 | d9cd3b566fe4bdd6cbabfda00437450d7302983b2a75104c86ef5ebf1795ab34 |
| SHA512 | 5e42c96f988eaa05300386102587eab3f447e41e348bfc95854fb9dbfe84fd6602ad5b096276c3fa720580b2df830b0b678c0c1029a4209ee8ab234ef0aa80e7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\prefs-1.js
| MD5 | a0c9822da776c0c7cbbd4c34aafce374 |
| SHA1 | 0a59fdd6fd96efc9e68570f405f30a54c628f55e |
| SHA256 | 7fa95f4d662f03a1ed7c4edd7e51550d8749a7aeffeb03f8b12a0850ed956db3 |
| SHA512 | 873538628f70cb06d3c2a2deb432570a89ac5105b798687cc359eb3823b852ce2eff6e46264ee5572f8e643cba944cb92160d0bccf7203e595804b73b42e225c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\26960
| MD5 | f135e0abb5c841b656655b232f2dfb34 |
| SHA1 | f959632c5862b1ff552c197c83f1c2c6aadb2800 |
| SHA256 | 0b8b9ceb358351bd3348caa9b2a5ed175e041de6c9b304247930d27d95c6ef36 |
| SHA512 | 58154115a259c4d2b664094ecfe893c57ad752e3ee23a20ee7e4e81424169adca6db7ab9024dd70e7ed8da0d522d9a1e4b0f31ec8d6c66424ea8fa47c60d897c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 393b04dcf7ada75c724a462c526e6333 |
| SHA1 | cafd5f4d8cf1bde2c6631bc45015409b35203cf3 |
| SHA256 | 4a48919c4f1241349b1feeb602c3f6ea4204a221b29be92f3e8bc668b6aa2420 |
| SHA512 | a1f50c13525a647b29d3809876b8bdfcd95df866fdb6e21eb984c7c5c4fbebe31f9d4ca4cc3145f4bb64cc0c287c41a089f0e948fdae0b254230c7eed0084e9c |
C:\Users\Admin\Downloads\ROBLOX Cheat.lXEWYaoU.zip.part
| MD5 | db35b573a604805107127de165e7d6c2 |
| SHA1 | 1f94149224dc24cfb2280c4793223a87c2cd223f |
| SHA256 | 6c5772aea27480e4fad8ed3aa82a7fb9bb3ea8d61cd8520611c8822527c0364c |
| SHA512 | a15426bf99afda1aa6b639d97941fa6c4478b11d6a1b489b4246493a66504331fac46685774a13c5f1c4647b204e2a0e9a12b3e7812306e304f89c0cfe40b8d3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\4560
| MD5 | 18e21f01eedf2853794f7a67b00e7e2b |
| SHA1 | fa18704ced00dd461961924b5beb31c4a512ad4b |
| SHA256 | 5240cf0787fd27e65b381e893f12c8c09f404bcf086f87f6e1733c2413a6ef58 |
| SHA512 | 8d3da8cc603472b80d66f89d60a74899bda3bda492a8066c1c39599e1b1e9ef711404a66d5b6ace20d6f3dbc090283eae133e30b81b77bbfba4709bced9040bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\27105
| MD5 | f722085c0cc44611d0843bbbb900b192 |
| SHA1 | 5b6ae8c0c53e65b68ce028d9af5fafb032be652b |
| SHA256 | c88236a4fc61289708ae82ebb6f0b644993b381d0fa3f6d5d78518d9e3ac6049 |
| SHA512 | 4593354706ed1da80ca10305b000c9759057b9c1ce6f93924374de889f77fa10766f2d62a5eec1e95a9d282790c235a9f2bd0f2a7d00387fe97831fafac5c84b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\12220
| MD5 | dee4c31094cf1f8b34d5cd7335f62048 |
| SHA1 | d4e086444367e18a630bb5a48555d46e9936b15d |
| SHA256 | e6ed466ae4be5f4a0e425f1dd497f1664c8b8a61d973adf8a810a011e0285f47 |
| SHA512 | f83eb1f72736093cf93f1914946fe7d82ce58f759f4fbe6a18d297d9249bfe744ddcb569f577b4ff0ccd9a26762e13452871b3ed8990fc7eb093c3c9d785a5da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\prefs-1.js
| MD5 | c3241ba17376ac0335a35a72748b0081 |
| SHA1 | 7daf84b7d645fbf5e83b1c06f4d65db65f80759d |
| SHA256 | 8acdc5d3b5f2539cf758b3e0fde1d1832cd030ead833722e9d42fc679a91e20f |
| SHA512 | b0d7813f6b225aa8737e3344d7cdc4cadff366d8246f049ffba731e1f3654574ec3afef83c436f8459c078bd4a94e0e6772834fc12529e04e7ccd65e513f7e61 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | aa3e982d560adc24d3a9b86594aeeedc |
| SHA1 | 9e057656a97d5d108d92872850dd7ef39b7b16e9 |
| SHA256 | 78e5cc70a72e5c5f4c7a597ff0955931fb24df13aa6417d4d316493205a8c01c |
| SHA512 | 3991dac232590f4fbc25fd2b250ff3135af890384c8a70c79a876f144d517dd378110428fa8f8190bc0bb6f31223cd3358b06fc0e50b1c86e969a03324e3678a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0254a24756fbcfa70a95480c9d0d58c5 |
| SHA1 | a0eba82d1d05fbbe18efe669027e487ac485e913 |
| SHA256 | 9af033fcdd22b6fa4fcae35f894d9697206ce7b9cc360d02c2b84ed1cf0bdff0 |
| SHA512 | fdfb7983756339a72c4b3f3114e8baec40eda9e63613193dc4964fd23500504d6736779c909fc812e063b8e4d1b9fab963bf485178c0797deacb0b2614dd1fc2 |
C:\Users\Admin\Downloads\ROBLOX Cheat.zip
| MD5 | 1dc9dfcb7eddcc7e8e98b67e9f0a596f |
| SHA1 | cea32d3636e18fcbd02fa30bc46f516d06deb100 |
| SHA256 | 62ebc7d50d919e040eb0a9ca400039186c7244dc59087eefa9cfeee6e4e798f3 |
| SHA512 | 601f4691e18ba7d3851a56e7f1f84fcd366bb03e18183f536d6c8d9d7e50c03e9c42815869ae759b7dab0a885d38fea6553f4c48fe652ad083d99e8bf3949b6d |
C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe
| MD5 | d54a8b90227a487bc800a3eb7c1352f0 |
| SHA1 | 039d57519a03de5dc5fdb53afa948f49a59988b3 |
| SHA256 | becba2eb6f7ad1976f91cc183107ed7d45e264a861a74e90102314cbbd352928 |
| SHA512 | 6b0561ca4446ed7cce21f6e6c531ff2cd992cfa2cdd9adb7e4546f4390cefdd5fa09a4cacb65b4b3499a29ebb5d133df4c79e853b3bf383b2059fdde4327e89b |
memory/8180-886-0x0000000004940000-0x0000000004990000-memory.dmp
memory/8180-887-0x0000000074EA0000-0x0000000075650000-memory.dmp
memory/8180-888-0x0000000004B20000-0x0000000004B30000-memory.dmp
memory/8180-889-0x0000000004B30000-0x00000000050D4000-memory.dmp
memory/8180-890-0x0000000004A10000-0x0000000004A5E000-memory.dmp
memory/7440-893-0x0000000000400000-0x0000000000446000-memory.dmp
memory/7440-896-0x0000000000400000-0x0000000000446000-memory.dmp
memory/8180-898-0x0000000074EA0000-0x0000000075650000-memory.dmp
memory/8180-899-0x0000000002600000-0x0000000004600000-memory.dmp
memory/7440-900-0x0000000000FB0000-0x0000000000FE2000-memory.dmp
memory/7440-903-0x0000000000FB0000-0x0000000000FE2000-memory.dmp
memory/7440-902-0x0000000000FB0000-0x0000000000FE2000-memory.dmp
memory/7440-904-0x0000000000400000-0x0000000000446000-memory.dmp
memory/7440-901-0x0000000000FB0000-0x0000000000FE2000-memory.dmp
memory/6656-905-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-907-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-906-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-911-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-912-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-913-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-914-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-916-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-917-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/6656-915-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp
memory/8180-920-0x0000000002600000-0x0000000004600000-memory.dmp