Malware Analysis Report

2024-11-30 04:56

Sample ID 240223-fhx9zabh29
Target https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip
Tags
lumma stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip was found to be: Known bad.

Malicious Activity Summary

lumma stealer

Lumma Stealer

Executes dropped EXE

Suspicious use of SetThreadContext

Checks SCSI registry key(s)

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Uses Task Scheduler COM API

Suspicious behavior: EnumeratesProcesses

Checks processor information in registry

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

NTFS ADS

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-23 04:53

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-23 04:53

Reported

2024-02-23 04:59

Platform

win10v2004-20240221-en

Max time kernel

179s

Max time network

180s

Command Line

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip"

Signatures

Lumma Stealer

stealer lumma

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe N/A
N/A N/A C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 8180 set thread context of 7440 N/A C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\ROBLOX Cheat.zip:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: 33 N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4224 wrote to memory of 1968 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2508 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2508 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2944 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1968 wrote to memory of 2344 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://download2351.mediafire.com/sm24pq2ja12gIkr6ANd8hBZBtzNvbL86ofmt2oH2-Bca2Feuo9B9ty1_sfgZfevMA1tlE5DrWc1TLEWTIT4ghzJoNjJO3vIASD0VQxrX7iOjjrAveXppvuFUucQHB2mrHV6vE1_NlpqF1tcHIJW6ezMSRaYF2bp3xnk-iYG0fez5/wl9moebaudqauqv/ROBLOX+Cheat.zip

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.0.886562422\528364022" -parentBuildID 20221007134813 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4809bb07-1d15-4d61-89fc-c24a0c416dc6} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 1944 28eb182d358 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.1.1530139801\747902158" -parentBuildID 20221007134813 -prefsHandle 2340 -prefMapHandle 2328 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {16ec0d70-dd91-4ff2-880c-a26f25698229} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 2368 28eb05e8b58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.2.683182032\396263643" -childID 1 -isForBrowser -prefsHandle 3192 -prefMapHandle 3188 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {709c6ce0-1512-4641-8337-99f9c0633289} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3204 28eb486c858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.3.137854157\832822039" -childID 2 -isForBrowser -prefsHandle 3628 -prefMapHandle 3624 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {20ee2db2-a19f-422a-a7e1-1f5472266291} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3640 28ea3e6d458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.4.893932663\481003859" -childID 3 -isForBrowser -prefsHandle 4852 -prefMapHandle 4868 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {062da05b-81eb-4333-b258-1a4caaed9acf} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 4872 28eb43c4258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.5.836649372\824457941" -childID 4 -isForBrowser -prefsHandle 5016 -prefMapHandle 5020 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc1848dd-04f0-4ad3-a7e7-2cbcadaca3c4} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 5008 28eb6b12b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.6.1130968403\587826523" -childID 5 -isForBrowser -prefsHandle 5216 -prefMapHandle 5220 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e642618-08cb-433d-8504-9cc74c84d9bc} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 5204 28eb6faba58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.8.1467037837\956539872" -childID 7 -isForBrowser -prefsHandle 3008 -prefMapHandle 9772 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8dd1cbaa-04eb-4355-9891-448b13e9943e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3024 28eb0936858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.7.2134895947\1392640869" -childID 6 -isForBrowser -prefsHandle 2956 -prefMapHandle 2960 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8d87c15-0efc-49ee-b71e-90328d65bef7} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 3608 28eb0677258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.9.618680793\2045264986" -childID 8 -isForBrowser -prefsHandle 9272 -prefMapHandle 9240 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {71a33748-454f-4fdf-a20e-fb08574cce51} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9252 28eb1feef58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.12.934704827\1878418623" -childID 11 -isForBrowser -prefsHandle 9304 -prefMapHandle 8768 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {66142655-0041-45ad-abb5-0932560166cd} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8772 28eb1fedd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.11.1778081388\1644561003" -childID 10 -isForBrowser -prefsHandle 8964 -prefMapHandle 8960 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {efc36d08-715b-4fe9-8b9a-7829f950476e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8972 28eb816cd58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.10.389481927\1398557123" -childID 9 -isForBrowser -prefsHandle 9116 -prefMapHandle 9112 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53a4f1cc-56e4-48ad-ac8d-b7f966820ac2} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9320 28eb1fef858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.13.915101867\214522686" -childID 12 -isForBrowser -prefsHandle 9072 -prefMapHandle 8736 -prefsLen 26381 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {518ee8c2-5bc3-42ba-96b6-678944491cfd} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 9084 28ebab2ae58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.15.800586644\1425452932" -childID 14 -isForBrowser -prefsHandle 7956 -prefMapHandle 8120 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc930806-31d9-413e-98f3-d2cddfd3302e} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7924 28eba512858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.14.1180624102\1832800208" -childID 13 -isForBrowser -prefsHandle 8072 -prefMapHandle 8076 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {56b58d54-47df-44a7-8246-16be2c5ca409} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8116 28eba512558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.16.53817346\137431065" -childID 15 -isForBrowser -prefsHandle 7636 -prefMapHandle 7640 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bb55daf-8237-468b-ae56-b76624342983} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7724 28eba5a5058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.17.1555996307\917676950" -childID 16 -isForBrowser -prefsHandle 7452 -prefMapHandle 7456 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0ae78b14-6f29-4e3b-aa10-6d30a6b75224} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7548 28ebabf4458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.20.1395699349\2040205613" -childID 19 -isForBrowser -prefsHandle 6916 -prefMapHandle 6912 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {81f17446-78dd-4c0e-b2cb-d0d5e05d6f7c} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6924 28ebb1d2f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.19.237540781\1819643799" -childID 18 -isForBrowser -prefsHandle 7132 -prefMapHandle 7128 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2965a7dc-b615-44ef-868b-f8b6475b78ad} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7140 28ebb1d0558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.18.1853517976\1221642504" -childID 17 -isForBrowser -prefsHandle 7360 -prefMapHandle 9408 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff5450ec-0731-4291-bf31-180ce7cf3559} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7356 28eb0938f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.21.994052489\943451808" -childID 20 -isForBrowser -prefsHandle 6648 -prefMapHandle 7084 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f90ffee7-de4f-4797-814f-6ee08a229423} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 7104 28eb8375358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.22.339599510\331557963" -childID 21 -isForBrowser -prefsHandle 8936 -prefMapHandle 8940 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c21117ee-ad3c-45b8-b686-48d8c7161980} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 8704 28eb0686d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.23.1973256761\265881025" -childID 22 -isForBrowser -prefsHandle 6528 -prefMapHandle 8088 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {32014e3a-ee74-4347-8777-cd92f970fd60} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6536 28eb1f85758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.25.487547448\1991748620" -childID 24 -isForBrowser -prefsHandle 6344 -prefMapHandle 6340 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e32e455e-e5ad-4222-8c56-0da08429e564} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6352 28eb7745f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1968.24.555506682\1902225029" -childID 23 -isForBrowser -prefsHandle 7744 -prefMapHandle 8120 -prefsLen 26421 -prefMapSize 233444 -jsInitHandle 1128 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62c393cc-c435-4fb2-88b1-c9a484f45ac8} 1968 "\\.\pipe\gecko-crash-server-pipe.1968" 6600 28eb6fab758 tab

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ROBLOX Cheat\" -spe -an -ai#7zMap5571:86:7zEvent15808

C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe

"C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe

"C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 download2351.mediafire.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 199.91.155.92:443 download2351.mediafire.com tcp
US 8.8.8.8:53 download2351.mediafire.com udp
US 44.237.149.213:443 shavar.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 download2351.mediafire.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 92.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
N/A 127.0.0.1:53797 tcp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.114.74:443 www.mediafire.com tcp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 104.16.113.74:443 static.mediafire.com tcp
US 104.16.113.74:443 static.mediafire.com tcp
US 104.16.113.74:443 static.mediafire.com tcp
US 8.8.8.8:53 static.mediafire.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 213.149.237.44.in-addr.arpa udp
US 8.8.8.8:53 180.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 74.114.16.104.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 104.16.57.101:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 142.250.187.234:443 ajax.googleapis.com udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 translate.google.com udp
GB 172.217.16.238:443 translate.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
GB 172.217.16.238:443 www3.l.google.com udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.201.106:443 translate.googleapis.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.201.106:443 translate.googleapis.com udp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 101.57.16.104.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 18.172.155.29:443 cdn.amplitude.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 api.amplitude.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 216.58.204.67:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.co.uk udp
US 54.68.131.243:443 api.amplitude.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 216.58.204.67:443 www.google.co.uk udp
BE 142.251.173.154:443 stats.g.doubleclick.net tcp
GB 172.217.169.42:443 translate-pa.googleapis.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 172.217.169.42:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
BE 142.251.173.154:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 29.155.172.18.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 243.131.68.54.in-addr.arpa udp
US 8.8.8.8:53 154.173.251.142.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
N/A 127.0.0.1:53804 tcp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.200:443 g.bing.com tcp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 btloader.com udp
US 172.64.193.22:443 www.ezojs.com tcp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 www.ezojs.com.cdn.cloudflare.net udp
US 104.21.42.32:443 the.gatekeeperconsent.com udp
US 172.64.193.22:443 www.ezojs.com.cdn.cloudflare.net udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 104.19.214.37:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
FR 35.181.89.222:443 g.ezoic.net tcp
US 8.8.8.8:53 g.ezoic.net udp
US 104.19.214.37:443 cdn.otnolatrnup.com udp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.2.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 22.193.64.172.in-addr.arpa udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 37.214.19.104.in-addr.arpa udp
US 8.8.8.8:53 222.89.181.35.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 go.ezodn.com udp
US 172.64.192.4:443 go.ezodn.com tcp
US 172.64.192.4:443 go.ezodn.com tcp
US 172.64.192.4:443 go.ezodn.com tcp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 130.211.23.194:443 api.btloader.com udp
US 104.19.215.37:443 otnolatrnup.com tcp
US 8.8.8.8:53 otnolatrnup.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 172.64.192.4:443 go.ezodn.com udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 172.64.193.4:443 g.ezodn.com tcp
US 104.19.215.37:443 otnolatrnup.com udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 securepubads46.g.doubleclick.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 securepubads46.g.doubleclick.net udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 172.64.193.4:443 g.ezodn.com udp
GB 172.217.169.34:443 securepubads46.g.doubleclick.net tcp
GB 96.16.109.9:443 e6603.g.akamaiedge.net tcp
GB 18.165.201.38:443 tags.crwdcntrl.net tcp
IE 54.155.211.205:443 bcp.crwdcntrl.net tcp
IE 34.246.36.174:443 ad.crwdcntrl.net tcp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 172.64.192.4:443 bshr.ezodn.com tcp
US 8.8.8.8:53 bshr.ezodn.com udp
US 172.64.192.4:443 bshr.ezodn.com tcp
GB 172.217.169.34:443 securepubads46.g.doubleclick.net udp
US 8.8.8.8:53 api.amplitude.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 4.192.64.172.in-addr.arpa udp
US 8.8.8.8:53 37.215.19.104.in-addr.arpa udp
US 8.8.8.8:53 4.193.64.172.in-addr.arpa udp
US 8.8.8.8:53 198.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 38.201.165.18.in-addr.arpa udp
US 8.8.8.8:53 205.211.155.54.in-addr.arpa udp
US 8.8.8.8:53 174.36.246.34.in-addr.arpa udp
US 8.8.8.8:53 9.109.16.96.in-addr.arpa udp
US 172.64.192.4:443 bshr.ezodn.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.16.238:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 ut.pubmatic.com udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 151.101.1.229:443 jsdelivr.map.fastly.net tcp
NL 185.64.189.226:443 ut.pubmatic.com tcp
US 8.8.8.8:53 t-amsc.pubmnet.com udp
GB 172.217.16.238:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 t-amsc.pubmnet.com udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 151.101.1.229:443 jsdelivr.map.fastly.net udp
US 8.8.8.8:53 www.mediafire.com udp
US 8.8.8.8:53 226.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 172.67.75.241:443 script.4dex.io tcp
DE 18.198.247.224:443 tlx.3lift.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 script.4dex.io udp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
IE 52.18.242.117:443 hb.yellowblue.io tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 145.40.97.67:443 prebid.a-mo.net tcp
US 172.67.10.198:443 prebid.smilewanted.com tcp
US 172.67.10.198:443 prebid.smilewanted.com tcp
US 172.67.10.198:443 prebid.smilewanted.com tcp
US 172.67.10.198:443 prebid.smilewanted.com tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 224.247.198.18.in-addr.arpa udp
US 8.8.8.8:53 117.242.18.52.in-addr.arpa udp
US 8.8.8.8:53 198.10.67.172.in-addr.arpa udp
US 8.8.8.8:53 67.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 18.245.247.167:443 cdn.prod.uidapi.com tcp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 am6-prebid.a-mx.net udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 hb-api-fra02.omnitagjs.com udp
US 8.8.8.8:53 am6-prebid.a-mx.net udp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 hb-api-fra02.omnitagjs.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 34.102.146.192:443 oa.openxcdn.net udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 d2avimlm6gq3h9.cloudfront.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
DE 51.89.9.254:443 onetag-sys.com udp
US 8.8.8.8:53 d2avimlm6gq3h9.cloudfront.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 8.8.8.8:53 adsdk.microsoft.com udp
US 8.8.8.8:53 cdn.adnxs.com udp
US 13.107.246.64:443 adsdk.microsoft.com tcp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn-ima.33across.com.cdn.cloudflare.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 part-0036.t-0009.t-msedge.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
GB 216.58.212.193:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 oajs.openx.net udp
GB 216.58.212.193:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 part-0036.t-0009.t-msedge.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 oajs.openx.net udp
GB 216.58.212.193:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 oajs.openx.net udp
US 172.67.38.106:443 cdn.id5-sync.com tcp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 172.64.152.89:443 cdn-ima.33across.com.cdn.cloudflare.net tcp
US 34.120.107.143:443 oajs.openx.net tcp
US 8.8.8.8:53 ae6f95c73258d7fa61fa0aadfd982904.safeframe.googlesyndication.com udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 34.96.70.87:443 invstatic101.creativecdn.com udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 167.247.245.18.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 193.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 143.107.120.34.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
GB 216.58.204.65:443 pagead-googlehosted.l.google.com tcp
US 34.120.107.143:443 oajs.openx.net udp
GB 216.58.204.65:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 92.123.128.181:443 www.bing.com tcp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 e86303.dscx.akamaiedge.net udp
DE 162.19.138.120:443 id5-sync.com tcp
US 8.8.8.8:53 e86303.dscx.akamaiedge.net udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 id5-sync.com udp
GB 142.250.187.193:443 cdn-content.ampproject.org udp
GB 92.123.128.181:443 e86303.dscx.akamaiedge.net tcp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 34.98.64.218:443 google-bidout-d.openx.net udp
NL 185.89.210.244:443 ams3-ib.adnxs.com tcp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
US 104.19.215.37:443 otnolatrnup.com tcp
US 8.8.8.8:53 ams3-ib.adnxs.com udp
GB 92.123.128.181:443 e86303.dscx.akamaiedge.net udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 120.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 181.128.123.92.in-addr.arpa udp
US 104.19.215.37:443 otnolatrnup.com udp
US 8.8.8.8:53 download2271.mediafire.com udp
US 199.91.155.12:443 download2271.mediafire.com tcp
US 8.8.8.8:53 download2271.mediafire.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 download2271.mediafire.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 151.101.1.108:443 prod.appnexus.map.fastly.net tcp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 12.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 csync.smilewanted.com udp
US 172.67.10.198:443 csync.smilewanted.com tcp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 visitor-fra02.omnitagjs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 visitor-fra02.omnitagjs.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 assets.a-mo.net udp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
DE 3.71.149.231:443 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud tcp
IE 34.246.36.174:443 id.crwdcntrl.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 104.19.158.19:443 assets.a-mo.net tcp
US 8.8.8.8:53 assets.a-mo.net.cdn.cloudflare.net udp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
US 8.8.8.8:53 assets.a-mo.net.cdn.cloudflare.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 ow.pubmatic.com udp
US 8.8.8.8:53 imagesync-lhrc.pubmnet.com udp
DE 79.127.216.47:443 id.a-mx.com tcp
US 8.8.8.8:53 rtb.openx.net udp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 imagesync-lhrc.pubmnet.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ssbsync-euw2.smartadserver.com udp
US 8.8.8.8:53 ssbsync-euw2.smartadserver.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 8.8.8.8:53 sync.a-mo.net udp
FR 185.235.86.105:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 104.22.68.131:443 csync.smilewanted.com tcp
NL 145.40.97.66:443 sync.a-mo.net tcp
US 8.8.8.8:53 ow-amsc.pubmnet.com udp
US 8.8.8.8:53 id.a-mx.com udp
FR 185.235.86.192:443 gem.gbc.criteo.com tcp
GB 92.123.242.2:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 ow-amsc.pubmnet.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
GB 185.64.190.79:443 imagesync-lhrc.pubmnet.com tcp
NL 35.214.149.91:443 user-data-eu.bidswitch.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
DK 37.157.3.20:443 track-eu.adformnet.akadns.net tcp
FR 178.32.197.52:443 ssbsync-euw2.smartadserver.com tcp
US 104.18.36.155:443 ssum.casalemedia.com tcp
IE 99.81.115.10:443 ap.lijit.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
NL 185.64.189.116:443 ow-amsc.pubmnet.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
NL 145.40.97.66:443 sync.a-mo.net tcp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 gbc3.fr3.eu.criteo.com udp
US 104.18.36.155:443 ssum.casalemedia.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
US 8.8.8.8:53 105.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 131.68.22.104.in-addr.arpa udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 192.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 2.242.123.92.in-addr.arpa udp
US 8.8.8.8:53 79.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 52.197.32.178.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 116.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 gbc3.fr3.eu.criteo.com udp
US 8.8.8.8:53 static.smilewanted.com udp
NL 81.17.55.172:443 sync.smartadserver.com tcp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 static.smilewanted.com udp
US 8.8.8.8:53 gbc6.fr3.eu.criteo.com udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 secure.adnxs.com udp
NL 145.40.97.66:443 sync.a-mo.net tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 ice.360yield.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 gbc6.fr3.eu.criteo.com udp
NL 185.89.210.82:443 secure.adnxs.com tcp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
IE 54.195.226.61:443 ice.360yield.com tcp
US 8.8.8.8:53 ads.stickyadstv.com udp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 35.244.159.8:443 u.openx.net tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 us.shb-sync.com udp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.2.110.33:443 us.shb-sync.com tcp
DE 52.58.248.46:443 rtb.mfadsrvr.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
NL 213.19.162.80:443 pixel-eu.rubiconproject.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
GB 216.58.201.98:443 cm.g.doubleclick.net tcp
NL 154.57.158.26:443 ads.stickyadstv.com tcp
GB 216.58.201.98:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 rtb-csync-euw1.smartadserver.com udp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
GB 108.156.39.117:443 s.ad.smaato.net tcp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 rtb-csync-euw1.smartadserver.com udp
US 35.244.174.68:443 id.rlcdn.com udp
GB 216.58.201.98:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 10.115.81.99.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 172.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 82.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 80.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 61.226.195.54.in-addr.arpa udp
US 8.8.8.8:53 46.248.58.52.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 26.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 117.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 56.143.46.52.in-addr.arpa udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com udp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 us.shb-sync.com udp
US 8.8.8.8:53 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
GB 18.164.68.59:443 api-2-0.spot.im tcp
US 8.8.8.8:53 b1sync.zemanta.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
NL 35.214.249.77:443 csync.loopme.me tcp
US 8.8.8.8:53 widget.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 widget.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 creativecdn.com udp
US 34.194.178.189:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 sync.adotmob.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 onetag-sys.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 jadserve.postrelease.com.akadns.net udp
US 8.8.8.8:53 zemanta-nychi.zemanta.com udp
NL 185.89.210.82:443 secure.adnxs.com tcp
NL 185.89.210.82:443 secure.adnxs.com tcp
NL 178.250.1.9:443 widget.nl3.vip.prod.criteo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
IE 52.210.106.172:443 match.prod.bidr.io tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
US 54.197.247.108:443 sync.srv.stackadapt.com tcp
IE 54.155.221.32:443 jadserve.postrelease.com.akadns.net tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 jadserve.postrelease.com.akadns.net udp
US 8.8.8.8:53 zemanta-nychi.zemanta.com udp
US 8.8.8.8:53 59.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 77.249.214.35.in-addr.arpa udp
US 8.8.8.8:53 109.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
NL 213.19.162.80:443 pixel-eu.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
NL 208.93.169.131:443 am1-direct-bgp.contextweb.com tcp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 qvdt3feo.com udp
US 64.74.236.255:443 b1sync.zemanta.com tcp
IE 52.210.106.172:443 match.prod.bidr.io tcp
US 54.204.62.38:443 qvdt3feo.com tcp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 172.106.210.52.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 32.221.155.54.in-addr.arpa udp
US 8.8.8.8:53 255.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 108.247.197.54.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 118.159.114.85.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 wt.rqtrk.eu udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
DE 57.129.18.109:443 wt.rqtrk.eu tcp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 38.62.204.54.in-addr.arpa udp
US 8.8.8.8:53 109.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 cdn.indexww.com udp
US 104.18.38.76:443 cdn.indexww.com tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 sideindexfollowragelrew.pw udp
US 8.8.8.8:53 chocolatedepressofw.fun udp
US 8.8.8.8:53 lighterepisodeheighte.fun udp
US 8.8.8.8:53 problemregardybuiwo.fun udp
US 8.8.8.8:53 prescriptionstorageag.fun udp
US 8.8.8.8:53 edurestunningcrackyow.fun udp
US 8.8.8.8:53 pooreveningfuseor.pw udp
US 8.8.8.8:53 turkeyunlikelyofw.shop udp
US 172.67.202.191:443 turkeyunlikelyofw.shop tcp
US 8.8.8.8:53 associationokeo.shop udp
US 172.67.147.18:443 associationokeo.shop tcp
US 8.8.8.8:53 191.202.67.172.in-addr.arpa udp
US 8.8.8.8:53 18.147.67.172.in-addr.arpa udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\db\data.safe.bin

MD5 89c7aa736cee17a36d2201a2f8ef98ce
SHA1 608421eaaa0aa65a46afef1d8dba2058483134bc
SHA256 ceb6de102d3422f25fdf08bc151b6d88087383f908ff1460bb130763218cc6cc
SHA512 eb0be06d48ea1e752ba232ba96204aec6db2039c33c7a677395ceec62b2263961c03e30164e23188dc40d0bfebdbe74490f5be10ce3161f503055e5f0dd76eb6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\pending_pings\0468bf49-b54d-4190-833b-b6e6ed10f204

MD5 52b36d65e97c1563f58ff0e32751f7d2
SHA1 a794b8c0fd50559d69cad0030ba6abe28de13e60
SHA256 ba98f95bf7ec44e6fe63eea74db7124e3cb11cec1d3f618e539d635e5d3fd9b5
SHA512 87aacaa0d088f83cbd9149a4c3f9d01bbcd17e06b0f527f52668904840401834007ab557f23e90fe649d4f8fc97ad1ec4ef07423ebbc9ec2b16fb8644d46a636

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\datareporting\glean\pending_pings\01ee59f5-e52b-4d26-af9e-0a4a045bf2d9

MD5 19379e3cd2b3fecc1d8a7b26a2506bd6
SHA1 ec66e7b811a5fd4cae6399a167d17749b7fe8290
SHA256 d9cd3b566fe4bdd6cbabfda00437450d7302983b2a75104c86ef5ebf1795ab34
SHA512 5e42c96f988eaa05300386102587eab3f447e41e348bfc95854fb9dbfe84fd6602ad5b096276c3fa720580b2df830b0b678c0c1029a4209ee8ab234ef0aa80e7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\prefs-1.js

MD5 a0c9822da776c0c7cbbd4c34aafce374
SHA1 0a59fdd6fd96efc9e68570f405f30a54c628f55e
SHA256 7fa95f4d662f03a1ed7c4edd7e51550d8749a7aeffeb03f8b12a0850ed956db3
SHA512 873538628f70cb06d3c2a2deb432570a89ac5105b798687cc359eb3823b852ce2eff6e46264ee5572f8e643cba944cb92160d0bccf7203e595804b73b42e225c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\26960

MD5 f135e0abb5c841b656655b232f2dfb34
SHA1 f959632c5862b1ff552c197c83f1c2c6aadb2800
SHA256 0b8b9ceb358351bd3348caa9b2a5ed175e041de6c9b304247930d27d95c6ef36
SHA512 58154115a259c4d2b664094ecfe893c57ad752e3ee23a20ee7e4e81424169adca6db7ab9024dd70e7ed8da0d522d9a1e4b0f31ec8d6c66424ea8fa47c60d897c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 393b04dcf7ada75c724a462c526e6333
SHA1 cafd5f4d8cf1bde2c6631bc45015409b35203cf3
SHA256 4a48919c4f1241349b1feeb602c3f6ea4204a221b29be92f3e8bc668b6aa2420
SHA512 a1f50c13525a647b29d3809876b8bdfcd95df866fdb6e21eb984c7c5c4fbebe31f9d4ca4cc3145f4bb64cc0c287c41a089f0e948fdae0b254230c7eed0084e9c

C:\Users\Admin\Downloads\ROBLOX Cheat.lXEWYaoU.zip.part

MD5 db35b573a604805107127de165e7d6c2
SHA1 1f94149224dc24cfb2280c4793223a87c2cd223f
SHA256 6c5772aea27480e4fad8ed3aa82a7fb9bb3ea8d61cd8520611c8822527c0364c
SHA512 a15426bf99afda1aa6b639d97941fa6c4478b11d6a1b489b4246493a66504331fac46685774a13c5f1c4647b204e2a0e9a12b3e7812306e304f89c0cfe40b8d3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\4560

MD5 18e21f01eedf2853794f7a67b00e7e2b
SHA1 fa18704ced00dd461961924b5beb31c4a512ad4b
SHA256 5240cf0787fd27e65b381e893f12c8c09f404bcf086f87f6e1733c2413a6ef58
SHA512 8d3da8cc603472b80d66f89d60a74899bda3bda492a8066c1c39599e1b1e9ef711404a66d5b6ace20d6f3dbc090283eae133e30b81b77bbfba4709bced9040bd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\27105

MD5 f722085c0cc44611d0843bbbb900b192
SHA1 5b6ae8c0c53e65b68ce028d9af5fafb032be652b
SHA256 c88236a4fc61289708ae82ebb6f0b644993b381d0fa3f6d5d78518d9e3ac6049
SHA512 4593354706ed1da80ca10305b000c9759057b9c1ce6f93924374de889f77fa10766f2d62a5eec1e95a9d282790c235a9f2bd0f2a7d00387fe97831fafac5c84b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvnvyogb.default-release\cache2\doomed\12220

MD5 dee4c31094cf1f8b34d5cd7335f62048
SHA1 d4e086444367e18a630bb5a48555d46e9936b15d
SHA256 e6ed466ae4be5f4a0e425f1dd497f1664c8b8a61d973adf8a810a011e0285f47
SHA512 f83eb1f72736093cf93f1914946fe7d82ce58f759f4fbe6a18d297d9249bfe744ddcb569f577b4ff0ccd9a26762e13452871b3ed8990fc7eb093c3c9d785a5da

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\prefs-1.js

MD5 c3241ba17376ac0335a35a72748b0081
SHA1 7daf84b7d645fbf5e83b1c06f4d65db65f80759d
SHA256 8acdc5d3b5f2539cf758b3e0fde1d1832cd030ead833722e9d42fc679a91e20f
SHA512 b0d7813f6b225aa8737e3344d7cdc4cadff366d8246f049ffba731e1f3654574ec3afef83c436f8459c078bd4a94e0e6772834fc12529e04e7ccd65e513f7e61

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 aa3e982d560adc24d3a9b86594aeeedc
SHA1 9e057656a97d5d108d92872850dd7ef39b7b16e9
SHA256 78e5cc70a72e5c5f4c7a597ff0955931fb24df13aa6417d4d316493205a8c01c
SHA512 3991dac232590f4fbc25fd2b250ff3135af890384c8a70c79a876f144d517dd378110428fa8f8190bc0bb6f31223cd3358b06fc0e50b1c86e969a03324e3678a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvnvyogb.default-release\sessionstore-backups\recovery.jsonlz4

MD5 0254a24756fbcfa70a95480c9d0d58c5
SHA1 a0eba82d1d05fbbe18efe669027e487ac485e913
SHA256 9af033fcdd22b6fa4fcae35f894d9697206ce7b9cc360d02c2b84ed1cf0bdff0
SHA512 fdfb7983756339a72c4b3f3114e8baec40eda9e63613193dc4964fd23500504d6736779c909fc812e063b8e4d1b9fab963bf485178c0797deacb0b2614dd1fc2

C:\Users\Admin\Downloads\ROBLOX Cheat.zip

MD5 1dc9dfcb7eddcc7e8e98b67e9f0a596f
SHA1 cea32d3636e18fcbd02fa30bc46f516d06deb100
SHA256 62ebc7d50d919e040eb0a9ca400039186c7244dc59087eefa9cfeee6e4e798f3
SHA512 601f4691e18ba7d3851a56e7f1f84fcd366bb03e18183f536d6c8d9d7e50c03e9c42815869ae759b7dab0a885d38fea6553f4c48fe652ad083d99e8bf3949b6d

C:\Users\Admin\Downloads\ROBLOX Cheat\SoftWare.exe

MD5 d54a8b90227a487bc800a3eb7c1352f0
SHA1 039d57519a03de5dc5fdb53afa948f49a59988b3
SHA256 becba2eb6f7ad1976f91cc183107ed7d45e264a861a74e90102314cbbd352928
SHA512 6b0561ca4446ed7cce21f6e6c531ff2cd992cfa2cdd9adb7e4546f4390cefdd5fa09a4cacb65b4b3499a29ebb5d133df4c79e853b3bf383b2059fdde4327e89b

memory/8180-886-0x0000000004940000-0x0000000004990000-memory.dmp

memory/8180-887-0x0000000074EA0000-0x0000000075650000-memory.dmp

memory/8180-888-0x0000000004B20000-0x0000000004B30000-memory.dmp

memory/8180-889-0x0000000004B30000-0x00000000050D4000-memory.dmp

memory/8180-890-0x0000000004A10000-0x0000000004A5E000-memory.dmp

memory/7440-893-0x0000000000400000-0x0000000000446000-memory.dmp

memory/7440-896-0x0000000000400000-0x0000000000446000-memory.dmp

memory/8180-898-0x0000000074EA0000-0x0000000075650000-memory.dmp

memory/8180-899-0x0000000002600000-0x0000000004600000-memory.dmp

memory/7440-900-0x0000000000FB0000-0x0000000000FE2000-memory.dmp

memory/7440-903-0x0000000000FB0000-0x0000000000FE2000-memory.dmp

memory/7440-902-0x0000000000FB0000-0x0000000000FE2000-memory.dmp

memory/7440-904-0x0000000000400000-0x0000000000446000-memory.dmp

memory/7440-901-0x0000000000FB0000-0x0000000000FE2000-memory.dmp

memory/6656-905-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-907-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-906-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-911-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-912-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-913-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-914-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-916-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-917-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/6656-915-0x0000026DC82E0000-0x0000026DC82E1000-memory.dmp

memory/8180-920-0x0000000002600000-0x0000000004600000-memory.dmp