Analysis Overview
Threat Level: Known bad
The file https://www.mediafire.com/folder/a5rrxy5i7xgq7/ROBLOXHACK was found to be: Known bad.
Malicious Activity Summary
RedLine payload
RedLine
Lumma Stealer
Executes dropped EXE
Suspicious use of SetThreadContext
Program crash
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-05-27 03:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-27 03:24
Reported
2024-05-27 03:28
Platform
win10v2004-20240226-en
Max time kernel
235s
Max time network
240s
Command Line
Signatures
Lumma Stealer
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6140 set thread context of 5380 | N/A | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 5132 set thread context of 1332 | N/A | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/folder/a5rrxy5i7xgq7/ROBLOXHACK
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5020 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5796 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6004 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=4024 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5560 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4152 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=6056 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=5720 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=6204 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=6372 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=6572 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=6712 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=6936 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=7068 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=7196 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=7332 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=7468 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --mojo-platform-channel-handle=7604 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --mojo-platform-channel-handle=7620 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --mojo-platform-channel-handle=7876 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --mojo-platform-channel-handle=7912 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --mojo-platform-channel-handle=8196 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --mojo-platform-channel-handle=6860 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --mojo-platform-channel-handle=8672 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --mojo-platform-channel-handle=8824 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --no-appcompat-clear --mojo-platform-channel-handle=9124 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --mojo-platform-channel-handle=9160 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=9440 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --mojo-platform-channel-handle=9576 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --mojo-platform-channel-handle=9700 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --mojo-platform-channel-handle=9832 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --mojo-platform-channel-handle=9968 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=10100 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --mojo-platform-channel-handle=10436 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --mojo-platform-channel-handle=10464 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --mojo-platform-channel-handle=10932 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --mojo-platform-channel-handle=9536 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --mojo-platform-channel-handle=10680 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --mojo-platform-channel-handle=11120 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --mojo-platform-channel-handle=10860 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --mojo-platform-channel-handle=10640 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --mojo-platform-channel-handle=9172 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4832 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=11192 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ROBLOX EXECUTOR\" -ad -an -ai#7zMap18838:92:7zEvent14299
C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe
"C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 6140 -ip 6140
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6140 -s 260
C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe
"C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5132 -ip 5132
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5132 -s 260
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.94.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| NL | 2.18.121.23:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.55.97.181:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| FR | 142.250.179.74:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| FR | 18.161.111.114:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | 23.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.179.78:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | 72.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.111.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 52.27.218.61:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 61.218.27.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| FR | 142.250.201.170:443 | translate.googleapis.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nw-umwatson.events.data.microsoft.com | udp |
| US | 20.189.173.20:443 | nw-umwatson.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 20.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| FR | 216.58.215.46:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| BE | 64.233.166.155:443 | stats.g.doubleclick.net | tcp |
| FR | 216.58.214.74:443 | translate-pa.googleapis.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 46.215.58.216.in-addr.arpa | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 74.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.166.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| FR | 216.58.215.46:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| FR | 142.250.201.170:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| FR | 142.250.179.78:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 144.170.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.142.121:443 | g.ezodn.com | udp |
| FR | 142.250.201.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| FR | 216.58.214.74:443 | translate-pa.googleapis.com | udp |
| FR | 172.217.20.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| FR | 54.230.112.42:443 | tags.crwdcntrl.net | tcp |
| IE | 52.17.55.191:443 | bcp.crwdcntrl.net | tcp |
| IE | 52.17.40.72:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.55.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.40.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.112.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| IE | 52.17.40.72:443 | bcp.crwdcntrl.net | tcp |
| BE | 88.221.83.187:443 | www.bing.com | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 172.217.20.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 172.217.20.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| FR | 3.160.188.83:443 | hb.yellowblue.io | tcp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 172.67.14.119:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| IE | 52.51.36.235:443 | ap.lijit.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| FR | 52.84.39.108:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| DE | 142.132.249.188:443 | ghb1.adtelligent.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| FR | 172.217.20.161:443 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | tcp |
| FR | 172.217.20.161:443 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 142.132.249.188:443 | ghb1.adtelligent.com | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.188.160.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.14.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 172.66.41.9:443 | resources.infolinks.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.36.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.39.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.20.217.172.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.41.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| FR | 142.250.179.65:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.179.65:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.65:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.65:443 | cdn.ampproject.org | tcp |
| FR | 142.250.179.65:443 | cdn.ampproject.org | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.235.87.192:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| NL | 185.235.87.186:443 | gem.gbc.criteo.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 172.67.14.119:443 | csync.smilewanted.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | sploit-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | sploit-edge.smartscreen.microsoft.com | udp |
| DE | 49.12.126.50:443 | s.adtelligent.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| DK | 37.157.2.228:443 | cm.adform.net | tcp |
| IE | 52.51.36.235:443 | ap.lijit.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 20.58.112.186:443 | sploit-edge.smartscreen.microsoft.com | tcp |
| DK | 37.157.2.228:443 | cm.adform.net | tcp |
| IE | 52.51.36.235:443 | ap.lijit.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 172.217.20.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| IE | 52.16.234.114:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | 192.87.235.185.in-addr.arpa | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.87.235.185.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.201.170:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 198.92.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.126.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.112.58.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.234.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.42.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| FR | 216.58.215.46:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | download2325.mediafire.com | udp |
| US | 199.91.155.66:443 | download2325.mediafire.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| FR | 216.137.52.121:443 | api-2-0.spot.im | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| IE | 34.246.206.6:443 | match.prod.bidr.io | tcp |
| US | 64.202.112.95:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 64.202.112.95:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.204.40.77:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 3.86.126.94:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| IE | 52.50.65.213:443 | jadserve.postrelease.com | tcp |
| DE | 52.29.4.131:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.53.110:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download2325.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 199.91.155.66:443 | download2325.mediafire.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.52.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.206.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.40.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.65.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.126.86.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.4.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| FR | 54.230.112.5:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| DE | 52.29.4.131:443 | rtb.mfadsrvr.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| FR | 142.250.179.66:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| FR | 142.250.179.66:443 | cm.g.doubleclick.net | tcp |
| US | 172.67.174.4:443 | www.ovardu.com | udp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 5.112.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.174.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 178.32.210.230:443 | ssbsync-global.smartadserver.com | tcp |
| FR | 142.250.179.66:443 | cm.g.doubleclick.net | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 147.75.84.158:443 | sync.a-mo.net | tcp |
| NL | 147.75.84.158:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.210.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 2.18.121.10:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| NL | 81.17.55.170:443 | ssbsync.smartadserver.com | tcp |
| NL | 81.17.55.170:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| FR | 216.137.52.34:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.52.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| FR | 217.182.178.233:443 | sync.smartadserver.com | tcp |
| FR | 217.182.178.233:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| IE | 52.51.151.68:443 | ice.360yield.com | tcp |
| IE | 52.51.151.68:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 8.8.8.8:53 | 68.151.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ghb2.adtelligent.com | udp |
| US | 8.8.8.8:53 | ghb2.adtelligent.com | udp |
| US | 23.227.151.242:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| DE | 142.132.249.188:443 | ghb2.adtelligent.com | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 242.151.227.23.in-addr.arpa | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| DE | 142.132.249.188:443 | ghb2.adtelligent.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| FR | 172.217.20.194:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 23.227.151.242:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 172.217.20.161:443 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 216.58.215.34:443 | googleads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| FR | 142.250.75.230:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 142.250.75.230:443 | s0.2mdn.net | udp |
| FR | 142.250.75.230:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| NL | 185.64.189.221:443 | st.pubmatic.com | tcp |
| NL | 185.64.189.221:443 | st.pubmatic.com | tcp |
| FR | 142.250.75.230:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| FR | 142.250.201.162:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 221.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| FR | 216.58.215.46:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| FR | 216.58.215.34:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| FR | 172.217.20.194:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 4.173.189.20.in-addr.arpa | udp |
| FR | 172.217.20.194:443 | ade.googlesyndication.com | udp |
| US | 23.227.151.242:443 | ghb.adtelligent.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| FR | 172.217.20.161:443 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| FR | 216.58.215.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 142.250.75.230:443 | s0.2mdn.net | udp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| FR | 216.58.215.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| BE | 2.17.107.105:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 23.227.151.242:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| FR | 216.58.215.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 172.217.20.161:443 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 216.58.215.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | st.pubmatic.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| FR | 142.250.75.230:443 | s0.2mdn.net | udp |
| GB | 185.64.190.89:443 | st.pubmatic.com | tcp |
| SE | 104.73.92.198:443 | ads.pubmatic.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c7bbd8f0c6eef6ff164a595a387ea3f2.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 89.190.64.185.in-addr.arpa | udp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| FR | 216.58.215.46:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | sideindexfollowragelrew.pw | udp |
| US | 8.8.8.8:53 | museumtespaceorsp.shop | udp |
| US | 104.21.32.80:443 | museumtespaceorsp.shop | tcp |
| US | 8.8.8.8:53 | buttockdecarderwiso.shop | udp |
| US | 172.67.218.187:443 | buttockdecarderwiso.shop | tcp |
| US | 8.8.8.8:53 | averageaattractiionsl.shop | udp |
| US | 172.67.220.163:443 | averageaattractiionsl.shop | tcp |
| US | 8.8.8.8:53 | 80.32.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | femininiespywageg.shop | udp |
| US | 104.21.71.3:443 | femininiespywageg.shop | tcp |
| US | 8.8.8.8:53 | employhabragaomlsp.shop | udp |
| US | 104.21.85.81:443 | employhabragaomlsp.shop | tcp |
| US | 8.8.8.8:53 | 187.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.220.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.71.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.85.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stalfbaclcalorieeis.shop | udp |
| US | 104.21.3.197:443 | stalfbaclcalorieeis.shop | tcp |
| US | 8.8.8.8:53 | civilianurinedtsraov.shop | udp |
| US | 104.21.49.245:443 | civilianurinedtsraov.shop | tcp |
| US | 8.8.8.8:53 | roomabolishsnifftwk.shop | udp |
| US | 172.67.146.92:443 | roomabolishsnifftwk.shop | tcp |
| US | 8.8.8.8:53 | 197.3.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.49.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.146.67.172.in-addr.arpa | udp |
| US | 23.227.151.242:443 | ghb.adtelligent.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | googleads.g.doubleclick.net | udp |
| RU | 147.45.47.64:11837 | tcp | |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\Loader.exe
| MD5 | 9b46bb75d83b81d8e8c2ffbe737da582 |
| SHA1 | 609f747504b70e703b1279024e7f5f6a96d57380 |
| SHA256 | 4e7e8c2897d6d4efdd649a53d01656ef0d89f439fc4dc59014a92e83bc3ef5b7 |
| SHA512 | 16819ecb267ad33f48ff69438e3769704a0997367aeb689ebf5d413b06804c4319e2aeaf52f5a91d3f03739de92c03dd4b4b4581f419db36d443dbcc01081489 |
memory/6140-738-0x0000000000BB0000-0x0000000000BB1000-memory.dmp
memory/6140-739-0x0000000000BB0000-0x0000000000BB1000-memory.dmp
memory/6140-741-0x0000000000BB0000-0x0000000000BB1000-memory.dmp
memory/5380-740-0x0000000000400000-0x0000000000454000-memory.dmp
memory/5380-743-0x0000000000400000-0x0000000000454000-memory.dmp
memory/5380-744-0x0000000000400000-0x0000000000454000-memory.dmp
memory/5380-745-0x0000000000400000-0x0000000000454000-memory.dmp
C:\Users\Admin\Downloads\ROBLOX EXECUTOR\ROBLOX EXECUTOR\New Loader.exe
| MD5 | fef58af2e870f438e4a58fc8740a3c66 |
| SHA1 | 00581e8fea600bb06c29df57689a7a1ad954868d |
| SHA256 | 1739b33acddaf39d6133ad0e91f55e0cc4f632e5c2a47b769a2aa4daab962501 |
| SHA512 | c09bcc30e7b465cb046ca72ee66ffb329ec5994be363e5bfdc011beed25686c001925ca296c8e144ef877dcc9cedfece7b6de0f89080651ea9834f84a15207b7 |
memory/5132-751-0x0000000000BF0000-0x0000000000BF1000-memory.dmp
memory/1332-749-0x0000000000400000-0x000000000044A000-memory.dmp
memory/1332-752-0x0000000005F20000-0x00000000064C4000-memory.dmp
memory/1332-753-0x0000000005970000-0x0000000005A02000-memory.dmp
memory/1332-754-0x00000000058E0000-0x00000000058EA000-memory.dmp
memory/1332-755-0x0000000006F40000-0x0000000007558000-memory.dmp
memory/1332-756-0x0000000006A70000-0x0000000006B7A000-memory.dmp
memory/1332-757-0x0000000006990000-0x00000000069A2000-memory.dmp
memory/1332-758-0x00000000069F0000-0x0000000006A2C000-memory.dmp
memory/1332-759-0x0000000006B80000-0x0000000006BCC000-memory.dmp
memory/1332-760-0x0000000006C70000-0x0000000006CD6000-memory.dmp
memory/1332-761-0x00000000075E0000-0x0000000007656000-memory.dmp