Analysis Overview
Threat Level: Likely benign
The file http://google.com was found to be: Likely benign.
Malicious Activity Summary
Enumerates kernel/hardware configuration
Reads runtime system information
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Checks CPU information
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Checks memory information
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 10:58
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:31
Platform
android-x64-20240603-en
Max time kernel
1524s
Max time network
1791s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Processes
com.android.chrome
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | accounts.google.com | udp |
| BE | 64.233.167.84:443 | accounts.google.com | tcp |
| US | 1.1.1.1:53 | google.com | udp |
| GB | 142.250.180.14:80 | google.com | tcp |
| GB | 142.250.180.14:80 | google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.212.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | clients1.google.com | udp |
| GB | 172.217.16.238:443 | clients1.google.com | tcp |
| US | 1.1.1.1:53 | apis.google.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.178.3:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.200.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 142.250.187.226:443 | tcp | |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| US | 1.1.1.1:53 | g.tenor.com | udp |
| GB | 142.250.200.10:443 | g.tenor.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | th.bing.com | udp |
| GB | 95.101.129.225:443 | th.bing.com | tcp |
| GB | 95.101.129.225:443 | th.bing.com | tcp |
| GB | 95.101.129.225:443 | th.bing.com | tcp |
| GB | 95.101.129.225:443 | th.bing.com | tcp |
| GB | 142.250.179.234:443 | g.tenor.com | tcp |
| GB | 142.250.179.234:443 | g.tenor.com | tcp |
| GB | 142.250.187.195:443 | tcp | |
| US | 1.1.1.1:53 | aefd.nelreports.net | udp |
| GB | 95.101.28.33:443 | aefd.nelreports.net | tcp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 2.16.34.161:443 | www.bing.com | tcp |
| US | 1.1.1.1:53 | th.bing.com | udp |
| US | 1.1.1.1:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.0:443 | login.microsoftonline.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 1.1.1.1:53 | tse1.explicit.bing.net | udp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 204.79.197.201:443 | tse1.explicit.bing.net | tcp |
| US | 1.1.1.1:53 | aefd.nelreports.net | udp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.204.78:443 | android.apis.google.com | tcp |
| BE | 64.233.167.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
Files
files/dom-0.html
| MD5 | adf7c86330f9d9ac4c3e59e3b6ba6dcc |
| SHA1 | 4ef6297aed29b52d5e751ca9aa0d2d85f21dde4b |
| SHA256 | 0eb62c22ee95f65ab2e1f4ab881022edb5688b1e47a049a2cbbdbac3a9c7eaed |
| SHA512 | a9e211979e563a5e9fe6f07ea38df009989340c087a63295665c25075b8569bd7eda1efbdd715fec65d0ed5cd7b9cdc9a41104d6ff856a43a54310900eb28d0b |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:31
Platform
ubuntu1804-amd64-20240508-en
Max time kernel
2s
Max time network
1681s
Command Line
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:05.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:02.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.3/irq | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:00.0/vendor | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.1/class | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:01.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:04.0/device | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:06.0/resource | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /sys/bus/pci/devices/0000:00:03.0/irq | /usr/lib/firefox/firefox | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1592/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1627/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/filesystems | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/task/1614/stat | /usr/lib/firefox/firefox | N/A |
| File opened for reading | /proc/self/fd | /usr/bin/dbus-send | N/A |
| File opened for reading | /proc/filesystems | /bin/sed | N/A |
| File opened for reading | /proc/self/stat | /usr/lib/firefox/firefox | N/A |
Processes
/usr/bin/xdg-open
[xdg-open http://google.com]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/grep
[grep -q ^file://]
/bin/egrep
[egrep -q ^[[:alpha:]+\.\-]+:]
/usr/local/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/local/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/usr/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/sbin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/grep
[grep -E -q ^[[:alpha:]+\.\-]+:]
/bin/sed
[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]
/usr/bin/xdg-mime
[xdg-mime query default x-scheme-handler/http]
/usr/bin/dbus-send
[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]
/usr/bin/dbus-launch
[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]
/bin/grep
[grep = \"xfce4\"$]
/usr/bin/xprop
[xprop -root _DT_SAVE_MODE]
/bin/grep
[grep -i ^xfce_desktop_window]
/usr/bin/xprop
[xprop -root]
/bin/grep
[grep -q ^Enlightenment]
/bin/uname
[uname]
/bin/sed
[sed s/:/ /g]
/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]
/usr/bin/cut
[cut -d ; -f 1]
/usr/bin/cut
[cut -d = -f 2]
/usr/bin/head
[head -n 1]
/bin/grep
[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]
/bin/sed
[sed s/:/ /g]
/bin/sed
[sed -e s|-|/|]
/bin/sed
[sed -e s|-|/|]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/which
[which firefox]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/cut
[cut -d= -f 2-]
/usr/bin/firefox
[/usr/bin/firefox http://google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox http://google.com]
/bin/grep
[grep -q %s]
/usr/bin/x-www-browser
[x-www-browser http://google.com]
/usr/bin/which
[which /usr/bin/x-www-browser]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox http://google.com]
/bin/grep
[grep -q %s]
/usr/bin/firefox
[firefox http://google.com]
/usr/bin/which
[which /usr/bin/firefox]
/usr/lib/firefox/firefox
[/usr/lib/firefox/firefox http://google.com]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
/bin/grep
[grep -q %s]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| GB | 89.187.167.3:443 | tcp | |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.97:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.17:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.97:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | play.google.com | udp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.180.6:443 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | kinitopedia.fandom.com | udp |
| US | 1.1.1.1:53 | kinitopedia.fandom.com | udp |
| US | 1.1.1.1:53 | fandom.com | udp |
| US | 199.232.208.194:443 | kinitopedia.fandom.com | tcp |
| US | 1.1.1.1:53 | static.wikia.nocookie.net | udp |
| US | 1.1.1.1:53 | static.wikia.nocookie.net | udp |
| US | 1.1.1.1:53 | services.fandom.com | udp |
| US | 1.1.1.1:53 | services.fandom.com | udp |
| US | 1.1.1.1:53 | wikia.nocookie.net | udp |
| US | 1.1.1.1:53 | www.fastly-insights.com | udp |
| US | 1.1.1.1:53 | www.fastly-insights.com | udp |
| US | 199.232.212.194:443 | services.fandom.com | tcp |
| DE | 74.120.188.194:443 | static.wikia.nocookie.net | tcp |
| DE | 74.120.188.194:443 | static.wikia.nocookie.net | tcp |
| DE | 74.120.188.194:443 | static.wikia.nocookie.net | tcp |
| DE | 74.120.188.194:443 | static.wikia.nocookie.net | tcp |
| US | 1.1.1.1:53 | h1.fastlyanalytics.map.fastly.net | udp |
| DE | 74.120.188.194:443 | static.wikia.nocookie.net | tcp |
| US | 151.101.194.91:443 | www.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | script.wikia.nocookie.net | udp |
| US | 1.1.1.1:53 | script.wikia.nocookie.net | udp |
| DE | 74.120.188.204:443 | script.wikia.nocookie.net | tcp |
| DE | 74.120.188.204:443 | script.wikia.nocookie.net | tcp |
| DE | 74.120.188.204:443 | script.wikia.nocookie.net | tcp |
| DE | 74.120.188.204:443 | script.wikia.nocookie.net | tcp |
| US | 1.1.1.1:53 | beacon.wikia-services.com | udp |
| US | 1.1.1.1:53 | beacon.wikia-services.com | udp |
| US | 74.120.189.205:443 | beacon.wikia-services.com | tcp |
| US | 1.1.1.1:53 | fastly-insights.com | udp |
| US | 1.1.1.1:53 | fastly-insights.com | udp |
| US | 151.101.130.91:443 | fastly-insights.com | tcp |
| US | 1.1.1.1:53 | www.fandom.com | udp |
| US | 1.1.1.1:53 | www.fandom.com | udp |
| US | 1.1.1.1:53 | dev.fandom.com | udp |
| US | 1.1.1.1:53 | dev.fandom.com | udp |
| US | 199.232.212.194:443 | dev.fandom.com | tcp |
| US | 199.232.208.194:443 | dev.fandom.com | tcp |
| US | 1.1.1.1:53 | ams-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | ams-v4.pops.fastly-insights.com | udp |
| NL | 151.101.38.91:443 | ams-v4.pops.fastly-insights.com | tcp |
| US | 74.120.189.205:443 | beacon.wikia-services.com | tcp |
| US | 1.1.1.1:53 | 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com | udp |
| US | 1.1.1.1:53 | 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com | udp |
| US | 151.101.194.91:443 | 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | quic-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | quic-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | quic-v4.pops.k.fastly-insights.com | udp |
| US | 151.101.66.67:443 | quic-v4.pops.fastly-insights.com | tcp |
| US | 151.101.66.67:443 | quic-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com | udp |
| US | 1.1.1.1:53 | 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com | udp |
| GB | 146.75.74.91:443 | 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | astral-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | astral-v4.pops.fastly-insights.com | udp |
| US | 151.101.194.91:443 | astral-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | scl-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | scl-v4.pops.fastly-insights.com | udp |
| CL | 151.101.222.91:443 | scl-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | kdal-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | kdal-v4.pops.fastly-insights.com | udp |
| US | 151.101.162.91:443 | kdal-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | mad-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | mad-v4.pops.fastly-insights.com | udp |
| ES | 151.101.134.91:443 | mad-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | bare-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | bare-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | bare-h1.fastlyanalytics.map.fastly.net | udp |
| GB | 146.75.74.91:443 | bare-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | lhr-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | lhr-v4.pops.fastly-insights.com | udp |
| GB | 151.101.62.91:443 | lhr-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | mrs-v4.pops.fastly-insights.com | udp |
| US | 1.1.1.1:53 | mrs-v4.pops.fastly-insights.com | udp |
| FR | 199.232.82.91:443 | mrs-v4.pops.fastly-insights.com | tcp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.11.19.139:443 | location.services.mozilla.com | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | archive.mozilla.org | udp |
| US | 1.1.1.1:53 | archive.mozilla.org | udp |
| US | 34.117.35.28:443 | archive.mozilla.org | tcp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 34.117.35.28:443 | archive.mozilla.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | secure.quantserve.com | udp |
| US | 1.1.1.1:53 | secure.quantserve.com | udp |
| DE | 91.228.74.166:443 | secure.quantserve.com | tcp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | rules.quantcount.com | udp |
| US | 1.1.1.1:53 | rules.quantcount.com | udp |
| FR | 52.222.144.21:443 | rules.quantcount.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 104.18.186.31:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.186.31:443 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | sb.scorecardresearch.com | udp |
| US | 1.1.1.1:53 | sb.scorecardresearch.com | udp |
| GB | 18.154.84.35:443 | sb.scorecardresearch.com | tcp |
| US | 1.1.1.1:53 | pixel.quantserve.com | udp |
| US | 1.1.1.1:53 | pixel.quantserve.com | udp |
| DE | 91.228.74.166:443 | pixel.quantserve.com | tcp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| US | 1.1.1.1:53 | seg.ad.gt | udp |
| US | 1.1.1.1:53 | seg.ad.gt | udp |
| US | 1.1.1.1:53 | a.ad.gt | udp |
| US | 1.1.1.1:53 | a.ad.gt | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 1.1.1.1:53 | c.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | c.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 1.1.1.1:53 | cdn.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | cdn.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | d3tqyidpuy80xi.cloudfront.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 1.1.1.1:53 | pub.doubleverify.com | udp |
| US | 1.1.1.1:53 | pub.doubleverify.com | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| GB | 18.172.153.15:443 | cdn.adsafeprotected.com | tcp |
| US | 1.1.1.1:53 | cdn.jwplayer.com | udp |
| US | 1.1.1.1:53 | cdn.jwplayer.com | udp |
| GB | 172.217.169.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | id5-sync.com | udp |
| US | 1.1.1.1:53 | id5-sync.com | udp |
| GB | 18.239.236.57:443 | cdn.jwplayer.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 1.1.1.1:53 | b-code.liadm.com | udp |
| US | 1.1.1.1:53 | b-code.liadm.com | udp |
| US | 1.1.1.1:53 | cdn-gl.imrworldwide.com | udp |
| US | 1.1.1.1:53 | cdn-gl.imrworldwide.com | udp |
| GB | 18.165.227.85:443 | b-code.liadm.com | tcp |
| GB | 108.156.46.127:443 | cdn-gl.imrworldwide.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| GB | 172.217.169.2:443 | securepubads.g.doubleclick.net | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 1.1.1.1:53 | id.halo.ad.gt | udp |
| US | 1.1.1.1:53 | id.halo.ad.gt | udp |
| US | 1.1.1.1:53 | secure.adnxs.com | udp |
| US | 1.1.1.1:53 | secure.adnxs.com | udp |
| US | 1.1.1.1:53 | ib.anycast.adnxs.com | udp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | image2.pubmatic.com | udp |
| US | 1.1.1.1:53 | image2.pubmatic.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 1.1.1.1:53 | pug-lhr-bc.pubmnet.com | udp |
| US | 1.1.1.1:53 | cm.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | cm.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | token.rubiconproject.com | udp |
| US | 1.1.1.1:53 | token.rubiconproject.com | udp |
| US | 1.1.1.1:53 | pixel.tapad.com | udp |
| US | 1.1.1.1:53 | pixel.tapad.com | udp |
| US | 1.1.1.1:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 1.1.1.1:53 | ids.ad.gt | udp |
| US | 1.1.1.1:53 | ids.ad.gt | udp |
| US | 1.1.1.1:53 | dpm.demdex.net | udp |
| US | 1.1.1.1:53 | dpm.demdex.net | udp |
| US | 1.1.1.1:53 | d.turn.com | udp |
| US | 1.1.1.1:53 | d.turn.com | udp |
| US | 1.1.1.1:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | sync.go.sonobi.com | udp |
| US | 1.1.1.1:53 | sync.go.sonobi.com | udp |
| US | 1.1.1.1:53 | p.ad.gt | udp |
| US | 1.1.1.1:53 | p.ad.gt | udp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| IE | 54.72.172.22:443 | dpm.demdex.net | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| US | 1.1.1.1:53 | config.aps.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | config.aps.amazon-adsystem.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 108.156.39.61:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 1.1.1.1:53 | aax.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | aax.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 1.1.1.1:53 | pixel.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | pixel.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | firewall-external-2134955858.eu-west-1.elb.amazonaws.com | udp |
| US | 3.220.162.84:443 | pixel.adsafeprotected.com | tcp |
| US | 1.1.1.1:53 | launchpad-wrapper.privacymanager.io | udp |
| US | 1.1.1.1:53 | launchpad-wrapper.privacymanager.io | udp |
| US | 1.1.1.1:53 | secure.cdn.fastclick.net | udp |
| US | 1.1.1.1:53 | secure.cdn.fastclick.net | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | cdn.hadronid.net | udp |
| US | 1.1.1.1:53 | cdn.hadronid.net | udp |
| GB | 54.192.137.23:443 | launchpad-wrapper.privacymanager.io | tcp |
| US | 1.1.1.1:53 | e4536.g.akamaiedge.net | udp |
| GB | 18.245.143.100:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 1.1.1.1:53 | launchpad.privacymanager.io | udp |
| US | 1.1.1.1:53 | launchpad.privacymanager.io | udp |
| US | 1.1.1.1:53 | lb.eu-1-id5-sync.com | udp |
| US | 1.1.1.1:53 | lb.eu-1-id5-sync.com | udp |
| GB | 108.156.46.123:443 | launchpad.privacymanager.io | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.212.206:443 | fundingchoicesmessages.google.com | tcp |
| GB | 216.58.212.206:443 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | id.hadron.ad.gt | udp |
| US | 1.1.1.1:53 | id.hadron.ad.gt | udp |
| IE | 34.255.230.248:443 | bcp.crwdcntrl.net | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 1.1.1.1:53 | geo.privacymanager.io | udp |
| US | 1.1.1.1:53 | geo.privacymanager.io | udp |
| GB | 18.244.179.43:443 | geo.privacymanager.io | tcp |
| GB | 18.244.179.43:443 | geo.privacymanager.io | tcp |
| US | 1.1.1.1:53 | static.criteo.net | udp |
| US | 1.1.1.1:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 1.1.1.1:53 | cdn.prod.uidapi.com | udp |
| US | 1.1.1.1:53 | cdn.prod.uidapi.com | udp |
| US | 1.1.1.1:53 | oa.openxcdn.net | udp |
| US | 1.1.1.1:53 | oa.openxcdn.net | udp |
| GB | 18.245.254.89:443 | cdn.prod.uidapi.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 1.1.1.1:53 | cdn.id5-sync.com | udp |
| US | 1.1.1.1:53 | cdn.id5-sync.com | udp |
| US | 1.1.1.1:53 | connectid.analytics.yahoo.com | udp |
| US | 1.1.1.1:53 | connectid.analytics.yahoo.com | udp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 1.1.1.1:53 | cdn-ima.33across.com | udp |
| US | 1.1.1.1:53 | cdn-ima.33across.com | udp |
| US | 1.1.1.1:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| GB | 18.245.162.54:443 | connectid.analytics.yahoo.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 1.1.1.1:53 | gum.criteo.com | udp |
| US | 1.1.1.1:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 1.1.1.1:53 | oajs.openx.net | udp |
| US | 1.1.1.1:53 | oajs.openx.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| US | 1.1.1.1:53 | ups.analytics.yahoo.com | udp |
| US | 1.1.1.1:53 | ups.analytics.yahoo.com | udp |
| US | 1.1.1.1:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 1.1.1.1:53 | google-bidout-d.openx.net | udp |
| US | 1.1.1.1:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | udp |
| US | 1.1.1.1:53 | pubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | pubads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | pubads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | pubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | aax-eu.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 1.1.1.1:53 | pixels.ad.gt | udp |
| US | 1.1.1.1:53 | pixels.ad.gt | udp |
| US | 104.22.5.69:443 | pixels.ad.gt | tcp |
| US | 172.67.23.234:443 | pixels.ad.gt | tcp |
| US | 172.67.23.234:443 | pixels.ad.gt | tcp |
| US | 1.1.1.1:53 | secure-dcr.imrworldwide.com | udp |
| US | 1.1.1.1:53 | secure-dcr.imrworldwide.com | udp |
| US | 1.1.1.1:53 | mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com | udp |
| US | 1.1.1.1:53 | mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com | udp |
| US | 1.1.1.1:53 | census.eu-west-1.nielsencollections.com | udp |
| IE | 52.211.185.33:443 | secure-dcr.imrworldwide.com | tcp |
| GB | 216.137.44.100:443 | mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com | tcp |
| GB | 18.239.236.57:443 | cdn.jwplayer.com | tcp |
| US | 1.1.1.1:53 | x.bidswitch.net | udp |
| US | 1.1.1.1:53 | x.bidswitch.net | udp |
| US | 1.1.1.1:53 | csync.loopme.me | udp |
| US | 1.1.1.1:53 | csync.loopme.me | udp |
| US | 1.1.1.1:53 | sync.1rx.io | udp |
| US | 1.1.1.1:53 | sync.1rx.io | udp |
| US | 1.1.1.1:53 | cs.media.net | udp |
| US | 1.1.1.1:53 | cs.media.net | udp |
| US | 1.1.1.1:53 | s.ad.smaato.net | udp |
| US | 1.1.1.1:53 | s.ad.smaato.net | udp |
| US | 1.1.1.1:53 | onetag-sys.com | udp |
| US | 1.1.1.1:53 | b1sync.zemanta.com | udp |
| US | 1.1.1.1:53 | b1sync.zemanta.com | udp |
| US | 1.1.1.1:53 | onetag-sys.com | udp |
| US | 1.1.1.1:53 | user-data-eu.bidswitch.net | udp |
| US | 1.1.1.1:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 2.18.80.27:443 | cs.media.net | tcp |
| GB | 108.156.39.10:443 | s.ad.smaato.net | tcp |
| US | 1.1.1.1:53 | chidc2.outbrain.org | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.224.211:443 | csync.loopme.me | tcp |
| US | 1.1.1.1:53 | rtb.gumgum.com | udp |
| US | 1.1.1.1:53 | rtb.gumgum.com | udp |
| US | 1.1.1.1:53 | ssum-sec.casalemedia.com | udp |
| US | 1.1.1.1:53 | ssum-sec.casalemedia.com | udp |
| US | 1.1.1.1:53 | ms-cookie-sync.presage.io | udp |
| US | 1.1.1.1:53 | ms-cookie-sync.presage.io | udp |
| US | 1.1.1.1:53 | ms-cookie-sync.prod.cloud.ogury.io | udp |
| US | 1.1.1.1:53 | u.openx.net | udp |
| US | 1.1.1.1:53 | u.openx.net | udp |
| US | 1.1.1.1:53 | ssbsync.smartadserver.com | udp |
| US | 1.1.1.1:53 | ssbsync.smartadserver.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 1.1.1.1:53 | visitor.omnitagjs.com | udp |
| US | 1.1.1.1:53 | visitor.omnitagjs.com | udp |
| IE | 34.253.77.234:443 | ms-cookie-sync.presage.io | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 1.1.1.1:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 1.1.1.1:53 | visitor-fra02.omnitagjs.com | udp |
| US | 1.1.1.1:53 | match.sharethrough.com | udp |
| US | 1.1.1.1:53 | match.sharethrough.com | udp |
| US | 1.1.1.1:53 | ads.pubmatic.com | udp |
| US | 1.1.1.1:53 | ads.pubmatic.com | udp |
| US | 1.1.1.1:53 | sync-amz.ads.yieldmo.com | udp |
| US | 1.1.1.1:53 | sync-amz.ads.yieldmo.com | udp |
| US | 1.1.1.1:53 | eus.rubiconproject.com | udp |
| US | 1.1.1.1:53 | eus.rubiconproject.com | udp |
| US | 1.1.1.1:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 1.1.1.1:53 | e6603.g.akamaiedge.net | udp |
| US | 1.1.1.1:53 | crb.kargo.com | udp |
| US | 1.1.1.1:53 | crb.kargo.com | udp |
| US | 1.1.1.1:53 | sync-yieldmo-com-tf-1869548451.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | e8960.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | ib.adnxs.com | udp |
| US | 1.1.1.1:53 | ib.adnxs.com | udp |
| US | 1.1.1.1:53 | ap.lijit.com | udp |
| US | 1.1.1.1:53 | ap.lijit.com | udp |
| US | 1.1.1.1:53 | cs-tam.yellowblue.io | udp |
| US | 1.1.1.1:53 | cs-tam.yellowblue.io | udp |
| US | 1.1.1.1:53 | eb2.3lift.com | udp |
| US | 1.1.1.1:53 | eb2.3lift.com | udp |
| US | 1.1.1.1:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | eu-eb2.3lift.com | udp |
| US | 1.1.1.1:53 | prebid-server.rubiconproject.com | udp |
| US | 1.1.1.1:53 | prebid-server.rubiconproject.com | udp |
| US | 1.1.1.1:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 1.1.1.1:53 | elb.the-ozone-project.com | udp |
| US | 1.1.1.1:53 | elb.the-ozone-project.com | udp |
| US | 1.1.1.1:53 | htlb.casalemedia.com | udp |
| US | 1.1.1.1:53 | htlb.casalemedia.com | udp |
| US | 1.1.1.1:53 | s.seedtag.com | udp |
| US | 1.1.1.1:53 | s.seedtag.com | udp |
| US | 1.1.1.1:53 | prebid.media.net | udp |
| US | 1.1.1.1:53 | prebid.media.net | udp |
| US | 1.1.1.1:53 | hbopenbid.pubmatic.com | udp |
| US | 1.1.1.1:53 | hbopenbid.pubmatic.com | udp |
| US | 1.1.1.1:53 | ads.servenobid.com | udp |
| US | 1.1.1.1:53 | ads.servenobid.com | udp |
| US | 1.1.1.1:53 | tlx.3lift.com | udp |
| US | 1.1.1.1:53 | tlx.3lift.com | udp |
| US | 1.1.1.1:53 | rtb.openx.net | udp |
| US | 1.1.1.1:53 | rtb.openx.net | udp |
| US | 1.1.1.1:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 1.1.1.1:53 | eu-tlx.3lift.com | udp |
| US | 1.1.1.1:53 | fastlane.rubiconproject.com | udp |
| US | 1.1.1.1:53 | fastlane.rubiconproject.com | udp |
| NL | 89.149.192.75:443 | ssbsync.smartadserver.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| IE | 54.246.231.153:443 | rtb.gumgum.com | tcp |
| DE | 3.125.241.184:443 | match.sharethrough.com | tcp |
| GB | 2.23.160.192:443 | ads.pubmatic.com | tcp |
| IE | 52.18.213.88:443 | sync-amz.ads.yieldmo.com | tcp |
| GB | 2.22.5.61:443 | eus.rubiconproject.com | tcp |
| DE | 3.67.105.239:443 | crb.kargo.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 1.1.1.1:53 | ssl.p.jwpcdn.com | udp |
| US | 1.1.1.1:53 | ssl.p.jwpcdn.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 104.18.43.178:443 | elb.the-ozone-project.com | tcp |
| US | 1.1.1.1:53 | ats-wrapper.privacymanager.io | udp |
| US | 1.1.1.1:53 | ats-wrapper.privacymanager.io | udp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 35.214.224.211:443 | csync.loopme.me | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| IE | 54.171.90.29:443 | cs-tam.yellowblue.io | tcp |
| IE | 34.252.158.198:443 | ap.lijit.com | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| GB | 18.154.84.59:443 | ats-wrapper.privacymanager.io | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| IE | 54.76.139.215:443 | ads.servenobid.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| NL | 35.214.224.211:443 | csync.loopme.me | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| IE | 54.171.90.29:443 | cs-tam.yellowblue.io | tcp |
| IE | 34.252.158.198:443 | ap.lijit.com | tcp |
| US | 1.1.1.1:53 | sync.targeting.unrulymedia.com | udp |
| US | 1.1.1.1:53 | sync.targeting.unrulymedia.com | udp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| GB | 18.154.84.59:443 | ats-wrapper.privacymanager.io | tcp |
| US | 1.1.1.1:53 | c1.adform.net | udp |
| US | 1.1.1.1:53 | c1.adform.net | udp |
| US | 1.1.1.1:53 | 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com | udp |
| US | 1.1.1.1:53 | 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com | udp |
| US | 1.1.1.1:53 | track.adformnet.akadns.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| IE | 54.76.139.215:443 | ads.servenobid.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 1.1.1.1:53 | static.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | static.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | api2.amplitude.com | udp |
| US | 1.1.1.1:53 | api2.amplitude.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| US | 54.186.195.209:443 | api2.amplitude.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.169.1:443 | 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | us-u.openx.net | udp |
| US | 1.1.1.1:53 | us-u.openx.net | udp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| GB | 18.245.253.90:443 | static.adsafeprotected.com | tcp |
| US | 54.186.195.209:443 | api2.amplitude.com | tcp |
| GB | 172.217.169.1:443 | 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com | tcp |
| GB | 18.245.253.90:443 | static.adsafeprotected.com | tcp |
| US | 1.1.1.1:53 | qsearch-a.akamaihd.net | udp |
| US | 1.1.1.1:53 | image8.pubmatic.com | udp |
| US | 1.1.1.1:53 | image8.pubmatic.com | udp |
| US | 1.1.1.1:53 | a267.g.akamai.net | udp |
| US | 1.1.1.1:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 1.1.1.1:53 | s.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | s.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | dsum-sec.casalemedia.com | udp |
| US | 1.1.1.1:53 | dsum-sec.casalemedia.com | udp |
| US | 1.1.1.1:53 | a.tribalfusion.com | udp |
| US | 1.1.1.1:53 | a.tribalfusion.com | udp |
| US | 1.1.1.1:53 | match.prod.bidr.io | udp |
| US | 1.1.1.1:53 | match.prod.bidr.io | udp |
| US | 1.1.1.1:53 | sync-tm.everesttech.net | udp |
| US | 1.1.1.1:53 | sync-tm.everesttech.net | udp |
| US | 1.1.1.1:53 | h2.shared.global.fastly.net | udp |
| US | 54.186.195.209:443 | api2.amplitude.com | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| US | 1.1.1.1:53 | www.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.doubleclick.net | udp |
| US | 1.1.1.1:53 | loadus.exelator.com | udp |
| US | 1.1.1.1:53 | loadus.exelator.com | udp |
| US | 1.1.1.1:53 | thrtle.com | udp |
| US | 1.1.1.1:53 | thrtle.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 1.1.1.1:53 | load-euw1.exelator.com | udp |
| GB | 92.123.142.59:443 | qsearch-a.akamaihd.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| GB | 142.250.178.14:443 | www.doubleclick.net | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| US | 1.1.1.1:53 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | udp |
| US | 1.1.1.1:53 | ad.360yield.com | udp |
| US | 1.1.1.1:53 | ad.360yield.com | udp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 35.153.86.138:443 | thrtle.com | tcp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| US | 1.1.1.1:53 | euw-ice.360yield.com | udp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.1:443 | cdn.ampproject.org | tcp |
| IE | 52.213.20.15:443 | ad.360yield.com | tcp |
| US | 1.1.1.1:53 | tg.socdm.com | udp |
| US | 1.1.1.1:53 | tg.socdm.com | udp |
| US | 1.1.1.1:53 | tg.dr.socdm.com | udp |
| US | 54.186.195.209:443 | api2.amplitude.com | tcp |
| US | 1.1.1.1:53 | creativecdn.com | udp |
| US | 1.1.1.1:53 | creativecdn.com | udp |
| US | 1.1.1.1:53 | secure-assets.rubiconproject.com | udp |
| US | 1.1.1.1:53 | secure-assets.rubiconproject.com | udp |
| US | 1.1.1.1:53 | e8960.e2.akamaiedge.net | udp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| JP | 124.146.153.166:443 | tg.socdm.com | tcp |
| US | 1.1.1.1:53 | placement-prd.jwpltx.com | udp |
| US | 1.1.1.1:53 | placement-prd.jwpltx.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 1.1.1.1:53 | sync.srv.stackadapt.com | udp |
| US | 1.1.1.1:53 | sync.srv.stackadapt.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 1.1.1.1:53 | pr-bh.ybp.yahoo.com | udp |
| US | 1.1.1.1:53 | pr-bh.ybp.yahoo.com | udp |
| US | 1.1.1.1:53 | sync.ipredictive.com | udp |
| US | 1.1.1.1:53 | sync.ipredictive.com | udp |
| US | 1.1.1.1:53 | match.deepintent.com | udp |
| US | 1.1.1.1:53 | match.deepintent.com | udp |
| US | 1.1.1.1:53 | bh.contextweb.com | udp |
| US | 1.1.1.1:53 | bh.contextweb.com | udp |
| US | 1.1.1.1:53 | am1-direct-bgp.contextweb.com | udp |
| US | 1.1.1.1:53 | ce.lijit.com | udp |
| US | 1.1.1.1:53 | ce.lijit.com | udp |
| US | 1.1.1.1:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 54.186.195.209:443 | api2.amplitude.com | tcp |
| US | 1.1.1.1:53 | image6.pubmatic.com | udp |
| US | 1.1.1.1:53 | image6.pubmatic.com | udp |
| US | 1.1.1.1:53 | pugm-lhrc.pubmnet.com | udp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| JP | 124.146.153.166:443 | tg.socdm.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.51.66.121:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 54.73.162.61:443 | ce.lijit.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| GB | 18.172.153.117:443 | placement-prd.jwpltx.com | tcp |
| US | 1.1.1.1:53 | ads.yieldmo.com | udp |
| US | 1.1.1.1:53 | ads.yieldmo.com | udp |
| US | 1.1.1.1:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.51.66.121:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 54.73.162.61:443 | ce.lijit.com | tcp |
| US | 1.1.1.1:53 | acdn.adnxs.com | udp |
| US | 1.1.1.1:53 | acdn.adnxs.com | udp |
| US | 1.1.1.1:53 | cm.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | e6115.g.akamaiedge.net | udp |
| US | 1.1.1.1:53 | public.servenobid.com | udp |
| US | 1.1.1.1:53 | public.servenobid.com | udp |
| US | 1.1.1.1:53 | cm.adform.net | udp |
| US | 1.1.1.1:53 | cm.adform.net | udp |
| US | 1.1.1.1:53 | contextual.media.net | udp |
| US | 1.1.1.1:53 | contextual.media.net | udp |
| US | 1.1.1.1:53 | track-eu.adformnet.akadns.net | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | udp |
| IE | 54.220.241.253:443 | ads.yieldmo.com | tcp |
| IE | 54.220.241.253:443 | ads.yieldmo.com | tcp |
| IE | 54.220.241.253:443 | ads.yieldmo.com | tcp |
| US | 1.1.1.1:53 | usersync.gumgum.com | udp |
| US | 1.1.1.1:53 | usersync.gumgum.com | udp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| GB | 2.22.5.61:443 | eus.rubiconproject.com | tcp |
| GB | 108.156.39.44:443 | public.servenobid.com | tcp |
| US | 1.1.1.1:53 | dsp.nrich.ai | udp |
| US | 1.1.1.1:53 | dsp.nrich.ai | udp |
| DK | 37.157.2.230:443 | cm.adform.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| IE | 54.220.241.253:443 | ads.yieldmo.com | tcp |
| NL | 35.214.140.44:443 | csync.loopme.me | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 54.220.241.253:443 | ads.yieldmo.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| GB | 2.22.5.61:443 | eus.rubiconproject.com | tcp |
| GB | 108.156.39.44:443 | public.servenobid.com | tcp |
| DK | 37.157.2.230:443 | cm.adform.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| NL | 35.214.140.44:443 | csync.loopme.me | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| FR | 51.68.39.188:443 | dsp.nrich.ai | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| FR | 51.68.39.188:443 | dsp.nrich.ai | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 1.1.1.1:53 | cms.quantserve.com | udp |
| US | 1.1.1.1:53 | cms.quantserve.com | udp |
| US | 1.1.1.1:53 | cs.yellowblue.io | udp |
| US | 1.1.1.1:53 | cs.yellowblue.io | udp |
| US | 1.1.1.1:53 | rtb.mfadsrvr.com | udp |
| US | 1.1.1.1:53 | rtb.mfadsrvr.com | udp |
| US | 1.1.1.1:53 | sync.mathtag.com | udp |
| US | 1.1.1.1:53 | sync.mathtag.com | udp |
| US | 1.1.1.1:53 | pixel-eu.rubiconproject.com | udp |
| US | 1.1.1.1:53 | pixel-eu.rubiconproject.com | udp |
| US | 1.1.1.1:53 | ads.stickyadstv.com | udp |
| US | 1.1.1.1:53 | ads.stickyadstv.com | udp |
| US | 1.1.1.1:53 | pixel.rubiconproject.com | udp |
| US | 1.1.1.1:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | cs.admanmedia.com | udp |
| US | 1.1.1.1:53 | pixel-origin.mathtag.com | udp |
| US | 1.1.1.1:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 1.1.1.1:53 | t.adx.opera.com | udp |
| US | 1.1.1.1:53 | a179.b.akamai.net | udp |
| US | 1.1.1.1:53 | ssbsync-global.smartadserver.com | udp |
| US | 1.1.1.1:53 | ssbsync-global.smartadserver.com | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 1.1.1.1:53 | outspot2-ams.adx.opera.com | udp |
| US | 1.1.1.1:53 | spl.zeotap.com | udp |
| US | 1.1.1.1:53 | spl.zeotap.com | udp |
| US | 1.1.1.1:53 | ssbsync-euw2.smartadserver.com | udp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| US | 1.1.1.1:53 | entitlements.jwplayer.com | udp |
| US | 1.1.1.1:53 | entitlements.jwplayer.com | udp |
| US | 1.1.1.1:53 | imasdk.googleapis.com | udp |
| US | 1.1.1.1:53 | imasdk.googleapis.com | udp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| US | 1.1.1.1:53 | cs386.wpc.edgecastcdn.net | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| FR | 5.135.209.101:443 | ssbsync-global.smartadserver.com | tcp |
| US | 172.67.40.173:443 | spl.zeotap.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| US | 1.1.1.1:53 | eu-u.openx.net | udp |
| US | 1.1.1.1:53 | eu-u.openx.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 1.1.1.1:53 | dis.criteo.com | udp |
| US | 1.1.1.1:53 | dis.criteo.com | udp |
| US | 1.1.1.1:53 | widget.nl3.vip.prod.criteo.com | udp |
| IE | 52.51.66.121:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 1.1.1.1:53 | prd.jwpltx.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| FR | 152.199.22.243:443 | entitlements.jwplayer.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| IE | 54.171.90.29:443 | cs.yellowblue.io | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | tcp |
| US | 1.1.1.1:53 | media.bidgx.com | udp |
| US | 1.1.1.1:53 | media.bidgx.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 52.51.66.121:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| FR | 152.199.22.243:443 | entitlements.jwplayer.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| GB | 142.250.180.10:443 | imasdk.googleapis.com | tcp |
| GB | 108.156.39.83:443 | prd.jwpltx.com | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | udp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| GB | 142.250.180.10:443 | imasdk.googleapis.com | tcp |
| GB | 108.156.39.83:443 | prd.jwpltx.com | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | tcp |
| DE | 18.157.153.25:443 | rtb.mfadsrvr.com | tcp |
| US | 172.67.170.105:443 | media.bidgx.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 3.220.162.84:443 | pixel.adsafeprotected.com | tcp |
| US | 1.1.1.1:53 | assets-jpcust.jwpsrv.com | udp |
| US | 1.1.1.1:53 | assets-jpcust.jwpsrv.com | udp |
| US | 151.101.66.114:443 | assets-jpcust.jwpsrv.com | tcp |
| US | 1.1.1.1:53 | s.tribalfusion.com | udp |
| US | 1.1.1.1:53 | s.tribalfusion.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 151.101.66.114:443 | assets-jpcust.jwpsrv.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| GB | 108.156.39.83:443 | prd.jwpltx.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 104.18.24.173:443 | s.tribalfusion.com | tcp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | load77.exelator.com | udp |
| US | 1.1.1.1:53 | load77.exelator.com | udp |
| GB | 195.181.164.16:443 | load77.exelator.com | tcp |
| GB | 2.22.5.61:443 | eus.rubiconproject.com | tcp |
| US | 1.1.1.1:53 | e8960.b.akamaiedge.net | udp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 1.1.1.1:53 | pixel-sync.sitescout.com | udp |
| US | 1.1.1.1:53 | pixel-sync.sitescout.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 1.1.1.1:53 | ums.acuityplatform.com | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 89.149.192.75:443 | ssbsync.smartadserver.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 1.1.1.1:53 | g2.gumgum.com | udp |
| US | 1.1.1.1:53 | g2.gumgum.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 1.1.1.1:53 | cs-server-s2s.yellowblue.io | udp |
| US | 1.1.1.1:53 | cs-server-s2s.yellowblue.io | udp |
| US | 1.1.1.1:53 | cdn.dxkulture.com | udp |
| US | 1.1.1.1:53 | cdn.dxkulture.com | udp |
| US | 1.1.1.1:53 | p.rfihub.com | udp |
| US | 1.1.1.1:53 | p.rfihub.com | udp |
| US | 1.1.1.1:53 | prebid.a-mo.net | udp |
| US | 1.1.1.1:53 | prebid.a-mo.net | udp |
| US | 1.1.1.1:53 | ssp.disqus.com | udp |
| US | 1.1.1.1:53 | ssp.disqus.com | udp |
| US | 1.1.1.1:53 | a-emea.rfihub.com.akadns.net | udp |
| US | 1.1.1.1:53 | am6-prebid.a-mx.net | udp |
| US | 1.1.1.1:53 | zeta-ssp-385516103.us-east-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | hbx.media.net | udp |
| US | 1.1.1.1:53 | hbx.media.net | udp |
| IE | 63.33.2.172:443 | g2.gumgum.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | udp |
| US | 54.208.222.196:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 172.64.145.29:443 | cdn.dxkulture.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 52.204.22.109:443 | ssp.disqus.com | tcp |
| GB | 2.23.220.28:443 | hbx.media.net | tcp |
| IE | 63.33.2.172:443 | g2.gumgum.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| FR | 5.135.209.101:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 1.1.1.1:53 | dsp.adfarm1.adition.com | udp |
| US | 1.1.1.1:53 | dsp.adfarm1.adition.com | udp |
| US | 1.1.1.1:53 | rtb-csync.smartadserver.com | udp |
| US | 1.1.1.1:53 | rtb-csync.smartadserver.com | udp |
| US | 1.1.1.1:53 | rtb-csync-euw1.smartadserver.com | udp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| NL | 89.149.193.120:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.150.98:443 | csync.loopme.me | tcp |
| US | 1.1.1.1:53 | i.liadm.com | udp |
| US | 1.1.1.1:53 | i.liadm.com | udp |
| US | 1.1.1.1:53 | match.adsby.bidtheatre.com | udp |
| US | 1.1.1.1:53 | match.adsby.bidtheatre.com | udp |
| US | 1.1.1.1:53 | cm.ctnsnet.com | udp |
| US | 1.1.1.1:53 | cm.ctnsnet.com | udp |
| US | 1.1.1.1:53 | rtb.adentifi.com | udp |
| US | 1.1.1.1:53 | rtb.adentifi.com | udp |
| US | 1.1.1.1:53 | trace.mediago.io | udp |
| US | 1.1.1.1:53 | trace.mediago.io | udp |
| US | 1.1.1.1:53 | idaas-ext.cph.liveintent.com | udp |
| GB | 108.156.39.83:443 | prd.jwpltx.com | tcp |
| US | 34.98.64.218:443 | eu-u.openx.net | udp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 18.211.13.3:443 | i.liadm.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | tcp |
| US | 44.199.126.48:443 | rtb.adentifi.com | tcp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| US | 18.211.13.3:443 | i.liadm.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | tcp |
| US | 44.199.126.48:443 | rtb.adentifi.com | tcp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 1.1.1.1:53 | px.ads.linkedin.com | udp |
| US | 1.1.1.1:53 | px.ads.linkedin.com | udp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 1.1.1.1:53 | pixel-us-east.rubiconproject.com | udp |
| US | 1.1.1.1:53 | pixel-us-east.rubiconproject.com | udp |
| US | 1.1.1.1:53 | pixel-us-east.rubiconproject.net.akadns.net | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 69.173.146.5:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 89.149.193.120:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 89.149.193.120:443 | rtb-csync.smartadserver.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 172.67.170.105:443 | media.bidgx.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 1.1.1.1:53 | cdn.doubleverify.com | udp |
| US | 1.1.1.1:53 | cdn.doubleverify.com | udp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| GB | 23.200.147.25:443 | cdn.doubleverify.com | tcp |
| GB | 2.23.220.28:443 | hbx.media.net | udp |
| US | 1.1.1.1:53 | ads.dxkulture.com | udp |
| US | 1.1.1.1:53 | ads.dxkulture.com | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 1.1.1.1:53 | sync.adkernel.com | udp |
| US | 1.1.1.1:53 | sync.adkernel.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 1.1.1.1:53 | 1.cpm.ak-is2.net | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 1.1.1.1:53 | dt.adsafeprotected.com | udp |
| US | 1.1.1.1:53 | dt.adsafeprotected.com | udp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 1.1.1.1:53 | m.media-amazon.com | udp |
| US | 1.1.1.1:53 | m.media-amazon.com | udp |
| US | 1.1.1.1:53 | ts.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | ts.amazon-adsystem.com | udp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | udp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| GB | 18.245.218.63:443 | ts.amazon-adsystem.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 1.1.1.1:53 | srv.bidgx.com | udp |
| US | 1.1.1.1:53 | srv.bidgx.com | udp |
| US | 1.1.1.1:53 | ssum.casalemedia.com | udp |
| US | 1.1.1.1:53 | ssum.casalemedia.com | udp |
| US | 35.208.249.213:443 | trace.mediago.io | udp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 104.21.28.80:443 | srv.bidgx.com | tcp |
| US | 1.1.1.1:53 | sync.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | sync.crwdcntrl.net | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.203.25.84:443 | dt.adsafeprotected.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| US | 104.21.28.80:443 | srv.bidgx.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.203.25.84:443 | dt.adsafeprotected.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| US | 1.1.1.1:53 | cr.frontend.weborama.fr | udp |
| US | 1.1.1.1:53 | cr.frontend.weborama.fr | udp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 1.1.1.1:53 | mwzeom.zeotap.com | udp |
| US | 1.1.1.1:53 | mwzeom.zeotap.com | udp |
| IE | 54.220.158.112:443 | sync.crwdcntrl.net | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 1.1.1.1:53 | um.simpli.fi | udp |
| US | 1.1.1.1:53 | um.simpli.fi | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 1.1.1.1:53 | ad.mrtnsvr.com | udp |
| US | 1.1.1.1:53 | ad.mrtnsvr.com | udp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| IE | 54.220.158.112:443 | sync.crwdcntrl.net | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 1.1.1.1:53 | d5p.de17a.com | udp |
| US | 1.1.1.1:53 | d5p.de17a.com | udp |
| US | 1.1.1.1:53 | cm-supply-web.gammaplatform.com | udp |
| US | 1.1.1.1:53 | cm-supply-web.gammaplatform.com | udp |
| US | 1.1.1.1:53 | ipac.ctnsnet.com | udp |
| US | 1.1.1.1:53 | ipac.ctnsnet.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| US | 1.1.1.1:53 | core.iprom.net | udp |
| US | 1.1.1.1:53 | core.iprom.net | udp |
| US | 1.1.1.1:53 | cm.adgrx.com | udp |
| US | 1.1.1.1:53 | cm.adgrx.com | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 1.1.1.1:53 | rtb.adgrx.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 104.21.28.80:443 | srv.bidgx.com | udp |
| US | 1.1.1.1:53 | pubmatic-match.dotomi.com | udp |
| US | 1.1.1.1:53 | pubmatic-match.dotomi.com | udp |
| US | 1.1.1.1:53 | ad.turn.com | udp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | udp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| SE | 213.155.156.168:443 | d5p.de17a.com | tcp |
| NL | 35.214.150.98:443 | csync.loopme.me | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 1.1.1.1:53 | simage2.pubmatic.com | udp |
| US | 1.1.1.1:53 | simage2.pubmatic.com | udp |
| US | 1.1.1.1:53 | sonata-notifications.taptapnetworks.com | udp |
| US | 1.1.1.1:53 | sonata-notifications.taptapnetworks.com | udp |
| US | 1.1.1.1:53 | pug-ams-bc.pubmnet.com | udp |
| US | 1.1.1.1:53 | simage4.pubmatic.com | udp |
| US | 1.1.1.1:53 | simage4.pubmatic.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | udp |
| US | 1.1.1.1:53 | spug-lhrc.pubmnet.com | udp |
| US | 1.1.1.1:53 | capi.connatix.com | udp |
| US | 1.1.1.1:53 | capi.connatix.com | udp |
| US | 1.1.1.1:53 | capi.connatix.com.cdn.cloudflare.net | udp |
| DE | 52.28.34.225:443 | sonata-notifications.taptapnetworks.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 1.1.1.1:53 | image4.pubmatic.com | udp |
| US | 1.1.1.1:53 | image4.pubmatic.com | udp |
| US | 104.18.41.104:443 | capi.connatix.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 1.1.1.1:53 | spug-amsfpairbc.pubmnet.com | udp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| DE | 52.28.34.225:443 | sonata-notifications.taptapnetworks.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | support.mozilla.org | udp |
| US | 1.1.1.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 1.1.1.1:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 1.1.1.1:53 | s2.paa-reporting-advertising.amazon | udp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 54.192.137.121:443 | s2.paa-reporting-advertising.amazon | tcp |
| GB | 54.192.137.121:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 1.1.1.1:53 | images-eu.ssl-images-amazon.com | udp |
| US | 1.1.1.1:53 | images-eu.ssl-images-amazon.com | udp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 151.101.1.16:443 | images-eu.ssl-images-amazon.com | tcp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 1.1.1.1:53 | aes.eu-west.3px.axp.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | aes.eu-west.3px.axp.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | aes-p-aespr-1gkttdctgiktw-30021760.eu-west-1.elb.amazonaws.com | udp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 151.101.1.16:443 | images-eu.ssl-images-amazon.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| IE | 52.212.91.251:443 | aes.eu-west.3px.axp.amazon-adsystem.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| US | 151.101.1.16:443 | images-eu.ssl-images-amazon.com | udp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| IE | 52.212.91.251:443 | aes.eu-west.3px.axp.amazon-adsystem.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| IE | 34.248.189.186:443 | match.prod.bidr.io | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 104.18.41.104:443 | capi.connatix.com | udp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | udp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 54.162.50.227:443 | sync.srv.stackadapt.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| US | 54.145.147.121:443 | sync.ipredictive.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 1.1.1.1:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 1.1.1.1:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| IE | 3.254.239.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 216.239.36.181:443 | analytics.google.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | store.steampowered.com | udp |
| US | 1.1.1.1:53 | store.steampowered.com | udp |
| GB | 2.22.5.116:443 | store.steampowered.com | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 1.1.1.1:53 | store.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | store.akamai.steamstatic.com | udp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| US | 1.1.1.1:53 | cdn.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | cdn.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | shared.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | shared.akamai.steamstatic.com | udp |
| GB | 104.86.110.72:443 | shared.akamai.steamstatic.com | tcp |
| GB | 104.86.110.72:443 | shared.akamai.steamstatic.com | tcp |
| GB | 104.86.110.72:443 | shared.akamai.steamstatic.com | tcp |
| GB | 104.86.110.72:443 | shared.akamai.steamstatic.com | tcp |
| GB | 104.86.110.72:443 | shared.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 92.123.140.8:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| GB | 23.59.171.10:443 | store.akamai.steamstatic.com | tcp |
| US | 1.1.1.1:53 | api.steampowered.com | udp |
| US | 1.1.1.1:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 1.1.1.1:53 | clan.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | clan.akamai.steamstatic.com | udp |
| GB | 23.59.171.10:443 | clan.akamai.steamstatic.com | tcp |
| GB | 2.22.5.116:443 | store.steampowered.com | tcp |
| US | 1.1.1.1:53 | community.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | community.akamai.steamstatic.com | udp |
| GB | 104.86.110.35:443 | community.akamai.steamstatic.com | tcp |
| US | 1.1.1.1:53 | store.steampowered.com | udp |
| US | 1.1.1.1:53 | avatars.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | avatars.akamai.steamstatic.com | udp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| GB | 92.123.143.240:443 | avatars.akamai.steamstatic.com | tcp |
| US | 1.1.1.1:53 | store.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | shared.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | shared.akamai.steamstatic.com | udp |
| US | 1.1.1.1:53 | store.steampowered.com | udp |
| US | 1.1.1.1:53 | steamcommunity.com | udp |
| US | 1.1.1.1:53 | steamcommunity.com | udp |
| US | 1.1.1.1:53 | help.steampowered.com | udp |
| US | 1.1.1.1:53 | help.steampowered.com | udp |
| GB | 104.82.234.109:443 | help.steampowered.com | tcp |
| GB | 104.82.234.109:443 | help.steampowered.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.48:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | content-signature-chains.prod.autograph.services.mozaws.net | udp |
| US | 34.160.144.191:443 | content-signature-chains.prod.autograph.services.mozaws.net | tcp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| GB | 185.125.190.98:80 | connectivity-check.ubuntu.com | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
| US | 91.189.91.98:80 | connectivity-check.ubuntu.com | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:01
Platform
debian9-armhf-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:01
Platform
debian9-mipsbe-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:01
Platform
debian9-mipsel-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 10:58
Reported
2024-06-06 11:31
Platform
win10v2004-20240508-en
Max time kernel
1730s
Max time network
1685s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e53746f8,0x7ff9e5374708,0x7ff9e5374718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4940 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:80 | google.com | tcp |
| GB | 142.250.178.14:80 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_3836_UIDRXSLCUYDNKENC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ff2dd66851382896b8b40e038e0a903d |
| SHA1 | b31cd78a65752e0b3c5fcdf8b17eb2b608114b57 |
| SHA256 | dbd9a0c8ba18da6ec8e364194ecf83743414c1ad7c833714dad32f8af8608bf2 |
| SHA512 | 6fd5783996c75d141bc49683d7c6a89708f7870d58b16eef19e3875805a36819143a01c4e76bddffca5f669f7ddfeb0bd7162962a46547588131a502fecdee65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a3baa4785308bfce3fe2467ac124a793 |
| SHA1 | 5a325ba8d2c91a31a83c091b4f4acc426f98767e |
| SHA256 | bc019eeea807bd9537e23e3161d364bff8707a17a9f525391de25e08efb193ac |
| SHA512 | d9467d0acb2ed1c037834200032a84eefea816437848eeaaa436d241180ec0d221cac42a50f44f6826b7998c67c7b6b6cfd754880c5656be02e57d427b2c6302 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a7cd5327c41107f761c3a2323ad6b373 |
| SHA1 | 7d5e455f246772d984efbc64cbba2fffe37e0979 |
| SHA256 | 8c412bf9a6102801d6cfacaefcb92aba1cc644a5df62fa6fac40ddf7058dc021 |
| SHA512 | d4298d911484fdd64f2b278de1cf6cac9c6c85b7b19a424919698da9a36fa6f40289b42c93d40f591f287c19e3609227f69a5afb4c6cbc7a6b7cf4fbb48ec3b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b9a8a2e4a45239679eb59dad2d7527ad |
| SHA1 | 08d6ddf7f263a09eef2d38759e08468c75550efb |
| SHA256 | fb8957707153f2bac34ebf9e017f09b99ce9c4ed7a72f676d6adfbd22fe97578 |
| SHA512 | 39263807ec85471ad6eafe88fa0cca092d8d27bafa1a4792797f065eaeda996c3f74ec11e3535ffebefc15552cece4a30b42b58f8288c79c4145a83426b23325 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d4ab73a5be81b9b9a127088364595b48 |
| SHA1 | d7ca1ef4a8eef2f1b91355119f7fa16e61ec0111 |
| SHA256 | 713d0928120c2392b95bc9fbb97ec35154695ed8bd640a204a79509c5c0c6b5a |
| SHA512 | 15f2cda23e7b63af4de23259a4944022d645325970cee17964978e8b2fa18367f8cae3a815c368629533cfe4f14162c51ebe8a6860b253e7d6675dc2ed0c2bda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a0969ef35f186925f0c292cf59bdcf5b |
| SHA1 | 2fabf7be71392c1d80085224770b609a68ed97f0 |
| SHA256 | 00a50f039ffa79def7d1789d5922fa1ff05263ecc35b0a9014ebb22edcdf834a |
| SHA512 | 606e140004ac68ac6e043826f3d7be4587d187b832f80e315e6ee411f582137f9da5c38aacc325157c560e2836f48fc575bd1623e6989fa6c8dc8858b7680cbe |