Malware Analysis Report

2024-11-15 05:10

Sample ID 240606-m2579aeb93
Target http://google.com
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

Threat Level: Likely benign

The file http://google.com was found to be: Likely benign.

Malicious Activity Summary


Enumerates kernel/hardware configuration

Reads runtime system information

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Checks CPU information

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Checks memory information

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 10:58

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:31

Platform

android-x64-20240603-en

Max time kernel

1524s

Max time network

1791s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.167.84:443 accounts.google.com tcp
US 1.1.1.1:53 google.com udp
GB 142.250.180.14:80 google.com tcp
GB 142.250.180.14:80 google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 216.58.212.228:443 www.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.201.104:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 clients1.google.com udp
GB 172.217.16.238:443 clients1.google.com tcp
US 1.1.1.1:53 apis.google.com udp
GB 142.250.179.238:443 apis.google.com tcp
US 1.1.1.1:53 play.google.com udp
GB 142.250.178.14:443 play.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.178.3:443 update.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.200.14:443 tcp
GB 172.217.169.14:443 tcp
GB 142.250.187.226:443 tcp
US 1.1.1.1:53 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 88.221.135.42:443 www.bing.com tcp
GB 88.221.135.42:443 www.bing.com tcp
US 1.1.1.1:53 g.tenor.com udp
GB 142.250.200.10:443 g.tenor.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 1.1.1.1:53 th.bing.com udp
GB 95.101.129.225:443 th.bing.com tcp
GB 95.101.129.225:443 th.bing.com tcp
GB 95.101.129.225:443 th.bing.com tcp
GB 95.101.129.225:443 th.bing.com tcp
GB 142.250.179.234:443 g.tenor.com tcp
GB 142.250.179.234:443 g.tenor.com tcp
GB 142.250.187.195:443 tcp
US 1.1.1.1:53 aefd.nelreports.net udp
GB 95.101.28.33:443 aefd.nelreports.net tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
GB 2.16.34.161:443 www.bing.com tcp
US 1.1.1.1:53 th.bing.com udp
US 1.1.1.1:53 login.microsoftonline.com udp
IE 20.190.159.0:443 login.microsoftonline.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 1.1.1.1:53 tse1.explicit.bing.net udp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 204.79.197.201:443 tse1.explicit.bing.net tcp
US 1.1.1.1:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
BE 64.233.167.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp

Files

files/dom-0.html

MD5 adf7c86330f9d9ac4c3e59e3b6ba6dcc
SHA1 4ef6297aed29b52d5e751ca9aa0d2d85f21dde4b
SHA256 0eb62c22ee95f65ab2e1f4ab881022edb5688b1e47a049a2cbbdbac3a9c7eaed
SHA512 a9e211979e563a5e9fe6f07ea38df009989340c087a63295665c25075b8569bd7eda1efbdd715fec65d0ed5cd7b9cdc9a41104d6ff856a43a54310900eb28d0b

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:31

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

2s

Max time network

1681s

Command Line

[xdg-open http://google.com]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1592/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1627/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1614/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open http://google.com]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://google.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://google.com]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser http://google.com]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://google.com]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox http://google.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://google.com]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.129.91:443 tcp
US 151.101.129.91:443 tcp
GB 89.187.167.3:443 tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.228:443 www.google.com tcp
GB 142.250.187.228:443 www.google.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 play.google.com udp
US 1.1.1.1:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 1.1.1.1:53 i.ytimg.com udp
US 1.1.1.1:53 i.ytimg.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 172.217.169.54:443 i.ytimg.com udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.169.78:443 www.youtube.com tcp
GB 172.217.169.66:443 googleads.g.doubleclick.net udp
GB 172.217.169.78:443 www.youtube.com udp
US 1.1.1.1:53 static.doubleclick.net udp
US 1.1.1.1:53 static.doubleclick.net udp
GB 142.250.180.6:443 static.doubleclick.net tcp
GB 142.250.180.6:443 static.doubleclick.net udp
US 1.1.1.1:53 jnn-pa.googleapis.com udp
US 1.1.1.1:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 1.1.1.1:53 kinitopedia.fandom.com udp
US 1.1.1.1:53 kinitopedia.fandom.com udp
US 1.1.1.1:53 fandom.com udp
US 199.232.208.194:443 kinitopedia.fandom.com tcp
US 1.1.1.1:53 static.wikia.nocookie.net udp
US 1.1.1.1:53 static.wikia.nocookie.net udp
US 1.1.1.1:53 services.fandom.com udp
US 1.1.1.1:53 services.fandom.com udp
US 1.1.1.1:53 wikia.nocookie.net udp
US 1.1.1.1:53 www.fastly-insights.com udp
US 1.1.1.1:53 www.fastly-insights.com udp
US 199.232.212.194:443 services.fandom.com tcp
DE 74.120.188.194:443 static.wikia.nocookie.net tcp
DE 74.120.188.194:443 static.wikia.nocookie.net tcp
DE 74.120.188.194:443 static.wikia.nocookie.net tcp
DE 74.120.188.194:443 static.wikia.nocookie.net tcp
US 1.1.1.1:53 h1.fastlyanalytics.map.fastly.net udp
DE 74.120.188.194:443 static.wikia.nocookie.net tcp
US 151.101.194.91:443 www.fastly-insights.com tcp
US 1.1.1.1:53 script.wikia.nocookie.net udp
US 1.1.1.1:53 script.wikia.nocookie.net udp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
DE 74.120.188.204:443 script.wikia.nocookie.net tcp
US 1.1.1.1:53 beacon.wikia-services.com udp
US 1.1.1.1:53 beacon.wikia-services.com udp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 1.1.1.1:53 fastly-insights.com udp
US 1.1.1.1:53 fastly-insights.com udp
US 151.101.130.91:443 fastly-insights.com tcp
US 1.1.1.1:53 www.fandom.com udp
US 1.1.1.1:53 www.fandom.com udp
US 1.1.1.1:53 dev.fandom.com udp
US 1.1.1.1:53 dev.fandom.com udp
US 199.232.212.194:443 dev.fandom.com tcp
US 199.232.208.194:443 dev.fandom.com tcp
US 1.1.1.1:53 ams-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 ams-v4.pops.fastly-insights.com udp
NL 151.101.38.91:443 ams-v4.pops.fastly-insights.com tcp
US 74.120.189.205:443 beacon.wikia-services.com tcp
US 1.1.1.1:53 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com udp
US 1.1.1.1:53 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com udp
US 151.101.194.91:443 7c051982-6ce3-46e7-bd13-08ad966b51c9.eu.u.fastly-insights.com tcp
US 1.1.1.1:53 quic-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 quic-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 quic-v4.pops.k.fastly-insights.com udp
US 151.101.66.67:443 quic-v4.pops.fastly-insights.com tcp
US 151.101.66.67:443 quic-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com udp
US 1.1.1.1:53 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com udp
GB 146.75.74.91:443 7c051982-6ce3-46e7-bd13-08ad966b51c9-pdata-v4.unique.k.fastly-insights.com tcp
US 1.1.1.1:53 astral-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 astral-v4.pops.fastly-insights.com udp
US 151.101.194.91:443 astral-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 scl-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 scl-v4.pops.fastly-insights.com udp
CL 151.101.222.91:443 scl-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 kdal-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 kdal-v4.pops.fastly-insights.com udp
US 151.101.162.91:443 kdal-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 mad-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 mad-v4.pops.fastly-insights.com udp
ES 151.101.134.91:443 mad-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 bare-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 bare-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 bare-h1.fastlyanalytics.map.fastly.net udp
GB 146.75.74.91:443 bare-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 lhr-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 lhr-v4.pops.fastly-insights.com udp
GB 151.101.62.91:443 lhr-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 mrs-v4.pops.fastly-insights.com udp
US 1.1.1.1:53 mrs-v4.pops.fastly-insights.com udp
FR 199.232.82.91:443 mrs-v4.pops.fastly-insights.com tcp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.11.19.139:443 location.services.mozilla.com tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 archive.mozilla.org udp
US 1.1.1.1:53 archive.mozilla.org udp
US 34.117.35.28:443 archive.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 34.117.35.28:443 archive.mozilla.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 secure.quantserve.com udp
US 1.1.1.1:53 secure.quantserve.com udp
DE 91.228.74.166:443 secure.quantserve.com tcp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
BE 66.102.1.157:443 stats.g.doubleclick.net tcp
BE 66.102.1.157:443 stats.g.doubleclick.net udp
GB 142.250.187.228:443 www.google.com tcp
US 1.1.1.1:53 rules.quantcount.com udp
US 1.1.1.1:53 rules.quantcount.com udp
FR 52.222.144.21:443 rules.quantcount.com tcp
GB 142.250.187.228:443 www.google.com udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 1.1.1.1:53 cdn.jsdelivr.net udp
US 104.18.186.31:443 cdn.jsdelivr.net tcp
US 104.18.186.31:443 cdn.jsdelivr.net udp
US 1.1.1.1:53 sb.scorecardresearch.com udp
US 1.1.1.1:53 sb.scorecardresearch.com udp
GB 18.154.84.35:443 sb.scorecardresearch.com tcp
US 1.1.1.1:53 pixel.quantserve.com udp
US 1.1.1.1:53 pixel.quantserve.com udp
DE 91.228.74.166:443 pixel.quantserve.com tcp
US 1.1.1.1:53 cdn.amplitude.com udp
US 1.1.1.1:53 cdn.amplitude.com udp
GB 18.154.84.20:443 cdn.amplitude.com tcp
US 1.1.1.1:53 seg.ad.gt udp
US 1.1.1.1:53 seg.ad.gt udp
US 1.1.1.1:53 a.ad.gt udp
US 1.1.1.1:53 a.ad.gt udp
US 104.22.4.69:443 a.ad.gt tcp
US 104.22.4.69:443 a.ad.gt tcp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 1.1.1.1:53 d1ykf07e75w7ss.cloudfront.net udp
US 1.1.1.1:53 cdn.adsafeprotected.com udp
US 1.1.1.1:53 cdn.adsafeprotected.com udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 d3tqyidpuy80xi.cloudfront.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 1.1.1.1:53 pub.doubleverify.com udp
US 1.1.1.1:53 pub.doubleverify.com udp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
GB 18.172.153.15:443 cdn.adsafeprotected.com tcp
US 1.1.1.1:53 cdn.jwplayer.com udp
US 1.1.1.1:53 cdn.jwplayer.com udp
GB 172.217.169.2:443 securepubads.g.doubleclick.net tcp
US 1.1.1.1:53 id5-sync.com udp
US 1.1.1.1:53 id5-sync.com udp
GB 18.239.236.57:443 cdn.jwplayer.com tcp
DE 162.19.138.118:443 id5-sync.com tcp
US 1.1.1.1:53 b-code.liadm.com udp
US 1.1.1.1:53 b-code.liadm.com udp
US 1.1.1.1:53 cdn-gl.imrworldwide.com udp
US 1.1.1.1:53 cdn-gl.imrworldwide.com udp
GB 18.165.227.85:443 b-code.liadm.com tcp
GB 108.156.46.127:443 cdn-gl.imrworldwide.com tcp
US 104.18.166.224:443 pub.doubleverify.com udp
GB 172.217.169.2:443 securepubads.g.doubleclick.net udp
US 104.22.4.69:443 a.ad.gt tcp
US 1.1.1.1:53 id.halo.ad.gt udp
US 1.1.1.1:53 id.halo.ad.gt udp
US 1.1.1.1:53 secure.adnxs.com udp
US 1.1.1.1:53 secure.adnxs.com udp
US 1.1.1.1:53 ib.anycast.adnxs.com udp
NL 185.89.210.153:443 secure.adnxs.com tcp
US 1.1.1.1:53 match.adsrvr.org udp
US 1.1.1.1:53 match.adsrvr.org udp
US 1.1.1.1:53 image2.pubmatic.com udp
US 1.1.1.1:53 image2.pubmatic.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 1.1.1.1:53 pug-lhr-bc.pubmnet.com udp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 1.1.1.1:53 token.rubiconproject.com udp
US 1.1.1.1:53 token.rubiconproject.com udp
US 1.1.1.1:53 pixel.tapad.com udp
US 1.1.1.1:53 pixel.tapad.com udp
US 1.1.1.1:53 pixel.rubiconproject.net.akadns.net udp
US 1.1.1.1:53 ids.ad.gt udp
US 1.1.1.1:53 ids.ad.gt udp
US 1.1.1.1:53 dpm.demdex.net udp
US 1.1.1.1:53 dpm.demdex.net udp
US 1.1.1.1:53 d.turn.com udp
US 1.1.1.1:53 d.turn.com udp
US 1.1.1.1:53 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com udp
US 1.1.1.1:53 sync.go.sonobi.com udp
US 1.1.1.1:53 sync.go.sonobi.com udp
US 1.1.1.1:53 p.ad.gt udp
US 1.1.1.1:53 p.ad.gt udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net tcp
US 34.111.113.62:443 pixel.tapad.com tcp
US 172.67.23.234:443 p.ad.gt tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
IE 54.72.172.22:443 dpm.demdex.net tcp
NL 46.228.164.13:443 d.turn.com tcp
US 69.166.1.66:443 sync.go.sonobi.com tcp
US 172.67.23.234:443 p.ad.gt tcp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 108.156.39.61:443 config.aps.amazon-adsystem.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net udp
US 34.111.113.62:443 pixel.tapad.com udp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 d1jvc9b8z3vcjs.cloudfront.net udp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 1.1.1.1:53 pixel.adsafeprotected.com udp
US 1.1.1.1:53 pixel.adsafeprotected.com udp
US 1.1.1.1:53 firewall-external-2134955858.eu-west-1.elb.amazonaws.com udp
US 3.220.162.84:443 pixel.adsafeprotected.com tcp
US 1.1.1.1:53 launchpad-wrapper.privacymanager.io udp
US 1.1.1.1:53 launchpad-wrapper.privacymanager.io udp
US 1.1.1.1:53 secure.cdn.fastclick.net udp
US 1.1.1.1:53 secure.cdn.fastclick.net udp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 cdn.hadronid.net udp
US 1.1.1.1:53 cdn.hadronid.net udp
GB 54.192.137.23:443 launchpad-wrapper.privacymanager.io tcp
US 1.1.1.1:53 e4536.g.akamaiedge.net udp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
US 1.1.1.1:53 launchpad.privacymanager.io udp
US 1.1.1.1:53 launchpad.privacymanager.io udp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
GB 108.156.46.123:443 launchpad.privacymanager.io tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
GB 216.58.212.206:443 fundingchoicesmessages.google.com tcp
GB 216.58.212.206:443 fundingchoicesmessages.google.com udp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
US 1.1.1.1:53 id.hadron.ad.gt udp
US 1.1.1.1:53 id.hadron.ad.gt udp
IE 34.255.230.248:443 bcp.crwdcntrl.net tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 1.1.1.1:53 geo.privacymanager.io udp
US 1.1.1.1:53 geo.privacymanager.io udp
GB 18.244.179.43:443 geo.privacymanager.io tcp
GB 18.244.179.43:443 geo.privacymanager.io tcp
US 1.1.1.1:53 static.criteo.net udp
US 1.1.1.1:53 static.criteo.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 1.1.1.1:53 cdn.prod.uidapi.com udp
US 1.1.1.1:53 cdn.prod.uidapi.com udp
US 1.1.1.1:53 oa.openxcdn.net udp
US 1.1.1.1:53 oa.openxcdn.net udp
GB 18.245.254.89:443 cdn.prod.uidapi.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 1.1.1.1:53 connectid.analytics.yahoo.com udp
US 1.1.1.1:53 connectid.analytics.yahoo.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 1.1.1.1:53 cdn-ima.33across.com udp
US 1.1.1.1:53 cdn-ima.33across.com udp
US 1.1.1.1:53 cdn-ima.33across.com.cdn.cloudflare.net udp
GB 18.245.162.54:443 connectid.analytics.yahoo.com tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
US 34.102.146.192:443 oa.openxcdn.net udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 1.1.1.1:53 gum.criteo.com udp
US 1.1.1.1:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 1.1.1.1:53 oajs.openx.net udp
US 1.1.1.1:53 oajs.openx.net udp
US 34.120.135.53:443 oajs.openx.net tcp
US 1.1.1.1:53 ups.analytics.yahoo.com udp
US 1.1.1.1:53 ups.analytics.yahoo.com udp
US 1.1.1.1:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 34.120.135.53:443 oajs.openx.net udp
US 1.1.1.1:53 google-bidout-d.openx.net udp
US 1.1.1.1:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 35.244.159.8:443 google-bidout-d.openx.net udp
US 1.1.1.1:53 pubads.g.doubleclick.net udp
US 1.1.1.1:53 pubads.g.doubleclick.net udp
GB 172.217.16.226:443 pubads.g.doubleclick.net tcp
GB 172.217.16.226:443 pubads.g.doubleclick.net udp
US 1.1.1.1:53 aax-eu.amazon-adsystem.com udp
US 1.1.1.1:53 aax-eu.amazon-adsystem.com udp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 1.1.1.1:53 pixels.ad.gt udp
US 1.1.1.1:53 pixels.ad.gt udp
US 104.22.5.69:443 pixels.ad.gt tcp
US 172.67.23.234:443 pixels.ad.gt tcp
US 172.67.23.234:443 pixels.ad.gt tcp
US 1.1.1.1:53 secure-dcr.imrworldwide.com udp
US 1.1.1.1:53 secure-dcr.imrworldwide.com udp
US 1.1.1.1:53 mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com udp
US 1.1.1.1:53 mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com udp
US 1.1.1.1:53 census.eu-west-1.nielsencollections.com udp
IE 52.211.185.33:443 secure-dcr.imrworldwide.com tcp
GB 216.137.44.100:443 mn9aqp02qouambwbff6khagjrxycr1717665328.nuid.imrworldwide.com tcp
GB 18.239.236.57:443 cdn.jwplayer.com tcp
US 1.1.1.1:53 x.bidswitch.net udp
US 1.1.1.1:53 x.bidswitch.net udp
US 1.1.1.1:53 csync.loopme.me udp
US 1.1.1.1:53 csync.loopme.me udp
US 1.1.1.1:53 sync.1rx.io udp
US 1.1.1.1:53 sync.1rx.io udp
US 1.1.1.1:53 cs.media.net udp
US 1.1.1.1:53 cs.media.net udp
US 1.1.1.1:53 s.ad.smaato.net udp
US 1.1.1.1:53 s.ad.smaato.net udp
US 1.1.1.1:53 onetag-sys.com udp
US 1.1.1.1:53 b1sync.zemanta.com udp
US 1.1.1.1:53 b1sync.zemanta.com udp
US 1.1.1.1:53 onetag-sys.com udp
US 1.1.1.1:53 user-data-eu.bidswitch.net udp
US 1.1.1.1:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
GB 2.18.80.27:443 cs.media.net tcp
GB 108.156.39.10:443 s.ad.smaato.net tcp
US 1.1.1.1:53 chidc2.outbrain.org udp
DE 51.38.120.206:443 onetag-sys.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.224.211:443 csync.loopme.me tcp
US 1.1.1.1:53 rtb.gumgum.com udp
US 1.1.1.1:53 rtb.gumgum.com udp
US 1.1.1.1:53 ssum-sec.casalemedia.com udp
US 1.1.1.1:53 ssum-sec.casalemedia.com udp
US 1.1.1.1:53 ms-cookie-sync.presage.io udp
US 1.1.1.1:53 ms-cookie-sync.presage.io udp
US 1.1.1.1:53 ms-cookie-sync.prod.cloud.ogury.io udp
US 1.1.1.1:53 u.openx.net udp
US 1.1.1.1:53 u.openx.net udp
US 1.1.1.1:53 ssbsync.smartadserver.com udp
US 1.1.1.1:53 ssbsync.smartadserver.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 1.1.1.1:53 visitor.omnitagjs.com udp
US 1.1.1.1:53 visitor.omnitagjs.com udp
IE 34.253.77.234:443 ms-cookie-sync.presage.io tcp
US 35.244.159.8:443 u.openx.net tcp
US 1.1.1.1:53 ssbsync-euw1.smartadserver.com udp
US 1.1.1.1:53 visitor-fra02.omnitagjs.com udp
US 1.1.1.1:53 match.sharethrough.com udp
US 1.1.1.1:53 match.sharethrough.com udp
US 1.1.1.1:53 ads.pubmatic.com udp
US 1.1.1.1:53 ads.pubmatic.com udp
US 1.1.1.1:53 sync-amz.ads.yieldmo.com udp
US 1.1.1.1:53 sync-amz.ads.yieldmo.com udp
US 1.1.1.1:53 eus.rubiconproject.com udp
US 1.1.1.1:53 eus.rubiconproject.com udp
US 1.1.1.1:53 match-eu-central-1-ecs.sharethrough.com udp
US 1.1.1.1:53 e6603.g.akamaiedge.net udp
US 1.1.1.1:53 crb.kargo.com udp
US 1.1.1.1:53 crb.kargo.com udp
US 1.1.1.1:53 sync-yieldmo-com-tf-1869548451.eu-west-1.elb.amazonaws.com udp
US 1.1.1.1:53 e8960.b.akamaiedge.net udp
US 1.1.1.1:53 ib.adnxs.com udp
US 1.1.1.1:53 ib.adnxs.com udp
US 1.1.1.1:53 ap.lijit.com udp
US 1.1.1.1:53 ap.lijit.com udp
US 1.1.1.1:53 cs-tam.yellowblue.io udp
US 1.1.1.1:53 cs-tam.yellowblue.io udp
US 1.1.1.1:53 eb2.3lift.com udp
US 1.1.1.1:53 eb2.3lift.com udp
US 1.1.1.1:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 1.1.1.1:53 eu-eb2.3lift.com udp
US 1.1.1.1:53 prebid-server.rubiconproject.com udp
US 1.1.1.1:53 prebid-server.rubiconproject.com udp
US 1.1.1.1:53 prebid-server-perf-eu.rubiconproject.net.akadns.net udp
US 1.1.1.1:53 elb.the-ozone-project.com udp
US 1.1.1.1:53 elb.the-ozone-project.com udp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 s.seedtag.com udp
US 1.1.1.1:53 s.seedtag.com udp
US 1.1.1.1:53 prebid.media.net udp
US 1.1.1.1:53 prebid.media.net udp
US 1.1.1.1:53 hbopenbid.pubmatic.com udp
US 1.1.1.1:53 hbopenbid.pubmatic.com udp
US 1.1.1.1:53 ads.servenobid.com udp
US 1.1.1.1:53 ads.servenobid.com udp
US 1.1.1.1:53 tlx.3lift.com udp
US 1.1.1.1:53 tlx.3lift.com udp
US 1.1.1.1:53 rtb.openx.net udp
US 1.1.1.1:53 rtb.openx.net udp
US 1.1.1.1:53 hbopenbid-lhrc.pubmnet.com udp
US 1.1.1.1:53 eu-tlx.3lift.com udp
US 1.1.1.1:53 fastlane.rubiconproject.com udp
US 1.1.1.1:53 fastlane.rubiconproject.com udp
NL 89.149.192.75:443 ssbsync.smartadserver.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
IE 54.246.231.153:443 rtb.gumgum.com tcp
DE 3.125.241.184:443 match.sharethrough.com tcp
GB 2.23.160.192:443 ads.pubmatic.com tcp
IE 52.18.213.88:443 sync-amz.ads.yieldmo.com tcp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
DE 3.67.105.239:443 crb.kargo.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 1.1.1.1:53 ssl.p.jwpcdn.com udp
US 1.1.1.1:53 ssl.p.jwpcdn.com udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 104.18.43.178:443 elb.the-ozone-project.com tcp
US 1.1.1.1:53 ats-wrapper.privacymanager.io udp
US 1.1.1.1:53 ats-wrapper.privacymanager.io udp
US 64.74.236.95:443 b1sync.zemanta.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 35.214.224.211:443 csync.loopme.me tcp
US 13.248.245.213:443 eb2.3lift.com tcp
IE 54.171.90.29:443 cs-tam.yellowblue.io tcp
IE 34.252.158.198:443 ap.lijit.com tcp
US 34.149.50.64:443 s.seedtag.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
GB 18.154.84.59:443 ats-wrapper.privacymanager.io tcp
DE 51.38.120.206:443 onetag-sys.com udp
US 34.120.63.153:443 prebid.media.net tcp
IE 54.76.139.215:443 ads.servenobid.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 35.244.159.8:443 u.openx.net udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 35.227.252.103:443 rtb.openx.net tcp
NL 35.214.224.211:443 csync.loopme.me tcp
US 13.248.245.213:443 eb2.3lift.com tcp
IE 54.171.90.29:443 cs-tam.yellowblue.io tcp
IE 34.252.158.198:443 ap.lijit.com tcp
US 1.1.1.1:53 sync.targeting.unrulymedia.com udp
US 1.1.1.1:53 sync.targeting.unrulymedia.com udp
US 34.149.50.64:443 s.seedtag.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
GB 18.154.84.59:443 ats-wrapper.privacymanager.io tcp
US 1.1.1.1:53 c1.adform.net udp
US 1.1.1.1:53 c1.adform.net udp
US 1.1.1.1:53 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com udp
US 1.1.1.1:53 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com udp
US 1.1.1.1:53 track.adformnet.akadns.net udp
US 34.120.63.153:443 prebid.media.net tcp
IE 54.76.139.215:443 ads.servenobid.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 35.227.252.103:443 rtb.openx.net tcp
US 104.18.36.155:443 htlb.casalemedia.com udp
US 1.1.1.1:53 static.adsafeprotected.com udp
US 1.1.1.1:53 static.adsafeprotected.com udp
US 1.1.1.1:53 api2.amplitude.com udp
US 1.1.1.1:53 api2.amplitude.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DK 37.157.6.233:443 c1.adform.net tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
DK 37.157.6.233:443 c1.adform.net tcp
US 54.186.195.209:443 api2.amplitude.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
GB 172.217.169.1:443 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 us-u.openx.net udp
US 1.1.1.1:53 us-u.openx.net udp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
US 151.101.66.114:443 ssl.p.jwpcdn.com tcp
GB 18.245.253.90:443 static.adsafeprotected.com tcp
US 54.186.195.209:443 api2.amplitude.com tcp
GB 172.217.169.1:443 1d6cad64454a2c729f5f71f97b3bcd72.safeframe.googlesyndication.com tcp
GB 18.245.253.90:443 static.adsafeprotected.com tcp
US 1.1.1.1:53 qsearch-a.akamaihd.net udp
US 1.1.1.1:53 image8.pubmatic.com udp
US 1.1.1.1:53 image8.pubmatic.com udp
US 1.1.1.1:53 a267.g.akamai.net udp
US 1.1.1.1:53 imagsync-lhrpairbc.pubmatic.com udp
US 34.98.64.218:443 us-u.openx.net tcp
US 1.1.1.1:53 s.amazon-adsystem.com udp
US 1.1.1.1:53 s.amazon-adsystem.com udp
US 1.1.1.1:53 dsum-sec.casalemedia.com udp
US 1.1.1.1:53 dsum-sec.casalemedia.com udp
US 1.1.1.1:53 a.tribalfusion.com udp
US 1.1.1.1:53 a.tribalfusion.com udp
US 1.1.1.1:53 match.prod.bidr.io udp
US 1.1.1.1:53 match.prod.bidr.io udp
US 1.1.1.1:53 sync-tm.everesttech.net udp
US 1.1.1.1:53 sync-tm.everesttech.net udp
US 1.1.1.1:53 h2.shared.global.fastly.net udp
US 54.186.195.209:443 api2.amplitude.com tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 1.1.1.1:53 www.doubleclick.net udp
US 1.1.1.1:53 www.doubleclick.net udp
US 1.1.1.1:53 loadus.exelator.com udp
US 1.1.1.1:53 loadus.exelator.com udp
US 1.1.1.1:53 thrtle.com udp
US 1.1.1.1:53 thrtle.com udp
US 34.98.64.218:443 us-u.openx.net udp
US 1.1.1.1:53 load-euw1.exelator.com udp
GB 92.123.142.59:443 qsearch-a.akamaihd.net tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
GB 142.250.178.14:443 www.doubleclick.net tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
US 104.18.25.173:443 a.tribalfusion.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
US 1.1.1.1:53 cdn.ampproject.org udp
US 1.1.1.1:53 cdn.ampproject.org udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 142.250.200.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 1.1.1.1:53 ad.360yield.com udp
US 1.1.1.1:53 ad.360yield.com udp
IE 34.254.143.3:443 loadus.exelator.com tcp
US 35.153.86.138:443 thrtle.com tcp
GB 142.250.200.1:443 cdn.ampproject.org tcp
GB 142.250.200.1:443 cdn.ampproject.org tcp
GB 142.250.200.1:443 cdn.ampproject.org tcp
US 1.1.1.1:53 euw-ice.360yield.com udp
GB 142.250.200.1:443 cdn.ampproject.org tcp
GB 142.250.200.1:443 cdn.ampproject.org tcp
IE 52.213.20.15:443 ad.360yield.com tcp
US 1.1.1.1:53 tg.socdm.com udp
US 1.1.1.1:53 tg.socdm.com udp
US 1.1.1.1:53 tg.dr.socdm.com udp
US 54.186.195.209:443 api2.amplitude.com tcp
US 1.1.1.1:53 creativecdn.com udp
US 1.1.1.1:53 creativecdn.com udp
US 1.1.1.1:53 secure-assets.rubiconproject.com udp
US 1.1.1.1:53 secure-assets.rubiconproject.com udp
US 1.1.1.1:53 e8960.e2.akamaiedge.net udp
DK 37.157.6.233:443 c1.adform.net tcp
JP 124.146.153.166:443 tg.socdm.com tcp
US 1.1.1.1:53 placement-prd.jwpltx.com udp
US 1.1.1.1:53 placement-prd.jwpltx.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 1.1.1.1:53 sync.srv.stackadapt.com udp
US 1.1.1.1:53 sync.srv.stackadapt.com udp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 1.1.1.1:53 pr-bh.ybp.yahoo.com udp
US 1.1.1.1:53 pr-bh.ybp.yahoo.com udp
US 1.1.1.1:53 sync.ipredictive.com udp
US 1.1.1.1:53 sync.ipredictive.com udp
US 1.1.1.1:53 match.deepintent.com udp
US 1.1.1.1:53 match.deepintent.com udp
US 1.1.1.1:53 bh.contextweb.com udp
US 1.1.1.1:53 bh.contextweb.com udp
US 1.1.1.1:53 am1-direct-bgp.contextweb.com udp
US 1.1.1.1:53 ce.lijit.com udp
US 1.1.1.1:53 ce.lijit.com udp
US 1.1.1.1:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 54.186.195.209:443 api2.amplitude.com tcp
US 1.1.1.1:53 image6.pubmatic.com udp
US 1.1.1.1:53 image6.pubmatic.com udp
US 1.1.1.1:53 pugm-lhrc.pubmnet.com udp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
JP 124.146.153.166:443 tg.socdm.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
IE 52.51.66.121:443 pr-bh.ybp.yahoo.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 8.18.47.7:443 match.deepintent.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 54.73.162.61:443 ce.lijit.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
GB 18.172.153.117:443 placement-prd.jwpltx.com tcp
US 1.1.1.1:53 ads.yieldmo.com udp
US 1.1.1.1:53 ads.yieldmo.com udp
US 1.1.1.1:53 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
IE 52.51.66.121:443 pr-bh.ybp.yahoo.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 8.18.47.7:443 match.deepintent.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 54.73.162.61:443 ce.lijit.com tcp
US 1.1.1.1:53 acdn.adnxs.com udp
US 1.1.1.1:53 acdn.adnxs.com udp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 1.1.1.1:53 e6115.g.akamaiedge.net udp
US 1.1.1.1:53 public.servenobid.com udp
US 1.1.1.1:53 public.servenobid.com udp
US 1.1.1.1:53 cm.adform.net udp
US 1.1.1.1:53 cm.adform.net udp
US 1.1.1.1:53 contextual.media.net udp
US 1.1.1.1:53 contextual.media.net udp
US 1.1.1.1:53 track-eu.adformnet.akadns.net udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 34.149.50.64:443 s.seedtag.com udp
IE 54.220.241.253:443 ads.yieldmo.com tcp
IE 54.220.241.253:443 ads.yieldmo.com tcp
IE 54.220.241.253:443 ads.yieldmo.com tcp
US 1.1.1.1:53 usersync.gumgum.com udp
US 1.1.1.1:53 usersync.gumgum.com udp
US 151.101.193.108:443 acdn.adnxs.com tcp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
GB 108.156.39.44:443 public.servenobid.com tcp
US 1.1.1.1:53 dsp.nrich.ai udp
US 1.1.1.1:53 dsp.nrich.ai udp
DK 37.157.2.230:443 cm.adform.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 92.123.240.21:443 contextual.media.net tcp
IE 54.220.241.253:443 ads.yieldmo.com tcp
NL 35.214.140.44:443 csync.loopme.me tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 54.220.241.253:443 ads.yieldmo.com tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
GB 108.156.39.44:443 public.servenobid.com tcp
DK 37.157.2.230:443 cm.adform.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
GB 92.123.240.21:443 contextual.media.net tcp
NL 35.214.140.44:443 csync.loopme.me tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
FR 51.68.39.188:443 dsp.nrich.ai tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
FR 51.68.39.188:443 dsp.nrich.ai tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
US 1.1.1.1:53 cms.quantserve.com udp
US 1.1.1.1:53 cms.quantserve.com udp
US 1.1.1.1:53 cs.yellowblue.io udp
US 1.1.1.1:53 cs.yellowblue.io udp
US 1.1.1.1:53 rtb.mfadsrvr.com udp
US 1.1.1.1:53 rtb.mfadsrvr.com udp
US 1.1.1.1:53 sync.mathtag.com udp
US 1.1.1.1:53 sync.mathtag.com udp
US 1.1.1.1:53 pixel-eu.rubiconproject.com udp
US 1.1.1.1:53 pixel-eu.rubiconproject.com udp
US 1.1.1.1:53 ads.stickyadstv.com udp
US 1.1.1.1:53 ads.stickyadstv.com udp
US 1.1.1.1:53 pixel.rubiconproject.com udp
US 1.1.1.1:53 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com udp
US 1.1.1.1:53 cs.admanmedia.com udp
US 1.1.1.1:53 pixel-origin.mathtag.com udp
US 1.1.1.1:53 pixel-eu.rubiconproject.net.akadns.net udp
US 1.1.1.1:53 t.adx.opera.com udp
US 1.1.1.1:53 a179.b.akamai.net udp
US 1.1.1.1:53 ssbsync-global.smartadserver.com udp
US 1.1.1.1:53 ssbsync-global.smartadserver.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
US 1.1.1.1:53 outspot2-ams.adx.opera.com udp
US 1.1.1.1:53 spl.zeotap.com udp
US 1.1.1.1:53 spl.zeotap.com udp
US 1.1.1.1:53 ssbsync-euw2.smartadserver.com udp
IE 52.210.15.1:443 usersync.gumgum.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
IE 54.171.90.29:443 cs.yellowblue.io tcp
US 1.1.1.1:53 entitlements.jwplayer.com udp
US 1.1.1.1:53 entitlements.jwplayer.com udp
US 1.1.1.1:53 imasdk.googleapis.com udp
US 1.1.1.1:53 imasdk.googleapis.com udp
IE 54.171.90.29:443 cs.yellowblue.io tcp
US 1.1.1.1:53 cs386.wpc.edgecastcdn.net udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
US 216.200.232.253:443 sync.mathtag.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
FR 5.135.209.101:443 ssbsync-global.smartadserver.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
IE 54.171.90.29:443 cs.yellowblue.io tcp
US 1.1.1.1:53 eu-u.openx.net udp
US 1.1.1.1:53 eu-u.openx.net udp
US 35.227.252.103:443 rtb.openx.net udp
US 1.1.1.1:53 dis.criteo.com udp
US 1.1.1.1:53 dis.criteo.com udp
US 1.1.1.1:53 widget.nl3.vip.prod.criteo.com udp
IE 52.51.66.121:443 pr-bh.ybp.yahoo.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 1.1.1.1:53 prd.jwpltx.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
FR 152.199.22.243:443 entitlements.jwplayer.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
IE 54.171.90.29:443 cs.yellowblue.io tcp
IE 54.171.90.29:443 cs.yellowblue.io tcp
US 34.98.64.218:443 eu-u.openx.net tcp
US 1.1.1.1:53 media.bidgx.com udp
US 1.1.1.1:53 media.bidgx.com udp
US 80.77.87.163:443 cs.admanmedia.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
IE 52.51.66.121:443 pr-bh.ybp.yahoo.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
FR 152.199.22.243:443 entitlements.jwplayer.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
GB 142.250.180.10:443 imasdk.googleapis.com tcp
GB 108.156.39.83:443 prd.jwpltx.com tcp
US 34.98.64.218:443 eu-u.openx.net tcp
US 34.98.64.218:443 eu-u.openx.net tcp
US 34.98.64.218:443 eu-u.openx.net udp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
GB 142.250.180.10:443 imasdk.googleapis.com tcp
GB 108.156.39.83:443 prd.jwpltx.com tcp
US 34.98.64.218:443 eu-u.openx.net tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
US 172.67.170.105:443 media.bidgx.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 3.220.162.84:443 pixel.adsafeprotected.com tcp
US 1.1.1.1:53 assets-jpcust.jwpsrv.com udp
US 1.1.1.1:53 assets-jpcust.jwpsrv.com udp
US 151.101.66.114:443 assets-jpcust.jwpsrv.com tcp
US 1.1.1.1:53 s.tribalfusion.com udp
US 1.1.1.1:53 s.tribalfusion.com udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 151.101.66.114:443 assets-jpcust.jwpsrv.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 104.18.25.173:443 s.tribalfusion.com udp
GB 108.156.39.83:443 prd.jwpltx.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 104.18.24.173:443 s.tribalfusion.com tcp
US 1.1.1.1:53 btloader.com udp
US 1.1.1.1:53 btloader.com udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 104.22.74.216:443 btloader.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 104.18.24.173:443 s.tribalfusion.com udp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 load77.exelator.com udp
US 1.1.1.1:53 load77.exelator.com udp
GB 195.181.164.16:443 load77.exelator.com tcp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
US 1.1.1.1:53 e8960.b.akamaiedge.net udp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 1.1.1.1:53 pixel-sync.sitescout.com udp
US 1.1.1.1:53 pixel-sync.sitescout.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 1.1.1.1:53 ums.acuityplatform.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 89.149.192.75:443 ssbsync.smartadserver.com tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 1.1.1.1:53 g2.gumgum.com udp
US 1.1.1.1:53 g2.gumgum.com udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 1.1.1.1:53 cs-server-s2s.yellowblue.io udp
US 1.1.1.1:53 cs-server-s2s.yellowblue.io udp
US 1.1.1.1:53 cdn.dxkulture.com udp
US 1.1.1.1:53 cdn.dxkulture.com udp
US 1.1.1.1:53 p.rfihub.com udp
US 1.1.1.1:53 p.rfihub.com udp
US 1.1.1.1:53 prebid.a-mo.net udp
US 1.1.1.1:53 prebid.a-mo.net udp
US 1.1.1.1:53 ssp.disqus.com udp
US 1.1.1.1:53 ssp.disqus.com udp
US 1.1.1.1:53 a-emea.rfihub.com.akadns.net udp
US 1.1.1.1:53 am6-prebid.a-mx.net udp
US 1.1.1.1:53 zeta-ssp-385516103.us-east-1.elb.amazonaws.com udp
US 1.1.1.1:53 hbx.media.net udp
US 1.1.1.1:53 hbx.media.net udp
IE 63.33.2.172:443 g2.gumgum.com tcp
GB 92.123.240.21:443 contextual.media.net udp
US 54.208.222.196:443 cs-server-s2s.yellowblue.io tcp
US 172.64.145.29:443 cdn.dxkulture.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
US 69.166.1.66:443 sync.go.sonobi.com tcp
NL 147.75.84.158:443 prebid.a-mo.net tcp
US 52.204.22.109:443 ssp.disqus.com tcp
GB 2.23.220.28:443 hbx.media.net tcp
IE 63.33.2.172:443 g2.gumgum.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
FR 5.135.209.101:443 ssbsync-global.smartadserver.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 1.1.1.1:53 dsp.adfarm1.adition.com udp
US 1.1.1.1:53 dsp.adfarm1.adition.com udp
US 1.1.1.1:53 rtb-csync.smartadserver.com udp
US 1.1.1.1:53 rtb-csync.smartadserver.com udp
US 1.1.1.1:53 rtb-csync-euw1.smartadserver.com udp
DE 85.114.159.118:443 dsp.adfarm1.adition.com tcp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
NL 35.214.150.98:443 csync.loopme.me tcp
US 1.1.1.1:53 i.liadm.com udp
US 1.1.1.1:53 i.liadm.com udp
US 1.1.1.1:53 match.adsby.bidtheatre.com udp
US 1.1.1.1:53 match.adsby.bidtheatre.com udp
US 1.1.1.1:53 cm.ctnsnet.com udp
US 1.1.1.1:53 cm.ctnsnet.com udp
US 1.1.1.1:53 rtb.adentifi.com udp
US 1.1.1.1:53 rtb.adentifi.com udp
US 1.1.1.1:53 trace.mediago.io udp
US 1.1.1.1:53 trace.mediago.io udp
US 1.1.1.1:53 idaas-ext.cph.liveintent.com udp
GB 108.156.39.83:443 prd.jwpltx.com tcp
US 34.98.64.218:443 eu-u.openx.net udp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 18.211.13.3:443 i.liadm.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
US 35.186.193.173:443 cm.ctnsnet.com tcp
US 44.199.126.48:443 rtb.adentifi.com tcp
US 35.208.249.213:443 trace.mediago.io tcp
US 18.211.13.3:443 i.liadm.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
US 35.186.193.173:443 cm.ctnsnet.com tcp
US 44.199.126.48:443 rtb.adentifi.com tcp
US 35.208.249.213:443 trace.mediago.io tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 1.1.1.1:53 px.ads.linkedin.com udp
US 1.1.1.1:53 px.ads.linkedin.com udp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 1.1.1.1:53 pixel-us-east.rubiconproject.com udp
US 1.1.1.1:53 pixel-us-east.rubiconproject.com udp
US 1.1.1.1:53 pixel-us-east.rubiconproject.net.akadns.net udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 34.111.113.62:443 pixel.tapad.com udp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 172.67.170.105:443 media.bidgx.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 1.1.1.1:53 cdn.doubleverify.com udp
US 1.1.1.1:53 cdn.doubleverify.com udp
US 54.145.147.121:443 sync.ipredictive.com tcp
GB 23.200.147.25:443 cdn.doubleverify.com tcp
GB 2.23.220.28:443 hbx.media.net udp
US 1.1.1.1:53 ads.dxkulture.com udp
US 1.1.1.1:53 ads.dxkulture.com udp
US 1.1.1.1:53 ad-delivery.net udp
US 1.1.1.1:53 api.btloader.com udp
US 1.1.1.1:53 api.btloader.com udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 1.1.1.1:53 sync.adkernel.com udp
US 1.1.1.1:53 sync.adkernel.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 1.1.1.1:53 1.cpm.ak-is2.net udp
US 45.55.126.71:443 ads.dxkulture.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 1.1.1.1:53 dt.adsafeprotected.com udp
US 1.1.1.1:53 dt.adsafeprotected.com udp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 1.1.1.1:53 m.media-amazon.com udp
US 1.1.1.1:53 m.media-amazon.com udp
US 1.1.1.1:53 ts.amazon-adsystem.com udp
US 1.1.1.1:53 ts.amazon-adsystem.com udp
US 35.186.193.173:443 cm.ctnsnet.com udp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
GB 18.245.218.63:443 ts.amazon-adsystem.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 1.1.1.1:53 srv.bidgx.com udp
US 1.1.1.1:53 srv.bidgx.com udp
US 1.1.1.1:53 ssum.casalemedia.com udp
US 1.1.1.1:53 ssum.casalemedia.com udp
US 35.208.249.213:443 trace.mediago.io udp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 104.21.28.80:443 srv.bidgx.com tcp
US 1.1.1.1:53 sync.crwdcntrl.net udp
US 1.1.1.1:53 sync.crwdcntrl.net udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
US 34.203.25.84:443 dt.adsafeprotected.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 104.18.36.155:443 ssum.casalemedia.com tcp
US 104.21.28.80:443 srv.bidgx.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
US 34.203.25.84:443 dt.adsafeprotected.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 104.18.36.155:443 ssum.casalemedia.com tcp
US 1.1.1.1:53 cr.frontend.weborama.fr udp
US 1.1.1.1:53 cr.frontend.weborama.fr udp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 1.1.1.1:53 mwzeom.zeotap.com udp
US 1.1.1.1:53 mwzeom.zeotap.com udp
IE 54.220.158.112:443 sync.crwdcntrl.net tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 1.1.1.1:53 um.simpli.fi udp
US 1.1.1.1:53 um.simpli.fi udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 1.1.1.1:53 ad.mrtnsvr.com udp
US 1.1.1.1:53 ad.mrtnsvr.com udp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
IE 54.220.158.112:443 sync.crwdcntrl.net tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 1.1.1.1:53 d5p.de17a.com udp
US 1.1.1.1:53 d5p.de17a.com udp
US 1.1.1.1:53 cm-supply-web.gammaplatform.com udp
US 1.1.1.1:53 cm-supply-web.gammaplatform.com udp
US 1.1.1.1:53 ipac.ctnsnet.com udp
US 1.1.1.1:53 ipac.ctnsnet.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
US 1.1.1.1:53 core.iprom.net udp
US 1.1.1.1:53 core.iprom.net udp
US 1.1.1.1:53 cm.adgrx.com udp
US 1.1.1.1:53 cm.adgrx.com udp
DE 91.228.74.159:443 cms.quantserve.com tcp
US 1.1.1.1:53 rtb.adgrx.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 104.21.28.80:443 srv.bidgx.com udp
US 1.1.1.1:53 pubmatic-match.dotomi.com udp
US 1.1.1.1:53 pubmatic-match.dotomi.com udp
US 1.1.1.1:53 ad.turn.com udp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 104.18.36.155:443 ssum.casalemedia.com udp
IE 34.248.189.186:443 match.prod.bidr.io tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
SE 213.155.156.168:443 d5p.de17a.com tcp
NL 35.214.150.98:443 csync.loopme.me tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
IE 54.217.19.5:443 cm.adgrx.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 1.1.1.1:53 simage2.pubmatic.com udp
US 1.1.1.1:53 simage2.pubmatic.com udp
US 1.1.1.1:53 sonata-notifications.taptapnetworks.com udp
US 1.1.1.1:53 sonata-notifications.taptapnetworks.com udp
US 1.1.1.1:53 pug-ams-bc.pubmnet.com udp
US 1.1.1.1:53 simage4.pubmatic.com udp
US 1.1.1.1:53 simage4.pubmatic.com udp
US 35.186.193.173:443 ipac.ctnsnet.com udp
US 1.1.1.1:53 spug-lhrc.pubmnet.com udp
US 1.1.1.1:53 capi.connatix.com udp
US 1.1.1.1:53 capi.connatix.com udp
US 1.1.1.1:53 capi.connatix.com.cdn.cloudflare.net udp
DE 52.28.34.225:443 sonata-notifications.taptapnetworks.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 1.1.1.1:53 image4.pubmatic.com udp
US 1.1.1.1:53 image4.pubmatic.com udp
US 104.18.41.104:443 capi.connatix.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 1.1.1.1:53 spug-amsfpairbc.pubmnet.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
DE 52.28.34.225:443 sonata-notifications.taptapnetworks.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
GB 185.64.190.81:443 image4.pubmatic.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
GB 185.64.190.81:443 image4.pubmatic.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 130.211.23.194:443 api.btloader.com udp
DE 91.228.74.159:443 cms.quantserve.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 151.101.1.16:443 m.media-amazon.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 1.1.1.1:53 s2.paa-reporting-advertising.amazon udp
US 1.1.1.1:53 s2.paa-reporting-advertising.amazon udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 54.192.137.121:443 s2.paa-reporting-advertising.amazon tcp
GB 54.192.137.121:443 s2.paa-reporting-advertising.amazon tcp
US 1.1.1.1:53 images-eu.ssl-images-amazon.com udp
US 1.1.1.1:53 images-eu.ssl-images-amazon.com udp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
US 151.101.1.16:443 images-eu.ssl-images-amazon.com tcp
US 1.1.1.1:53 i.ytimg.com udp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
US 1.1.1.1:53 aes.eu-west.3px.axp.amazon-adsystem.com udp
US 1.1.1.1:53 aes.eu-west.3px.axp.amazon-adsystem.com udp
US 1.1.1.1:53 aes-p-aespr-1gkttdctgiktw-30021760.eu-west-1.elb.amazonaws.com udp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
US 1.1.1.1:53 idsync.rlcdn.com udp
US 1.1.1.1:53 idsync.rlcdn.com udp
US 151.101.1.16:443 images-eu.ssl-images-amazon.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
IE 52.212.91.251:443 aes.eu-west.3px.axp.amazon-adsystem.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
US 151.101.1.16:443 images-eu.ssl-images-amazon.com udp
IE 34.248.189.186:443 match.prod.bidr.io tcp
IE 52.212.91.251:443 aes.eu-west.3px.axp.amazon-adsystem.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
IE 34.248.189.186:443 match.prod.bidr.io tcp
SI 195.5.165.20:443 core.iprom.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 104.18.41.104:443 capi.connatix.com udp
US 1.1.1.1:53 analytics.google.com udp
BE 66.102.1.157:443 stats.g.doubleclick.net udp
US 216.239.36.181:443 analytics.google.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
BE 66.102.1.157:443 stats.g.doubleclick.net tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
BE 66.102.1.157:443 stats.g.doubleclick.net tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
GB 142.250.187.228:443 www.google.com udp
US 54.162.50.227:443 sync.srv.stackadapt.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
GB 142.250.187.228:443 www.google.com tcp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
US 54.145.147.121:443 sync.ipredictive.com tcp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
NL 134.122.57.34:443 match.adsby.bidtheatre.com tcp
US 1.1.1.1:53 sq-tungsten-ts-eu.amazon-adsystem.com udp
US 1.1.1.1:53 sq-tungsten-ts-eu.amazon-adsystem.com udp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 216.239.36.181:443 analytics.google.com udp
GB 142.250.178.22:443 i.ytimg.com udp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 googleads.g.doubleclick.net udp
US 1.1.1.1:53 store.steampowered.com udp
US 1.1.1.1:53 store.steampowered.com udp
GB 2.22.5.116:443 store.steampowered.com tcp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.169.78:443 www.youtube.com udp
US 1.1.1.1:53 store.akamai.steamstatic.com udp
US 1.1.1.1:53 store.akamai.steamstatic.com udp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
US 1.1.1.1:53 cdn.akamai.steamstatic.com udp
US 1.1.1.1:53 cdn.akamai.steamstatic.com udp
US 1.1.1.1:53 shared.akamai.steamstatic.com udp
US 1.1.1.1:53 shared.akamai.steamstatic.com udp
GB 104.86.110.72:443 shared.akamai.steamstatic.com tcp
GB 104.86.110.72:443 shared.akamai.steamstatic.com tcp
GB 104.86.110.72:443 shared.akamai.steamstatic.com tcp
GB 104.86.110.72:443 shared.akamai.steamstatic.com tcp
GB 104.86.110.72:443 shared.akamai.steamstatic.com tcp
GB 92.123.140.8:443 cdn.akamai.steamstatic.com tcp
GB 92.123.140.8:443 cdn.akamai.steamstatic.com tcp
GB 92.123.140.8:443 cdn.akamai.steamstatic.com tcp
GB 92.123.140.8:443 cdn.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
GB 23.59.171.10:443 store.akamai.steamstatic.com tcp
US 1.1.1.1:53 api.steampowered.com udp
US 1.1.1.1:53 api.steampowered.com udp
GB 104.82.234.109:443 api.steampowered.com tcp
US 1.1.1.1:53 clan.akamai.steamstatic.com udp
US 1.1.1.1:53 clan.akamai.steamstatic.com udp
GB 23.59.171.10:443 clan.akamai.steamstatic.com tcp
GB 2.22.5.116:443 store.steampowered.com tcp
US 1.1.1.1:53 community.akamai.steamstatic.com udp
US 1.1.1.1:53 community.akamai.steamstatic.com udp
GB 104.86.110.35:443 community.akamai.steamstatic.com tcp
US 1.1.1.1:53 store.steampowered.com udp
US 1.1.1.1:53 avatars.akamai.steamstatic.com udp
US 1.1.1.1:53 avatars.akamai.steamstatic.com udp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
GB 92.123.143.240:443 avatars.akamai.steamstatic.com tcp
US 1.1.1.1:53 store.akamai.steamstatic.com udp
US 1.1.1.1:53 shared.akamai.steamstatic.com udp
US 1.1.1.1:53 shared.akamai.steamstatic.com udp
US 1.1.1.1:53 store.steampowered.com udp
US 1.1.1.1:53 steamcommunity.com udp
US 1.1.1.1:53 steamcommunity.com udp
US 1.1.1.1:53 help.steampowered.com udp
US 1.1.1.1:53 help.steampowered.com udp
GB 104.82.234.109:443 help.steampowered.com tcp
GB 104.82.234.109:443 help.steampowered.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 34.160.144.191:443 content-signature-chains.prod.autograph.services.mozaws.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:01

Platform

debian9-armhf-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:01

Platform

debian9-mipsbe-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:01

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 10:58

Reported

2024-06-06 11:31

Platform

win10v2004-20240508-en

Max time kernel

1730s

Max time network

1685s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3836 wrote to memory of 5040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 5040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3836 wrote to memory of 1080 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e53746f8,0x7ff9e5374708,0x7ff9e5374718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,5992374667970776169,1912689011590136562,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4940 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:80 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
NL 23.62.61.72:443 www.bing.com tcp
US 8.8.8.8:53 72.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 252.15.104.51.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4158365912175436289496136e7912c2
SHA1 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59
SHA256 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1
SHA512 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

\??\pipe\LOCAL\crashpad_3836_UIDRXSLCUYDNKENC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ce4c898f8fc7601e2fbc252fdadb5115
SHA1 01bf06badc5da353e539c7c07527d30dccc55a91
SHA256 bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa
SHA512 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ff2dd66851382896b8b40e038e0a903d
SHA1 b31cd78a65752e0b3c5fcdf8b17eb2b608114b57
SHA256 dbd9a0c8ba18da6ec8e364194ecf83743414c1ad7c833714dad32f8af8608bf2
SHA512 6fd5783996c75d141bc49683d7c6a89708f7870d58b16eef19e3875805a36819143a01c4e76bddffca5f669f7ddfeb0bd7162962a46547588131a502fecdee65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a3baa4785308bfce3fe2467ac124a793
SHA1 5a325ba8d2c91a31a83c091b4f4acc426f98767e
SHA256 bc019eeea807bd9537e23e3161d364bff8707a17a9f525391de25e08efb193ac
SHA512 d9467d0acb2ed1c037834200032a84eefea816437848eeaaa436d241180ec0d221cac42a50f44f6826b7998c67c7b6b6cfd754880c5656be02e57d427b2c6302

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a7cd5327c41107f761c3a2323ad6b373
SHA1 7d5e455f246772d984efbc64cbba2fffe37e0979
SHA256 8c412bf9a6102801d6cfacaefcb92aba1cc644a5df62fa6fac40ddf7058dc021
SHA512 d4298d911484fdd64f2b278de1cf6cac9c6c85b7b19a424919698da9a36fa6f40289b42c93d40f591f287c19e3609227f69a5afb4c6cbc7a6b7cf4fbb48ec3b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b9a8a2e4a45239679eb59dad2d7527ad
SHA1 08d6ddf7f263a09eef2d38759e08468c75550efb
SHA256 fb8957707153f2bac34ebf9e017f09b99ce9c4ed7a72f676d6adfbd22fe97578
SHA512 39263807ec85471ad6eafe88fa0cca092d8d27bafa1a4792797f065eaeda996c3f74ec11e3535ffebefc15552cece4a30b42b58f8288c79c4145a83426b23325

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d4ab73a5be81b9b9a127088364595b48
SHA1 d7ca1ef4a8eef2f1b91355119f7fa16e61ec0111
SHA256 713d0928120c2392b95bc9fbb97ec35154695ed8bd640a204a79509c5c0c6b5a
SHA512 15f2cda23e7b63af4de23259a4944022d645325970cee17964978e8b2fa18367f8cae3a815c368629533cfe4f14162c51ebe8a6860b253e7d6675dc2ed0c2bda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a0969ef35f186925f0c292cf59bdcf5b
SHA1 2fabf7be71392c1d80085224770b609a68ed97f0
SHA256 00a50f039ffa79def7d1789d5922fa1ff05263ecc35b0a9014ebb22edcdf834a
SHA512 606e140004ac68ac6e043826f3d7be4587d187b832f80e315e6ee411f582137f9da5c38aacc325157c560e2836f48fc575bd1623e6989fa6c8dc8858b7680cbe