hxxps://www[.]robiox[.]com[.]kg/users/834086319/profile

Analysis

max time kernel
68s
max time network
69s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
17/03/2025, 17:57 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.robiox.com.kg/users/834086319/profile

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133867078604348114"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs

pid	Process
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe
Token: SeShutdownPrivilege	4392	chrome.exe
Token: SeCreatePagefilePrivilege	4392	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4392 wrote to memory of 5228	4392	chrome.exe	85
PID 4392 wrote to memory of 5228	4392	chrome.exe	85
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 5380	4392	chrome.exe	86
PID 4392 wrote to memory of 6128	4392	chrome.exe	87
PID 4392 wrote to memory of 6128	4392	chrome.exe	87
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88
PID 4392 wrote to memory of 2376	4392	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.robiox.com.kg/users/834086319/profile
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffa76edcf8,0x7fffa76edd04,0x7fffa76edd10
  2⤵
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1924,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:5380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1536,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  PID:6128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2340,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2324 /prefetch:8
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4384,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4408 /prefetch:2
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4540,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4856,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4884 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5016,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6128,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=6440,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6356 /prefetch:1
  2⤵
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=6532,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=6288,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6520 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4844,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4996,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6696 /prefetch:8
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4916,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6708,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6680 /prefetch:8
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5012,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6644 /prefetch:8
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4920,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6644 /prefetch:1
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4512,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4500 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5048,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4892,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6188,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5096,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6316,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4444 /prefetch:1
  2⤵
  PID:336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6356,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6728,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4412 /prefetch:1
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4876,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6724,i,17848332388966124701,16645194442475105045,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6528 /prefetch:1
  2⤵
  PID:1844

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:4384

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5384

Network

DNS

www.robiox.com.kg

chrome.exe

Remote address:

8.8.8.8:53

Request

www.robiox.com.kg

IN A

Response

www.robiox.com.kg

IN CNAME

robiox.com.kg

robiox.com.kg

IN A

5.252.33.166
DNS

css.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

css.rbxcdn.com

IN A

Response

css.rbxcdn.com

IN CNAME

cssns1.rbxcdn.com

cssns1.rbxcdn.com

IN CNAME

cssak.rbxcdn.com

cssak.rbxcdn.com

IN CNAME

css.rbxcdn.edgesuite.net

css.rbxcdn.edgesuite.net

IN CNAME

a1962.dscw27.akamai.net

a1962.dscw27.akamai.net

IN A

2.18.190.79

a1962.dscw27.akamai.net

IN A

2.18.190.80
DNS

static.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

static.rbxcdn.com

IN A

Response

static.rbxcdn.com

IN CNAME

staticns1.rbxcdn.com

staticns1.rbxcdn.com

IN CNAME

staticak.rbxcdn.com

staticak.rbxcdn.com

IN CNAME

static.rbxcdn.edgesuite.net

static.rbxcdn.edgesuite.net

IN CNAME

a1992.w27.akamai.net

a1992.w27.akamai.net

IN A

2.18.190.78

a1992.w27.akamai.net

IN A

2.18.190.70
DNS

js.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.rbxcdn.com

IN A

Response

js.rbxcdn.com

IN CNAME

jsns1.rbxcdn.com

jsns1.rbxcdn.com

IN CNAME

jsak.rbxcdn.com

jsak.rbxcdn.com

IN CNAME

jsak.rbxcdn.com.edgesuite.net

jsak.rbxcdn.com.edgesuite.net

IN CNAME

a1993.g.akamai.net

a1993.g.akamai.net

IN A

104.77.160.76

a1993.g.akamai.net

IN A

104.77.160.91
DNS

roblox-api.arkoselabs.com

chrome.exe

Remote address:

8.8.8.8:53

Request

roblox-api.arkoselabs.com

IN A

Response

roblox-api.arkoselabs.com

IN CNAME

d2w650xp5tniea.cloudfront.net

d2w650xp5tniea.cloudfront.net

IN A

3.165.148.115

d2w650xp5tniea.cloudfront.net

IN A

3.165.148.112

d2w650xp5tniea.cloudfront.net

IN A

3.165.148.10

d2w650xp5tniea.cloudfront.net

IN A

3.165.148.81
DNS

tr.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tr.rbxcdn.com

IN A

Response

tr.rbxcdn.com

IN CNAME

trns1.rbxcdn.com

trns1.rbxcdn.com

IN CNAME

trak.rbxcdn.com

trak.rbxcdn.com

IN CNAME

tr.rbxcdn.com.edgesuite.net

tr.rbxcdn.com.edgesuite.net

IN CNAME

a1831.dscd.akamai.net

a1831.dscd.akamai.net

IN A

2.18.190.180
DNS

images.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

images.rbxcdn.com

IN A

Response

images.rbxcdn.com

IN CNAME

imagesns1.rbxcdn.com

imagesns1.rbxcdn.com

IN CNAME

imagesak.rbxcdn.com

imagesak.rbxcdn.com

IN CNAME

images.rbxcdn.edgesuite.net

images.rbxcdn.edgesuite.net

IN CNAME

a1899.dscw27.akamai.net

a1899.dscw27.akamai.net

IN A

2.18.190.73

a1899.dscw27.akamai.net

IN A

2.18.190.75
DNS

roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

roblox.com

IN A

Response

roblox.com

IN A

128.116.119.4
DNS

ssl.google-analytics.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

216.58.204.72
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.200.4
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.180.2
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

216.58.212.234

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

216.58.212.202

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

142.250.200.10
DNS

region1.google-analytics.com

chrome.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.34.36

region1.google-analytics.com

IN A

216.239.32.36
DNS

fra4-128-116-44-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fra4-128-116-44-3.roblox.com

IN A

Response

fra4-128-116-44-3.roblox.com

IN A

128.116.44.3
DNS

sc0ak.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sc0ak.rbxcdn.com

IN A

Response

sc0ak.rbxcdn.com

IN CNAME

sc0ak.rbxcdn.com.akamaized.net

sc0ak.rbxcdn.com.akamaized.net

IN CNAME

a2047.dscw27.akamai.net

a2047.dscw27.akamai.net

IN A

2.18.190.83

a2047.dscw27.akamai.net

IN A

2.18.190.82

a2047.dscw27.akamai.net

IN A

2.18.190.75

a2047.dscw27.akamai.net

IN A

2.18.190.73

a2047.dscw27.akamai.net

IN A

2.18.190.69

a2047.dscw27.akamai.net

IN A

2.18.190.74

a2047.dscw27.akamai.net

IN A

2.18.190.72

a2047.dscw27.akamai.net

IN A

2.18.190.70

a2047.dscw27.akamai.net

IN A

2.18.190.81
DNS

bom1-128-116-104-4.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

bom1-128-116-104-4.roblox.com

IN A

Response

bom1-128-116-104-4.roblox.com

IN A

128.116.104.4
DNS

lhr2-128-116-119-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

lhr2-128-116-119-3.roblox.com

IN A

Response

lhr2-128-116-119-3.roblox.com

IN A

128.116.119.3
DNS

ord2-128-116-101-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ord2-128-116-101-3.roblox.com

IN A

Response

ord2-128-116-101-3.roblox.com

IN A

128.116.101.3
DNS

sc0.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sc0.rbxcdn.com

IN A

Response

sc0.rbxcdn.com

IN CNAME

sc0ns1.rbxcdn.com

sc0ns1.rbxcdn.com

IN CNAME

sc0ak.rbxcdn.com

sc0ak.rbxcdn.com

IN CNAME

sc0ak.rbxcdn.com.akamaized.net

sc0ak.rbxcdn.com.akamaized.net

IN CNAME

a2047.dscw27.akamai.net

a2047.dscw27.akamai.net

IN A

2.18.190.69

a2047.dscw27.akamai.net

IN A

2.18.190.74

a2047.dscw27.akamai.net

IN A

2.18.190.75

a2047.dscw27.akamai.net

IN A

2.18.190.73

a2047.dscw27.akamai.net

IN A

2.18.190.70

a2047.dscw27.akamai.net

IN A

2.18.190.83

a2047.dscw27.akamai.net

IN A

2.18.190.72

a2047.dscw27.akamai.net

IN A

2.18.190.82

a2047.dscw27.akamai.net

IN A

2.18.190.76
DNS

ams2-128-116-21-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ams2-128-116-21-3.roblox.com

IN A

Response

ams2-128-116-21-3.roblox.com

IN A

128.116.21.3
DNS

sea1-128-116-115-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sea1-128-116-115-3.roblox.com

IN A

Response

sea1-128-116-115-3.roblox.com

IN A

128.116.115.3
DNS

dfw2-128-116-95-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dfw2-128-116-95-3.roblox.com

IN A

Response

dfw2-128-116-95-3.roblox.com

IN A

128.116.95.3
DNS

mia4-128-116-45-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

mia4-128-116-45-3.roblox.com

IN A

Response

mia4-128-116-45-3.roblox.com

IN A

128.116.45.3
DNS

ep1.adtrafficquality.google

chrome.exe

Remote address:

8.8.8.8:53

Request

ep1.adtrafficquality.google

IN A

Response

ep1.adtrafficquality.google

IN A

172.217.16.226
DNS

ep2.adtrafficquality.google

chrome.exe

Remote address:

8.8.8.8:53

Request

ep2.adtrafficquality.google

IN A

Response

ep2.adtrafficquality.google

IN A

216.58.212.225
DNS

t7.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

t7.rbxcdn.com

IN A

Response

t7.rbxcdn.com

IN CNAME

t7ns1.rbxcdn.com

t7ns1.rbxcdn.com

IN CNAME

t7ak.rbxcdn.com

t7ak.rbxcdn.com

IN CNAME

thumbnails.roblox.com.edgesuite.net

thumbnails.roblox.com.edgesuite.net

IN CNAME

a1904.dscw27.akamai.net

a1904.dscw27.akamai.net

IN A

2.18.190.72

a1904.dscw27.akamai.net

IN A

2.18.190.69
DNS

ecsv2.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ecsv2.roblox.com

IN A

Response

ecsv2.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

sc0aws.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sc0aws.rbxcdn.com

IN A

Response

sc0aws.rbxcdn.com

IN CNAME

d2yzw3aiudktwi.cloudfront.net

d2yzw3aiudktwi.cloudfront.net

IN A

18.172.88.122

d2yzw3aiudktwi.cloudfront.net

IN A

18.172.88.36

d2yzw3aiudktwi.cloudfront.net

IN A

18.172.88.27

d2yzw3aiudktwi.cloudfront.net

IN A

18.172.88.44
DNS

cdg2-128-116-13-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdg2-128-116-13-3.roblox.com

IN A

Response

cdg2-128-116-13-3.roblox.com

IN A

128.116.13.3
DNS

nrt1-128-116-120-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

nrt1-128-116-120-3.roblox.com

IN A

Response

nrt1-128-116-120-3.roblox.com

IN A

128.116.120.3
DNS

iad4-128-116-102-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

iad4-128-116-102-3.roblox.com

IN A

Response

iad4-128-116-102-3.roblox.com

IN A

128.116.102.3
DNS

lax4-128-116-63-3.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

lax4-128-116-63-3.roblox.com

IN A

Response

lax4-128-116-63-3.roblox.com

IN A

128.116.63.3
DNS

www.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.roblox.com

IN A

Response

www.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

ogads-pa.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ogads-pa.googleapis.com

IN A

Response

ogads-pa.googleapis.com

IN A

142.250.187.234

ogads-pa.googleapis.com

IN A

216.58.213.10

ogads-pa.googleapis.com

IN A

172.217.169.10

ogads-pa.googleapis.com

IN A

172.217.16.234

ogads-pa.googleapis.com

IN A

142.250.187.202

ogads-pa.googleapis.com

IN A

216.58.212.202

ogads-pa.googleapis.com

IN A

172.217.169.42

ogads-pa.googleapis.com

IN A

142.250.179.234

ogads-pa.googleapis.com

IN A

142.250.200.10

ogads-pa.googleapis.com

IN A

142.250.180.10

ogads-pa.googleapis.com

IN A

142.250.178.10

ogads-pa.googleapis.com

IN A

216.58.201.106

ogads-pa.googleapis.com

IN A

216.58.204.74

ogads-pa.googleapis.com

IN A

142.250.200.42
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.206
DNS

rbiox.com.kg

chrome.exe

Remote address:

8.8.8.8:53

Request

rbiox.com.kg

IN A

Response
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

rbiox.com.kg

chrome.exe

Remote address:

8.8.8.8:53

Request

rbiox.com.kg

IN A

Response
DNS

robiox.com.kg

chrome.exe

Remote address:

8.8.8.8:53

Request

robiox.com.kg

IN A

Response

robiox.com.kg

IN A

5.252.33.166
DNS

css.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

css.rbxcdn.com

IN A

Response

css.rbxcdn.com

IN CNAME

cssns1.rbxcdn.com

cssns1.rbxcdn.com

IN CNAME

cssak.rbxcdn.com

cssak.rbxcdn.com

IN CNAME

css.rbxcdn.edgesuite.net

css.rbxcdn.edgesuite.net

IN CNAME

a1962.dscw27.akamai.net

a1962.dscw27.akamai.net

IN A

2.18.190.80

a1962.dscw27.akamai.net

IN A

2.18.190.79
DNS

static.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

static.rbxcdn.com

IN A

Response

static.rbxcdn.com

IN CNAME

staticns1.rbxcdn.com

staticns1.rbxcdn.com

IN CNAME

staticak.rbxcdn.com

staticak.rbxcdn.com

IN CNAME

static.rbxcdn.edgesuite.net

static.rbxcdn.edgesuite.net

IN CNAME

a1992.w27.akamai.net

a1992.w27.akamai.net

IN A

2.18.190.70

a1992.w27.akamai.net

IN A

2.18.190.78
DNS

js.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.rbxcdn.com

IN A

Response

js.rbxcdn.com

IN CNAME

jsns1.rbxcdn.com

jsns1.rbxcdn.com

IN CNAME

jsak.rbxcdn.com

jsak.rbxcdn.com

IN CNAME

jsak.rbxcdn.com.edgesuite.net

jsak.rbxcdn.com.edgesuite.net

IN CNAME

a1993.g.akamai.net

a1993.g.akamai.net

IN A

104.77.160.91

a1993.g.akamai.net

IN A

104.77.160.76
DNS

roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

roblox.com

IN A

Response

roblox.com

IN A

128.116.119.4
DNS

metrics.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

metrics.roblox.com

IN A

Response

metrics.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

apis.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apis.roblox.com

IN A

Response

apis.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

apis.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apis.rbxcdn.com

IN A

Response

apis.rbxcdn.com

IN CNAME

apisns1.rbxcdn.com

apisns1.rbxcdn.com

IN CNAME

apisak.rbxcdn.com

apisak.rbxcdn.com

IN CNAME

apisak.rbxcdn.com.edgesuite.net

apisak.rbxcdn.com.edgesuite.net

IN CNAME

a1364.dscb.akamai.net

a1364.dscb.akamai.net

IN A

104.77.160.78

a1364.dscb.akamai.net

IN A

104.77.160.75
DNS

locale.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

locale.roblox.com

IN A

Response

locale.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

images.rbxcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

images.rbxcdn.com

IN A

Response

images.rbxcdn.com

IN CNAME

imagesns1.rbxcdn.com

imagesns1.rbxcdn.com

IN CNAME

imagesak.rbxcdn.com

imagesak.rbxcdn.com

IN CNAME

images.rbxcdn.edgesuite.net

images.rbxcdn.edgesuite.net

IN CNAME

a1899.dscw27.akamai.net

a1899.dscw27.akamai.net

IN A

2.18.190.73

a1899.dscw27.akamai.net

IN A

2.18.190.75
DNS

auth.roblox.com

chrome.exe

Remote address:

8.8.8.8:53

Request

auth.roblox.com

IN A

Response

auth.roblox.com

IN CNAME

titanium.roblox.com

titanium.roblox.com

IN CNAME

edge-term4.roblox.com

edge-term4.roblox.com

IN CNAME

edge-term4-lhr2.roblox.com

edge-term4-lhr2.roblox.com

IN A

128.116.119.3
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

rbiox.com.kg

chrome.exe

Remote address:

8.8.8.8:53

Request

rbiox.com.kg

IN A

Response
DNS

c.pki.goog

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

142.250.200.35
GET

http://c.pki.goog/r/r1.crl

Remote address:

142.250.200.35:80

Request

GET /r/r1.crl HTTP/1.1
Cache-Control: max-age = 3000
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
User-Agent: Microsoft-CryptoAPI/10.0
Host: c.pki.goog

Response

HTTP/1.1 304 Not Modified

Date: Mon, 17 Mar 2025 17:37:14 GMT
Expires: Mon, 17 Mar 2025 18:27:14 GMT
Age: 1283
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Cache-Control: public, max-age=3000
Vary: Accept-Encoding
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

142.251.42.163

5.252.33.166:443

www.robiox.com.kg

tls

chrome.exe

2.7kB
5.7kB
11
9
5.252.33.166:443

www.robiox.com.kg

tls

chrome.exe

44.8kB
541.5kB
414
553
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
3.9kB
10
7
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

13.4kB
211.7kB
161
186
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
3.9kB
10
7
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
4.0kB
10
8
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

2.1kB
3.9kB
7
6
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
3.9kB
10
6
2.18.190.78:443

static.rbxcdn.com

tls

chrome.exe

4.7kB
48.0kB
38
58
2.18.190.78:443

static.rbxcdn.com

tls

chrome.exe

2.3kB
4.6kB
11
10
2.18.190.180:443

tr.rbxcdn.com

tls

chrome.exe

29.1kB
831.0kB
518
655
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.6kB
11
10
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

99.6kB
2.2MB
1571
1645
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.7kB
11
11
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.0kB
11
8
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.7kB
11
11
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.2kB
3.8kB
8
5
3.165.148.115:443

roblox-api.arkoselabs.com

tls

chrome.exe

4.3kB
66.8kB
38
61
104.77.160.76:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.8kB
10
12
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

9.3kB
236.2kB
124
199
2.18.190.79:443

css.rbxcdn.com

tls

chrome.exe

8.2kB
227.2kB
100
177
128.116.119.4:443

roblox.com

tls

chrome.exe

3.3kB
8.3kB
17
17
216.58.204.72:443

ssl.google-analytics.com

tls

chrome.exe

3.5kB
26.2kB
25
27
142.250.200.4:443

www.google.com

tls

chrome.exe

4.0kB
7.7kB
19
20
142.250.180.2:443

googleads.g.doubleclick.net

tls

chrome.exe

2.4kB
7.1kB
11
11
142.250.200.42:443

content-autofill.googleapis.com

tls

chrome.exe

3.5kB
8.4kB
19
23
216.239.34.36:443

region1.google-analytics.com

tls

chrome.exe

4.1kB
8.3kB
16
15
128.116.21.3:443

ams2-128-116-21-3.roblox.com

tls

chrome.exe

3.1kB
7.4kB
16
17
128.116.45.3:443

mia4-128-116-45-3.roblox.com

tls

chrome.exe

3.2kB
7.4kB
16
17
128.116.104.4:443

bom1-128-116-104-4.roblox.com

tls

chrome.exe

3.0kB
6.6kB
13
13
128.116.101.3:443

ord2-128-116-101-3.roblox.com

tls

chrome.exe

3.0kB
7.1kB
14
14
2.18.190.83:443

sc0ak.rbxcdn.com

tls

chrome.exe

4.9kB
60.7kB
55
60
128.116.44.3:443

fra4-128-116-44-3.roblox.com

tls

chrome.exe

3.2kB
7.4kB
16
17
128.116.115.3:443

sea1-128-116-115-3.roblox.com

tls

chrome.exe

3.0kB
6.6kB
14
13
128.116.95.3:443

dfw2-128-116-95-3.roblox.com

tls

chrome.exe

3.0kB
7.1kB
13
13
128.116.119.3:443

lhr2-128-116-119-3.roblox.com

tls

chrome.exe

3.2kB
7.4kB
16
17
2.18.190.69:443

sc0.rbxcdn.com

tls

chrome.exe

4.9kB
60.6kB
54
58
172.217.16.226:443

ep1.adtrafficquality.google

tls

chrome.exe

3.5kB
21.0kB
23
23
216.58.212.225:443

ep2.adtrafficquality.google

tls

chrome.exe

3.1kB
14.4kB
16
19
216.58.212.225:443

ep2.adtrafficquality.google

tls

chrome.exe

3.6kB
12.8kB
19
18
2.18.190.72:443

t7.rbxcdn.com

tls

chrome.exe

3.0kB
10.1kB
14
20
128.116.119.3:443

ecsv2.roblox.com

tls

chrome.exe

5.1kB
13.3kB
28
32
128.116.13.3:443

cdg2-128-116-13-3.roblox.com

tls

chrome.exe

3.0kB
6.6kB
14
13
128.116.102.3:443

iad4-128-116-102-3.roblox.com

tls

chrome.exe

3.0kB
7.1kB
14
14
128.116.63.3:443

lax4-128-116-63-3.roblox.com

tls

chrome.exe

3.0kB
7.1kB
14
14
128.116.120.3:443

nrt1-128-116-120-3.roblox.com

tls

chrome.exe

3.0kB
7.1kB
14
14
18.172.88.122:443

sc0aws.rbxcdn.com

tls

chrome.exe

4.5kB
61.2kB
47
53
128.116.120.3:443

nrt1-128-116-120-3.roblox.com

tls

chrome.exe

2.3kB
6.9kB
11
13
128.116.119.4:443

roblox.com

tls

chrome.exe

2.8kB
7.0kB
13
13
128.116.119.3:443

www.roblox.com

tls

chrome.exe

3.2kB
19.7kB
22
24
142.250.187.234:443

ogads-pa.googleapis.com

tls

chrome.exe

2.3kB
7.1kB
8
9
142.250.187.206:443

play.google.com

tls

chrome.exe

2.3kB
8.7kB
9
10
5.252.33.166:80

robiox.com.kg

chrome.exe

98 B
52 B
2
1
5.252.33.166:80

robiox.com.kg

chrome.exe

98 B
52 B
2
1
128.116.119.3:443

www.roblox.com

tls

chrome.exe

15.2kB
167.7kB
139
168
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
3.9kB
10
7
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

54.4kB
1.9MB
918
1403
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

2.2kB
4.0kB
10
8
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

2.0kB
3.8kB
7
4
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

2.2kB
4.0kB
10
8
104.77.160.91:443

js.rbxcdn.com

tls

chrome.exe

2.3kB
4.6kB
11
10
2.18.190.70:443

static.rbxcdn.com

tls

chrome.exe

3.3kB
9.7kB
17
23
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

11.4kB
207.2kB
142
181
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

2.3kB
3.9kB
10
7
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

2.3kB
4.6kB
11
10
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
4.0kB
10
8
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

2.3kB
4.6kB
11
10
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

2.2kB
4.0kB
10
8
128.116.119.4:443

roblox.com

tls

chrome.exe

3.0kB
7.8kB
13
13
128.116.119.3:443

apis.roblox.com

tls

chrome.exe

4.3kB
15.0kB
25
28
128.116.119.3:443

apis.roblox.com

tls

chrome.exe

2.3kB
6.1kB
12
9
104.77.160.78:443

apis.rbxcdn.com

tls

chrome.exe

2.9kB
5.9kB
12
15
2.18.190.80:443

css.rbxcdn.com

tls

chrome.exe

8.0kB
181.4kB
116
145
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

2.4kB
4.6kB
11
10
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

23.2kB
900.8kB
423
665
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

2.4kB
4.6kB
11
10
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

2.4kB
4.7kB
11
11
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

2.4kB
4.6kB
11
10
2.18.190.73:443

images.rbxcdn.com

tls

chrome.exe

2.4kB
4.7kB
11
11
142.250.200.42:443

content-autofill.googleapis.com

tls

chrome.exe

3.0kB
7.9kB
13
15
5.252.33.166:443

robiox.com.kg

tls

chrome.exe

2.7kB
6.1kB
10
10
5.252.33.166:443

robiox.com.kg

tls

chrome.exe

2.8kB
6.1kB
10
10
142.250.200.35:80

http://c.pki.goog/r/r1.crl

http

384 B
355 B
4
3

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

304
142.251.42.163:443

beacons.gcp.gvt2.com

tls

chrome.exe

3.2kB
7.7kB
16
15

8.8.8.8:53

www.robiox.com.kg

dns

chrome.exe

63 B
93 B
1
1

DNS Request

www.robiox.com.kg

DNS Response

5.252.33.166
8.8.8.8:53

css.rbxcdn.com

dns

chrome.exe

60 B
205 B
1
1

DNS Request

css.rbxcdn.com

DNS Response

2.18.190.79

2.18.190.80
8.8.8.8:53

static.rbxcdn.com

dns

chrome.exe

63 B
214 B
1
1

DNS Request

static.rbxcdn.com

DNS Response

2.18.190.78

2.18.190.70
8.8.8.8:53

js.rbxcdn.com

dns

chrome.exe

59 B
202 B
1
1

DNS Request

js.rbxcdn.com

DNS Response

104.77.160.76

104.77.160.91
8.8.8.8:53

roblox-api.arkoselabs.com

dns

chrome.exe

71 B
178 B
1
1

DNS Request

roblox-api.arkoselabs.com

DNS Response

3.165.148.115

3.165.148.112

3.165.148.10

3.165.148.81
8.8.8.8:53

tr.rbxcdn.com

dns

chrome.exe

59 B
187 B
1
1

DNS Request

tr.rbxcdn.com

DNS Response

2.18.190.180
8.8.8.8:53

images.rbxcdn.com

dns

chrome.exe

63 B
217 B
1
1

DNS Request

images.rbxcdn.com

DNS Response

2.18.190.73

2.18.190.75
5.252.33.166:443

www.robiox.com.kg

https

chrome.exe

7.7kB
6
8.8.8.8:53

roblox.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

roblox.com

DNS Response

128.116.119.4
8.8.8.8:53

ssl.google-analytics.com

dns

chrome.exe

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

216.58.204.72
3.165.148.115:443

roblox-api.arkoselabs.com

https

chrome.exe

6.9kB
14.2kB
26
23
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.200.4
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.180.2
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
301 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.200.42

142.250.180.10

172.217.16.234

216.58.212.234

142.250.187.234

216.58.201.106

172.217.169.74

216.58.213.10

216.58.204.74

142.250.179.234

142.250.187.202

216.58.212.202

142.250.178.10

142.250.200.10
8.8.8.8:53

region1.google-analytics.com

dns

chrome.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.34.36

216.239.32.36
8.8.8.8:53

fra4-128-116-44-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

fra4-128-116-44-3.roblox.com

DNS Response

128.116.44.3
8.8.8.8:53

sc0ak.rbxcdn.com

dns

chrome.exe

62 B
284 B
1
1

DNS Request

sc0ak.rbxcdn.com

DNS Response

2.18.190.83

2.18.190.82

2.18.190.75

2.18.190.73

2.18.190.69

2.18.190.74

2.18.190.72

2.18.190.70

2.18.190.81
8.8.8.8:53

bom1-128-116-104-4.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

bom1-128-116-104-4.roblox.com

DNS Response

128.116.104.4
8.8.8.8:53

lhr2-128-116-119-3.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

lhr2-128-116-119-3.roblox.com

DNS Response

128.116.119.3
8.8.8.8:53

ord2-128-116-101-3.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

ord2-128-116-101-3.roblox.com

DNS Response

128.116.101.3
8.8.8.8:53

sc0.rbxcdn.com

dns

chrome.exe

60 B
323 B
1
1

DNS Request

sc0.rbxcdn.com

DNS Response

2.18.190.69

2.18.190.74

2.18.190.75

2.18.190.73

2.18.190.70

2.18.190.83

2.18.190.72

2.18.190.82

2.18.190.76
8.8.8.8:53

ams2-128-116-21-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

ams2-128-116-21-3.roblox.com

DNS Response

128.116.21.3
8.8.8.8:53

sea1-128-116-115-3.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

sea1-128-116-115-3.roblox.com

DNS Response

128.116.115.3
8.8.8.8:53

dfw2-128-116-95-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

dfw2-128-116-95-3.roblox.com

DNS Response

128.116.95.3
8.8.8.8:53

mia4-128-116-45-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

mia4-128-116-45-3.roblox.com

DNS Response

128.116.45.3
8.8.8.8:53

ep1.adtrafficquality.google

dns

chrome.exe

73 B
89 B
1
1

DNS Request

ep1.adtrafficquality.google

DNS Response

172.217.16.226
8.8.8.8:53

ep2.adtrafficquality.google

dns

chrome.exe

73 B
89 B
1
1

DNS Request

ep2.adtrafficquality.google

DNS Response

216.58.212.225
8.8.8.8:53

t7.rbxcdn.com

dns

chrome.exe

59 B
213 B
1
1

DNS Request

t7.rbxcdn.com

DNS Response

2.18.190.72

2.18.190.69
216.58.212.225:443

ep2.adtrafficquality.google

https

chrome.exe

4.8kB
9.1kB
8
12
8.8.8.8:53

ecsv2.roblox.com

dns

chrome.exe

62 B
156 B
1
1

DNS Request

ecsv2.roblox.com

DNS Response

128.116.119.3
172.217.16.226:443

ep1.adtrafficquality.google

https

chrome.exe

7.5kB
9.6kB
17
18
224.0.0.251:5353

chrome.exe

204 B
3
216.239.34.36:443

region1.google-analytics.com

https

chrome.exe

6.5kB
10.2kB
14
18
142.250.200.4:443

www.google.com

https

chrome.exe

4.3kB
9.8kB
9
11
172.217.16.226:443

ep1.adtrafficquality.google

https

chrome.exe

3.8kB
18.4kB
13
20
8.8.8.8:53

sc0aws.rbxcdn.com

dns

chrome.exe

63 B
170 B
1
1

DNS Request

sc0aws.rbxcdn.com

DNS Response

18.172.88.122

18.172.88.36

18.172.88.27

18.172.88.44
8.8.8.8:53

cdg2-128-116-13-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

cdg2-128-116-13-3.roblox.com

DNS Response

128.116.13.3
8.8.8.8:53

nrt1-128-116-120-3.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

nrt1-128-116-120-3.roblox.com

DNS Response

128.116.120.3
8.8.8.8:53

iad4-128-116-102-3.roblox.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

iad4-128-116-102-3.roblox.com

DNS Response

128.116.102.3
8.8.8.8:53

lax4-128-116-63-3.roblox.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

lax4-128-116-63-3.roblox.com

DNS Response

128.116.63.3
216.58.204.72:443

ssl.google-analytics.com

https

chrome.exe

4.2kB
9.1kB
7
11
142.250.200.42:443

content-autofill.googleapis.com

https

chrome.exe

4.2kB
9.2kB
7
11
8.8.8.8:53

www.roblox.com

dns

chrome.exe

60 B
154 B
1
1

DNS Request

www.roblox.com

DNS Response

128.116.119.3
142.250.200.4:443

www.google.com

https

chrome.exe

7.3kB
90.6kB
46
82
8.8.8.8:53

ogads-pa.googleapis.com

dns

chrome.exe

69 B
293 B
1
1

DNS Request

ogads-pa.googleapis.com

DNS Response

142.250.187.234

216.58.213.10

172.217.169.10

172.217.16.234

142.250.187.202

216.58.212.202

172.217.169.42

142.250.179.234

142.250.200.10

142.250.180.10

142.250.178.10

216.58.201.106

216.58.204.74

142.250.200.42
142.250.187.234:443

ogads-pa.googleapis.com

https

chrome.exe

5.5kB
10.1kB
17
19
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.206
142.250.187.206:443

play.google.com

https

chrome.exe

4.7kB
9.7kB
11
14
142.250.187.206:443

play.google.com

https

chrome.exe

4.0kB
4.9kB
8
11
8.8.8.8:53

rbiox.com.kg

dns

chrome.exe

58 B
118 B
1
1

DNS Request

rbiox.com.kg
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
8.8.8.8:53

rbiox.com.kg

dns

chrome.exe

58 B
118 B
1
1

DNS Request

rbiox.com.kg
8.8.8.8:53

robiox.com.kg

dns

chrome.exe

59 B
75 B
1
1

DNS Request

robiox.com.kg

DNS Response

5.252.33.166
8.8.8.8:53

css.rbxcdn.com

dns

chrome.exe

60 B
205 B
1
1

DNS Request

css.rbxcdn.com

DNS Response

2.18.190.80

2.18.190.79
8.8.8.8:53

static.rbxcdn.com

dns

chrome.exe

63 B
214 B
1
1

DNS Request

static.rbxcdn.com

DNS Response

2.18.190.70

2.18.190.78
8.8.8.8:53

js.rbxcdn.com

dns

chrome.exe

59 B
202 B
1
1

DNS Request

js.rbxcdn.com

DNS Response

104.77.160.91

104.77.160.76
8.8.8.8:53

roblox.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

roblox.com

DNS Response

128.116.119.4
8.8.8.8:53

metrics.roblox.com

dns

chrome.exe

64 B
158 B
1
1

DNS Request

metrics.roblox.com

DNS Response

128.116.119.3
8.8.8.8:53

apis.roblox.com

dns

chrome.exe

61 B
155 B
1
1

DNS Request

apis.roblox.com

DNS Response

128.116.119.3
8.8.8.8:53

apis.rbxcdn.com

dns

chrome.exe

61 B
213 B
1
1

DNS Request

apis.rbxcdn.com

DNS Response

104.77.160.78

104.77.160.75
8.8.8.8:53

locale.roblox.com

dns

chrome.exe

63 B
157 B
1
1

DNS Request

locale.roblox.com

DNS Response

128.116.119.3
8.8.8.8:53

images.rbxcdn.com

dns

chrome.exe

63 B
217 B
1
1

DNS Request

images.rbxcdn.com

DNS Response

2.18.190.73

2.18.190.75
8.8.8.8:53

auth.roblox.com

dns

chrome.exe

61 B
155 B
1
1

DNS Request

auth.roblox.com

DNS Response

128.116.119.3
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
8.8.8.8:53

rbiox.com.kg

dns

chrome.exe

58 B
118 B
1
1

DNS Request

rbiox.com.kg
5.252.33.166:443

robiox.com.kg

https

chrome.exe

7.7kB
6
8.8.8.8:53

c.pki.goog

dns

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

142.250.200.35
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

142.251.42.163

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
414B

MD5
5eb76109bdcfdc0934f189e3f7aa6dd6

SHA1
63543e103aaa61eab674fbd9bcb3a5cca57bae01

SHA256
481ae0add1926dae2433c344738e03fb6043435a2337b0e2eaee9dfaa015af9c

SHA512
946365ba4c4512cc528d2327ec5d90c3c80dc6521a9562cb1d7f9715ef0988ff965e9061fd6eb6a5ee74389385fe36910008f40f1e3f053537ffcc76b475fb95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
105KB

MD5
16972e03d2bd4219e478f7da13b187ad

SHA1
31fdcc4d146302e809628b21013a59042e3671fa

SHA256
5315862acf4a902d55dbae7d292dd70616fe9ad76ca9eca9ecc85d776824b59b

SHA512
42cdf24190b588812987201c6c7741ed937a23b8d306324b56a9a07416a8b59fd0b34cfda6b67454b06ad1c9a03b9f99f64b5ecc4f027f8417e4259ecff9963a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
51KB

MD5
588ee33c26fe83cb97ca65e3c66b2e87

SHA1
842429b803132c3e7827af42fe4dc7a66e736b37

SHA256
bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760

SHA512
6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

Filesize
23KB

MD5
e4b0d20f483b4c24ecffd4678479e3ae

SHA1
f0f3175f2c92922d123eac1e3a4c5bc8f6091b49

SHA256
ab25f94f51f31d69f3a7ff1959eafe9ddf3fad8e983fa216c91795bae573e13a

SHA512
54dda1d96956961788768dd0d5cb0ef9f660898b3b4fd1f6c02d5b092fe3629cb38f478e5e2fa5b074963616e63a235593a2de9e3fb420b502b40ded7430a715

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

Filesize
30KB

MD5
6fd1421c547715cb7b78ca67104bfb78

SHA1
cc7f1d6761d9c7256745ef7586ad53e3183f0e2f

SHA256
57b9a684f743cf229723c1a5e9936d930cf48c3b5056c16c09cdd71ee6fe803d

SHA512
f64899cf62a1696adbf62f597f69c3a1ddd62319071f9a87076977b9f6c80992b333223a07cc1645a2fd578306e30abae12e18afc41cd582ee9717ebcb423a69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

Filesize
29KB

MD5
0184869286788eacac1ba69396519d49

SHA1
0c5f414d628c549f94ad3a74b0afcb60e5dbedd1

SHA256
f696dbf8cecfefca50ea3fa5cf29f5ba98c37e723bbcd5c6381269e08be54e0f

SHA512
b6bb6bec302cb11e978fb40be6ed3ad6ec18afbf3bc4e81aa5aa078c841bc323542b7a4c83037c7eeef8245c29e27d0143528f071d33acf5346ccef4fd5f38df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b

Filesize
20KB

MD5
f550dad3dbfb045a5d3b91aaeca0b384

SHA1
ae0700d295166c471d2e3640134d7bcfb183bbcb

SHA256
a2d804e54d655a53053419498366fcc7e4a9e485fcc872795b22b31c6b889720

SHA512
1eeab46bbd2eaadd75ba18fa3d74f9ba0555082588e7dfca77425adf6716d9553b669250af5cb2948cd4d4a5a4453866834f018709941da5aa67214c0f6b8b95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

Filesize
20KB

MD5
efd99f6b50b61e6bc88ab81db271f5dc

SHA1
13a91d8c6aae48306779d950cd3da773bac54a04

SHA256
3eb3416904e2d4354a4760874b015d4b7ad0f4f231889eb2e80a7c2ba79c22b9

SHA512
3532987383c85b0cb80ada4314a3fd155cfb78d23470aa7ea43c40342d48982bb8b3824b65c05fe496662e433ce65598cc902cc9e51d6a32802709683221e160

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
88KB

MD5
cf32003b2a71b7f09b15e9ad77a42d40

SHA1
dd13a04a430ae36e5947a503abf60c24f17d31a1

SHA256
9442cba9804cbfce11010881cda395e6df369f778358e50536bc183c926370d7

SHA512
6007af3fe5be0f250b877d18351510f82fe40458033c7342e26aa4ab8fa75f728881b2b872e1bf1a6aca7810151523bb53bf9609f87d414390b45c32c0e66542

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e

Filesize
59KB

MD5
7fd069146ea79b16633bc8b45f90482a

SHA1
98dfafac54f6f5db51e3baea698208833ed1b642

SHA256
a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7

SHA512
c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

Filesize
75KB

MD5
15a2f0d9497bdefec193f1951b076696

SHA1
b673c0729fa90d589261edd38bcaa74439297cdf

SHA256
aad6b6bb918d96aa219dcb54ff8a8a9587a9abbe51b4ee131fdb1a82f028745b

SHA512
36cb398ffe146e46e57ba37a2ac92d03476ac0b0368c64ce0102ac3b9d6a484d5e4200c136db9e04f25b327641299457b8f9d140aba6bef6a9fdc04313415e42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067

Filesize
44KB

MD5
28d6deba0823880f8331bd4695469645

SHA1
a9fb38e13eddaed233b777f4db8efb4762c215a2

SHA256
2897ce935bf259f030e1c67dc25840da8793d4b58bc5fc8d5450525490d62590

SHA512
05261445ce6c11d1cf49716c0a2c6c2abbc930af4b7c817d36afa7819446f7e40f740a31b8e9734a5f68a0b140f2424db8779f27bae349a429002bdb30c79e7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

Filesize
39KB

MD5
e1f6e032096b2924e561c3928b9dc73d

SHA1
f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad

SHA256
fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8

SHA512
b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

Filesize
42KB

MD5
cc7ad65e0558327d8fbe8ade40ab94e8

SHA1
6c153e9bf971f196db25cb2cb3b62f77f0a1299a

SHA256
956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30

SHA512
0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f

Filesize
41KB

MD5
60df02cbc9b6a531c2d3cf32025a4dc8

SHA1
71ce31d6e0f59f98855a01b3eb9a37a86352189f

SHA256
2d73eefd868f115745117f76888a9b0124453918522046796a55c3621ad2c15d

SHA512
cfc2d4bc147bc757054c07a7e347091922d4ff9b7a0f856d0a3c278f5a98fac1a539d05ea5c375868b372f006a530d14558ac7027723f83f3b22087bd12992dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

Filesize
40KB

MD5
f1cad4800853bba09a023250de102801

SHA1
76e1a6ae10ac4db2a3e4e8bf6b7edd692c4537f6

SHA256
e73ceb9052ea848498daacd8a9fff37846cce47324b38df12e9dcf0bf25d2e3b

SHA512
4e869ccea434e71f03ab513b3aa6212da3326cb9625c467b782df48367cbf5c69fb8a073d68180877cfde2510dbe74670046b897125b55f013fe595bb7d3595f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c4239fe33cfadbf8c0d203c0437715e6

SHA1
71625f2a2dfdec910a7ff81e517949d075e74ba5

SHA256
3e9173e27181edbe6f2ccc0a613c03ed9f6b66a428be38919da3281c5228aaef

SHA512
1557237f43d419db0ea50755935f8d4e7580f2221005f8b30eb83154ee494a5a6c2063ca8bf63087e4908f7bbbf126c8bacae818db1871469ae8bd9188e0bd65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3b11251f496d1e7d57630cee538fd0c1

SHA1
c946e36fb1e6360e41aa2b251e4e740de2d9b457

SHA256
f5d1e58bad0ff8f1d55eac213ffee7823cf75d0c41329c3a7f9239b8f2511272

SHA512
b8dd6256d0fc0a3fc5574c2ac91b14cd1a1175925569bc8492e4310304f4b8c52127f5d6614b799d868d0dab06937521e333c8b55dc052d7dd2aa739c7b2bed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
584e766c361798782451e6b33f678d95

SHA1
5a07801ac8e82d30177f1e75c664d347e103136c

SHA256
5635f0eeb70b2b8188f97599c40dcd621c295617d45c06eb66027a1052ba42b1

SHA512
482088f14bbdfd302614a675b1c751d33ab3742d6a2de829199f2bba78804d2e5eac9ef77d049068ee0e33470330b6da9d825e5a0c9a285637014eac555e93ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
de6dfe377c696f20f5da26b7910636a2

SHA1
08ce3ce82dd3cf2ca5e0c7e172a23b1bb828a075

SHA256
9834c6bf1ecee4e716e6cdd7968b4815dc7fdd1c6a557e26d1d22038db1a7cd1

SHA512
fa282bbd6acb3b0f7b7aa5d211e765762e2e53c6be943539660a127ffc5b6272201c611ad9d91909812fb97e1e8dc6fabfb4497a1c90c0979e90d320f609ed84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
0e041b8beb62109bc612bd433aecbfbd

SHA1
15b0515597c527f32376c2faf6d7f4084d208ab8

SHA256
749129b2c7e5e151a012ba92a99b29c216369146a1469915fb7d4eaa4c1700f2

SHA512
f8581544274d402fb6345c08b1bc8972b9156218704e2bed646a61e2af28029072a8c9eab331475d60647b2648f827d93b6eee8d386acb3c1fa14c35678f5573

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
3be9512f453b246617f22f49dcab9c8b

SHA1
a7d771615570ad29f266a713370d72d7a2c23279

SHA256
cee93c3fe78b74fa1c98b164473f0b705dded978ce5bb0e5d49bea37635d5fab

SHA512
089e3047d8619a9ea2994de3650d62134044f1dd673e7252696eb8c354fbc51b4437cfab074a1ed202358a5e2c94445c6cf2c6d76c0e93c76cdcdbf9abacbf41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b49a.TMP

Filesize
48B

MD5
bb905857b0c89f72a375ba0b817c7e2b

SHA1
252d9ace94382593e784f2baf190352c13522495

SHA256
8a88cd6ff95bf039834cf9c38769f9015f12eea2bd700274270953ff3089c3b5

SHA512
2ed28adfa5cd59aae0787f86b998e6918710f564029dc6d1724b96128de61c90116a3feb1fba6f7588880e13b319e255363a414e2d9ad57fafa55295d8f0fb88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
deaea648a6cc27c369ec9bca0730c6c5

SHA1
a2f782c55da605dc1a8132ba75df62ffbee3fce6

SHA256
bfd01036ba21084bd55483571d509e76fa132d7b5b3f9caa21f6b92d22fd4a29

SHA512
9497fb0c0b494afb2b41445012f8388e3b606b114076b1415f0cf0f5c2cf97fbed2c97edee00a274d72479d78428cf7872e9f9df4b5bdccaea944557e9ace97f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
27e26c6966574b3ff46d8dc99b14b2b2

SHA1
fa1adfc0ab6b755ac343678e06d69906c3071d90

SHA256
87bc97ad5ad95d0290e0a54adbbc5ad1ea138ca56b31d51a40b4960501a5a9e1

SHA512
5035b91103bb61c3488fc397db554950d5a72317e15321991a483a47900ac8cbef499dce6cf26b556d6d3d11d9979f1d0ffeed20f5d9720862faa141fd8cd36c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
7f22f4998bf8b384b86021cdc51fc08e

SHA1
54174a7dde1330660d8c5865963a7e262b8a1ca2

SHA256
760c40080404fedecc1f569cd2891fe8ee7509157e3bd619a64652e6cbab24c2

SHA512
d80914c697ddd6b5ff6c5590030c3d67843c4d2a109ff1145256f32062097b8e74b3e93505199f36526b0a7d1022cce6fb8e807f7150afc15d6b039db2c0cfcf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request