Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

09/05/2023, 14:30 UTC

230509-rvavzsac5s 1

09/05/2023, 14:27 UTC

230509-rsmf1agd28 1

Analysis

  • max time kernel
    98s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2023, 14:30 UTC

General

  • Target

    https://capacitacionessat.actualizate.biz/login/change_password.php

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" https://capacitacionessat.actualizate.biz/login/change_password.php
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" https://capacitacionessat.actualizate.biz/login/change_password.php
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1528
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.0.210966857\724490073" -parentBuildID 20221007134813 -prefsHandle 1828 -prefMapHandle 1820 -prefsLen 20890 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {82ba3c75-3a59-4119-9e67-8050eb8690a5} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 1908 18c9f4f1b58 gpu
        3⤵
          PID:1592
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.1.899910946\105016960" -parentBuildID 20221007134813 -prefsHandle 2404 -prefMapHandle 2400 -prefsLen 21706 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4123d43-2558-40b5-b748-e71bb6185822} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 2416 18c92472b58 socket
          3⤵
            PID:3972
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.2.671690444\1056442021" -childID 1 -isForBrowser -prefsHandle 3132 -prefMapHandle 3036 -prefsLen 21789 -prefMapSize 232675 -jsInitHandle 1472 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4cefff6-76b3-4065-8261-67f32b900b4d} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 3108 18ca3206758 tab
            3⤵
              PID:4872
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.3.1360885302\1565256855" -childID 2 -isForBrowser -prefsHandle 4056 -prefMapHandle 4052 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1472 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e4953f8-3696-4111-b823-d390a507a0c0} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 4064 18ca45be758 tab
              3⤵
                PID:2536
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.5.1034083525\821767662" -childID 4 -isForBrowser -prefsHandle 5096 -prefMapHandle 5100 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1472 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec016e6c-7f3d-464a-8e31-6b46bd205dd8} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 5084 18ca6680458 tab
                3⤵
                  PID:4920
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.6.429551088\77889805" -childID 5 -isForBrowser -prefsHandle 5276 -prefMapHandle 5280 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1472 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1973222f-5453-4338-ac86-843cba5bd007} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 5268 18ca667f558 tab
                  3⤵
                    PID:4216
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1528.4.1189856924\557937899" -childID 3 -isForBrowser -prefsHandle 4948 -prefMapHandle 4944 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1472 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aabf16c3-3139-4c31-a4f1-7360318fe4a0} 1528 "\\.\pipe\gecko-crash-server-pipe.1528" 4956 18ca5eb0858 tab
                    3⤵
                      PID:4904

                Network

                • flag-us
                  DNS
                  123.108.74.40.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  123.108.74.40.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  95.221.229.192.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  95.221.229.192.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  capacitacionessat.actualizate.biz
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  capacitacionessat.actualizate.biz
                  IN A
                  Response
                  capacitacionessat.actualizate.biz
                  IN A
                  104.21.41.218
                  capacitacionessat.actualizate.biz
                  IN A
                  172.67.152.10
                • flag-us
                  GET
                  https://capacitacionessat.actualizate.biz/login/change_password.php
                  firefox.exe
                  Remote address:
                  104.21.41.218:443
                  Request
                  GET /login/change_password.php HTTP/2.0
                  host: capacitacionessat.actualizate.biz
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
                  accept-language: en-US,en;q=0.5
                  accept-encoding: gzip, deflate, br
                  upgrade-insecure-requests: 1
                  sec-fetch-dest: document
                  sec-fetch-mode: navigate
                  sec-fetch-site: none
                  sec-fetch-user: ?1
                  te: trailers
                  Response
                  HTTP/2.0 303
                  date: Tue, 09 May 2023 14:30:36 GMT
                  content-type: text/html; charset=utf-8
                  location: https://capacitacionessat.actualizate.biz/login/index.php
                  set-cookie: MoodleSession=4o9dl7ipka37bm694o2c5e6jc5; path=/; secure
                  expires: Thu, 19 Nov 1981 08:52:00 GMT
                  cache-control: no-store, no-cache, must-revalidate
                  pragma: no-cache
                  x-redirect-by: Moodle
                  content-language: es
                  cf-cache-status: DYNAMIC
                  report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcf7yDwLy8YIq%2BRD1oPHojHr%2BDLhdOyM%2BMPpMUGwzmmBgeWkuYP4mTCUfJX8fSaCEyV%2BLuaDEIm%2B1ia4vaX8%2Fbr8USB6T8LCHUqd9QGfsuZ3%2F7tW53wjKq1Xwl3yW7e0PpV5oLjBQk%2FfodIgk%2B3%2F6swzoO4%3D"}],"group":"cf-nel","max_age":604800}
                  nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  server: cloudflare
                  cf-ray: 7c4aa42caaf80eb2-AMS
                  alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                • flag-us
                  GET
                  https://capacitacionessat.actualizate.biz/login/index.php
                  firefox.exe
                  Remote address:
                  104.21.41.218:443
                  Request
                  GET /login/index.php HTTP/2.0
                  host: capacitacionessat.actualizate.biz
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
                  accept-language: en-US,en;q=0.5
                  accept-encoding: gzip, deflate, br
                  cookie: MoodleSession=4o9dl7ipka37bm694o2c5e6jc5
                  upgrade-insecure-requests: 1
                  sec-fetch-dest: document
                  sec-fetch-mode: navigate
                  sec-fetch-site: none
                  sec-fetch-user: ?1
                  te: trailers
                  Response
                  HTTP/2.0 200
                  date: Tue, 09 May 2023 14:30:37 GMT
                  content-type: text/html; charset=utf-8
                  content-length: 7774
                  expires:
                  cache-control: private, pre-check=0, post-check=0, max-age=0, no-transform
                  pragma: no-cache
                  content-language: es
                  content-script-type: text/javascript
                  content-style-type: text/css
                  x-ua-compatible: IE=edge
                  accept-ranges: none
                  x-frame-options: sameorigin
                  vary: Accept-Encoding
                  content-encoding: gzip
                  cf-cache-status: DYNAMIC
                  report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaPNBIPS1PBA4XPzBHhdFNnoS2VvUx38%2FgeZSIDGFtG8LyjcTD6zvsXLrkleZpZ8zAXDWW2ONAhxA%2BxAjHwIJk8bs7CyETTtwuZ4w701IWdDbDwOuDy%2BzOK174hdCRBhrsKw43E6nkUY0ftwLddozzNTNwE%3D"}],"group":"cf-nel","max_age":604800}
                  nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  server: cloudflare
                  cf-ray: 7c4aa43068570eb2-AMS
                  alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                • flag-us
                  DNS
                  capacitacionessat.actualizate.biz
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  capacitacionessat.actualizate.biz
                  IN A
                  Response
                  capacitacionessat.actualizate.biz
                  IN A
                  104.21.41.218
                  capacitacionessat.actualizate.biz
                  IN A
                  172.67.152.10
                • flag-us
                  DNS
                  contile.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  contile.services.mozilla.com
                  IN A
                  Response
                  contile.services.mozilla.com
                  IN A
                  34.117.237.239
                • flag-us
                  DNS
                  capacitacionessat.actualizate.biz
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  capacitacionessat.actualizate.biz
                  IN AAAA
                  Response
                  capacitacionessat.actualizate.biz
                  IN AAAA
                  2606:4700:3034::6815:29da
                  capacitacionessat.actualizate.biz
                  IN AAAA
                  2606:4700:3035::ac43:980a
                • flag-us
                  DNS
                  contile.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  contile.services.mozilla.com
                  IN A
                  Response
                  contile.services.mozilla.com
                  IN A
                  34.117.237.239
                • flag-us
                  DNS
                  contile.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  contile.services.mozilla.com
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  getpocket.cdn.mozilla.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  getpocket.cdn.mozilla.net
                  IN A
                  Response
                  getpocket.cdn.mozilla.net
                  IN CNAME
                  getpocket-cdn.prod.mozaws.net
                  getpocket-cdn.prod.mozaws.net
                  IN CNAME
                  prod.pocket.prod.cloudops.mozgcp.net
                  prod.pocket.prod.cloudops.mozgcp.net
                  IN A
                  34.120.5.221
                • flag-us
                  DNS
                  prod.pocket.prod.cloudops.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.pocket.prod.cloudops.mozgcp.net
                  IN A
                  Response
                  prod.pocket.prod.cloudops.mozgcp.net
                  IN A
                  34.120.5.221
                • flag-us
                  GET
                  https://contile.services.mozilla.com/v1/tiles
                  firefox.exe
                  Remote address:
                  34.117.237.239:443
                  Request
                  GET /v1/tiles HTTP/2.0
                  host: contile.services.mozilla.com
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  accept: */*
                  accept-language: en-US,en;q=0.5
                  accept-encoding: gzip, deflate, br
                  sec-fetch-dest: empty
                  sec-fetch-mode: cors
                  sec-fetch-site: cross-site
                  te: trailers
                • flag-us
                  GET
                  https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                  firefox.exe
                  Remote address:
                  34.120.5.221:443
                  Request
                  GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30 HTTP/2.0
                  host: getpocket.cdn.mozilla.net
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  accept: */*
                  accept-language: en-US,en;q=0.5
                  accept-encoding: gzip, deflate, br
                  sec-fetch-dest: empty
                  sec-fetch-mode: cors
                  sec-fetch-site: cross-site
                  te: trailers
                • flag-us
                  DNS
                  prod.pocket.prod.cloudops.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.pocket.prod.cloudops.mozgcp.net
                  IN AAAA
                  Response
                  prod.pocket.prod.cloudops.mozgcp.net
                  IN AAAA
                  2600:1901:0:524c::
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN A
                  Response
                  firefox.settings.services.mozilla.com
                  IN A
                  34.149.100.209
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN A
                  Response
                  firefox.settings.services.mozilla.com
                  IN A
                  34.149.100.209
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  shavar.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  shavar.services.mozilla.com
                  IN A
                  Response
                  shavar.services.mozilla.com
                  IN CNAME
                  shavar.prod.mozaws.net
                  shavar.prod.mozaws.net
                  IN A
                  54.148.16.146
                  shavar.prod.mozaws.net
                  IN A
                  44.226.58.216
                  shavar.prod.mozaws.net
                  IN A
                  54.149.70.91
                  shavar.prod.mozaws.net
                  IN A
                  54.212.120.154
                  shavar.prod.mozaws.net
                  IN A
                  52.42.197.123
                  shavar.prod.mozaws.net
                  IN A
                  44.228.121.26
                • flag-us
                  DNS
                  push.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  push.services.mozilla.com
                  IN A
                  Response
                  push.services.mozilla.com
                  IN CNAME
                  autopush.prod.mozaws.net
                  autopush.prod.mozaws.net
                  IN A
                  34.117.65.55
                • flag-us
                  DNS
                  shavar.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  shavar.prod.mozaws.net
                  IN A
                  Response
                  shavar.prod.mozaws.net
                  IN A
                  52.42.197.123
                  shavar.prod.mozaws.net
                  IN A
                  54.149.70.91
                  shavar.prod.mozaws.net
                  IN A
                  44.226.58.216
                  shavar.prod.mozaws.net
                  IN A
                  54.148.16.146
                  shavar.prod.mozaws.net
                  IN A
                  44.228.121.26
                  shavar.prod.mozaws.net
                  IN A
                  54.212.120.154
                • flag-us
                  DNS
                  autopush.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  autopush.prod.mozaws.net
                  IN A
                  Response
                  autopush.prod.mozaws.net
                  IN A
                  34.117.65.55
                • flag-us
                  DNS
                  shavar.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  shavar.prod.mozaws.net
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  autopush.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  autopush.prod.mozaws.net
                  IN AAAA
                  Response
                • flag-us
                  GET
                  https://push.services.mozilla.com/
                  firefox.exe
                  Remote address:
                  34.117.65.55:443
                  Request
                  GET / HTTP/1.1
                  Host: push.services.mozilla.com
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  Accept: */*
                  Accept-Language: en-US,en;q=0.5
                  Accept-Encoding: gzip, deflate, br
                  Sec-WebSocket-Version: 13
                  Origin: wss://push.services.mozilla.com/
                  Sec-WebSocket-Protocol: push-notification
                  Sec-WebSocket-Extensions: permessage-deflate
                  Sec-WebSocket-Key: piqzjMkdh2WCcIaeo8viIg==
                  Connection: keep-alive, Upgrade
                  Sec-Fetch-Dest: websocket
                  Sec-Fetch-Mode: websocket
                  Sec-Fetch-Site: cross-site
                  Pragma: no-cache
                  Cache-Control: no-cache
                  Upgrade: websocket
                  Response
                  HTTP/1.1 101 Switching Protocols
                  Connection: Upgrade
                  Upgrade: websocket
                  Sec-WebSocket-Accept: 8o+W2ZLqq6XlqSR39UpTO4fuEKA=
                  Date: Tue, 09 May 2023 14:30:36 GMT
                  Via: 1.1 google
                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                • flag-us
                  DNS
                  content-signature-2.cdn.mozilla.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  content-signature-2.cdn.mozilla.net
                  IN A
                  Response
                  content-signature-2.cdn.mozilla.net
                  IN CNAME
                  content-signature-chains.prod.autograph.services.mozaws.net
                  content-signature-chains.prod.autograph.services.mozaws.net
                  IN CNAME
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN A
                  34.160.144.191
                • flag-us
                  DNS
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN A
                  Response
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN A
                  34.160.144.191
                • flag-us
                  DNS
                  218.41.21.104.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  218.41.21.104.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  239.237.117.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  239.237.117.34.in-addr.arpa
                  IN PTR
                  Response
                  239.237.117.34.in-addr.arpa
                  IN PTR
                  23923711734bcgoogleusercontentcom
                • flag-us
                  DNS
                  221.5.120.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  221.5.120.34.in-addr.arpa
                  IN PTR
                  Response
                  221.5.120.34.in-addr.arpa
                  IN PTR
                  221512034bcgoogleusercontentcom
                • flag-us
                  DNS
                  209.100.149.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  209.100.149.34.in-addr.arpa
                  IN PTR
                  Response
                  209.100.149.34.in-addr.arpa
                  IN PTR
                  20910014934bcgoogleusercontentcom
                • flag-us
                  DNS
                  55.65.117.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  55.65.117.34.in-addr.arpa
                  IN PTR
                  Response
                  55.65.117.34.in-addr.arpa
                  IN PTR
                  556511734bcgoogleusercontentcom
                • flag-us
                  DNS
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN AAAA
                  Response
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN AAAA
                  2600:1901:0:92a9::
                • flag-us
                  DNS
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN AAAA
                  Response
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  IN AAAA
                  2600:1901:0:92a9::
                • flag-us
                  DNS
                  use.fontawesome.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  use.fontawesome.com
                  IN A
                  Response
                  use.fontawesome.com
                  IN CNAME
                  use.fontawesome.com.cdn.cloudflare.net
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.133.15
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.132.15
                • flag-us
                  GET
                  https://use.fontawesome.com/releases/v6.1.1/css/all.css
                  firefox.exe
                  Remote address:
                  172.64.133.15:443
                  Request
                  GET /releases/v6.1.1/css/all.css HTTP/2.0
                  host: use.fontawesome.com
                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  accept: text/css,*/*;q=0.1
                  accept-language: en-US,en;q=0.5
                  accept-encoding: gzip, deflate, br
                  origin: https://capacitacionessat.actualizate.biz
                  referer: https://capacitacionessat.actualizate.biz/
                  sec-fetch-dest: style
                  sec-fetch-mode: cors
                  sec-fetch-site: cross-site
                  te: trailers
                  Response
                  HTTP/2.0 200
                  date: Tue, 09 May 2023 14:30:38 GMT
                  content-type: text/css
                  x-amz-id-2: uA8KFPc/COmt6X1UpA83LH3PKxhKdovccQJSIHtuMTHhyTucgCe/DAT9uxiSzFnmmseRWZvr024=
                  x-amz-request-id: 37W7TPQ8QNNF7SQ1
                  access-control-allow-origin: *
                  access-control-allow-methods: GET
                  access-control-max-age: 3000
                  vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
                  last-modified: Tue, 22 Mar 2022 15:39:36 GMT
                  etag: W/"6386fb409d4a2abc96eee7be8f6d4cc4"
                  cache-control: max-age=31556926
                  cf-cache-status: MISS
                  report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btGnjtXSxf2%2FONFzttnAkr5G%2Be0eZPlQrRzm7wlUvLm%2BO7u4bER9keRXjmrhf6S8%2FYlkPqVRAExgGwPLnkDsgpaNyxiHHDtd2IiXxMdM6evPkEqzUG1l%2Bj5UKJNBmMTwk2PUNxPX"}],"group":"cf-nel","max_age":604800}
                  nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                  server: cloudflare
                  cf-ray: 7c4aa43528b3fa14-AMS
                  content-encoding: br
                  alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                • flag-us
                  DNS
                  use.fontawesome.com.cdn.cloudflare.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  Response
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.133.15
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.132.15
                • flag-us
                  DNS
                  use.fontawesome.com.cdn.cloudflare.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  Response
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.133.15
                  use.fontawesome.com.cdn.cloudflare.net
                  IN A
                  172.64.132.15
                • flag-us
                  DNS
                  use.fontawesome.com.cdn.cloudflare.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  use.fontawesome.com.cdn.cloudflare.net
                  IN AAAA
                  Response
                  use.fontawesome.com.cdn.cloudflare.net
                  IN AAAA
                  2606:4700:e2::ac40:840f
                  use.fontawesome.com.cdn.cloudflare.net
                  IN AAAA
                  2606:4700:e2::ac40:850f
                • flag-us
                  DNS
                  146.16.148.54.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  146.16.148.54.in-addr.arpa
                  IN PTR
                  Response
                  146.16.148.54.in-addr.arpa
                  IN PTR
                  ec2-54-148-16-146 us-west-2compute amazonawscom
                • flag-us
                  DNS
                  191.144.160.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  191.144.160.34.in-addr.arpa
                  IN PTR
                  Response
                  191.144.160.34.in-addr.arpa
                  IN PTR
                  19114416034bcgoogleusercontentcom
                • flag-us
                  DNS
                  191.144.160.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  191.144.160.34.in-addr.arpa
                  IN PTR
                  Response
                  191.144.160.34.in-addr.arpa
                  IN PTR
                  19114416034bcgoogleusercontentcom
                • flag-us
                  DNS
                  15.133.64.172.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  15.133.64.172.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  106.208.58.216.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  106.208.58.216.in-addr.arpa
                  IN PTR
                  Response
                  106.208.58.216.in-addr.arpa
                  IN PTR
                  sof01s11-in-f1061e100net
                  106.208.58.216.in-addr.arpa
                  IN PTR
                  ams17s08-in-f10�J
                • flag-us
                  DNS
                  200.179.250.142.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  200.179.250.142.in-addr.arpa
                  IN PTR
                  Response
                  200.179.250.142.in-addr.arpa
                  IN PTR
                  ams15s42-in-f81e100net
                • flag-us
                  DNS
                  131.179.250.142.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  131.179.250.142.in-addr.arpa
                  IN PTR
                  Response
                  131.179.250.142.in-addr.arpa
                  IN PTR
                  ams17s10-in-f31e100net
                • flag-us
                  DNS
                  206.23.217.172.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  206.23.217.172.in-addr.arpa
                  IN PTR
                  Response
                  206.23.217.172.in-addr.arpa
                  IN PTR
                  ams16s37-in-f141e100net
                  206.23.217.172.in-addr.arpa
                  IN PTR
                  prg03s05-in-f206�I
                  206.23.217.172.in-addr.arpa
                  IN PTR
                  prg03s05-in-f14�I
                • flag-us
                  DNS
                  209.205.72.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  209.205.72.20.in-addr.arpa
                  IN PTR
                  Response
                • flag-us
                  DNS
                  aus5.mozilla.org
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  aus5.mozilla.org
                  IN A
                  Response
                  aus5.mozilla.org
                  IN CNAME
                  balrog-aus5.r53-2.services.mozilla.com
                  balrog-aus5.r53-2.services.mozilla.com
                  IN CNAME
                  prod.balrog.prod.cloudops.mozgcp.net
                  prod.balrog.prod.cloudops.mozgcp.net
                  IN A
                  35.244.181.201
                • flag-us
                  DNS
                  prod.balrog.prod.cloudops.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.balrog.prod.cloudops.mozgcp.net
                  IN A
                  Response
                  prod.balrog.prod.cloudops.mozgcp.net
                  IN A
                  35.244.181.201
                • flag-us
                  DNS
                  prod.balrog.prod.cloudops.mozgcp.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  prod.balrog.prod.cloudops.mozgcp.net
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN A
                  Response
                  firefox.settings.services.mozilla.com
                  IN A
                  34.149.100.209
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  firefox.settings.services.mozilla.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox.settings.services.mozilla.com
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  ciscobinary.openh264.org
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  ciscobinary.openh264.org
                  IN A
                  Response
                  ciscobinary.openh264.org
                  IN CNAME
                  a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com
                  a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com
                  IN CNAME
                  a17.rackcdn.com
                  a17.rackcdn.com
                  IN CNAME
                  a17.rackcdn.com.mdc.edgesuite.net
                  a17.rackcdn.com.mdc.edgesuite.net
                  IN CNAME
                  a19.dscg10.akamai.net
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.209
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.155
                • flag-us
                  DNS
                  ciscobinary.openh264.org
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  ciscobinary.openh264.org
                  IN A
                  Response
                  ciscobinary.openh264.org
                  IN CNAME
                  a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com
                  a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com
                  IN CNAME
                  a17.rackcdn.com
                  a17.rackcdn.com
                  IN CNAME
                  a17.rackcdn.com.mdc.edgesuite.net
                  a17.rackcdn.com.mdc.edgesuite.net
                  IN CNAME
                  a19.dscg10.akamai.net
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.209
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.155
                • flag-gb
                  GET
                  http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                  firefox.exe
                  Remote address:
                  88.221.134.209:80
                  Request
                  GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                  Host: ciscobinary.openh264.org
                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
                  Accept: */*
                  Accept-Language: en-US,en;q=0.5
                  Accept-Encoding: gzip, deflate
                  Connection: keep-alive
                  Response
                  HTTP/1.1 200 OK
                  Content-Length: 453023
                  Accept-Ranges: bytes
                  Last-Modified: Thu, 04 May 2023 01:43:54 GMT
                  ETag: 85430baed3398695717b0263807cf97c
                  X-Timestamp: 1683164633.13950
                  Content-Type: application/zip
                  X-Trans-Id: tx99a5ede11a40436d821d4-00645648e7dfw1
                  Cache-Control: public, max-age=211572
                  Expires: Fri, 12 May 2023 01:17:26 GMT
                  Date: Tue, 09 May 2023 14:31:14 GMT
                  Connection: keep-alive
                • flag-us
                  DNS
                  a19.dscg10.akamai.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  a19.dscg10.akamai.net
                  IN A
                  Response
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.209
                  a19.dscg10.akamai.net
                  IN A
                  88.221.134.155
                • flag-us
                  DNS
                  a19.dscg10.akamai.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  a19.dscg10.akamai.net
                  IN AAAA
                  Response
                  a19.dscg10.akamai.net
                  IN AAAA
                  2a02:26f0:a1::58dd:869b
                  a19.dscg10.akamai.net
                  IN AAAA
                  2a02:26f0:a1::58dd:86d1
                • flag-us
                  DNS
                  a19.dscg10.akamai.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  a19.dscg10.akamai.net
                  IN AAAA
                  Response
                  a19.dscg10.akamai.net
                  IN AAAA
                  2a02:26f0:a1::58dd:869b
                  a19.dscg10.akamai.net
                  IN AAAA
                  2a02:26f0:a1::58dd:86d1
                • flag-us
                  DNS
                  redirector.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  redirector.gvt1.com
                  IN A
                  Response
                  redirector.gvt1.com
                  IN A
                  216.58.208.110
                • flag-us
                  DNS
                  redirector.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  redirector.gvt1.com
                  IN A
                  Response
                  redirector.gvt1.com
                  IN A
                  216.58.208.110
                • flag-us
                  DNS
                  redirector.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  redirector.gvt1.com
                  IN A
                  Response
                  redirector.gvt1.com
                  IN A
                  216.58.208.110
                • flag-us
                  DNS
                  redirector.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  redirector.gvt1.com
                  IN AAAA
                  Response
                  redirector.gvt1.com
                  IN AAAA
                  2a00:1450:400e:80e::200e
                • flag-us
                  DNS
                  redirector.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  redirector.gvt1.com
                  IN AAAA
                  Response
                  redirector.gvt1.com
                  IN AAAA
                  2a00:1450:400e:80e::200e
                • flag-us
                  DNS
                  r2---sn-4g5edndr.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  r2---sn-4g5edndr.gvt1.com
                  IN A
                  Response
                  r2---sn-4g5edndr.gvt1.com
                  IN CNAME
                  r2.sn-4g5edndr.gvt1.com
                  r2.sn-4g5edndr.gvt1.com
                  IN A
                  172.217.133.231
                • flag-us
                  DNS
                  201.181.244.35.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  201.181.244.35.in-addr.arpa
                  IN PTR
                  Response
                  201.181.244.35.in-addr.arpa
                  IN PTR
                  20118124435bcgoogleusercontentcom
                • flag-us
                  DNS
                  209.134.221.88.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  209.134.221.88.in-addr.arpa
                  IN PTR
                  Response
                  209.134.221.88.in-addr.arpa
                  IN PTR
                  a88-221-134-209deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  209.134.221.88.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  209.134.221.88.in-addr.arpa
                  IN PTR
                  Response
                  209.134.221.88.in-addr.arpa
                  IN PTR
                  a88-221-134-209deploystaticakamaitechnologiescom
                • flag-us
                  DNS
                  110.208.58.216.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  110.208.58.216.in-addr.arpa
                  IN PTR
                  Response
                  110.208.58.216.in-addr.arpa
                  IN PTR
                  ams17s08-in-f141e100net
                  110.208.58.216.in-addr.arpa
                  IN PTR
                  sof01s11-in-f110�I
                • flag-us
                  DNS
                  r2.sn-4g5edndr.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  r2.sn-4g5edndr.gvt1.com
                  IN A
                  Response
                  r2.sn-4g5edndr.gvt1.com
                  IN A
                  172.217.133.231
                • flag-us
                  DNS
                  r2.sn-4g5edndr.gvt1.com
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  r2.sn-4g5edndr.gvt1.com
                  IN AAAA
                  Response
                  r2.sn-4g5edndr.gvt1.com
                  IN AAAA
                  2a00:1450:4001:24::7
                • flag-us
                  DNS
                  231.133.217.172.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  231.133.217.172.in-addr.arpa
                  IN PTR
                  Response
                  231.133.217.172.in-addr.arpa
                  IN PTR
                  fra16s68-in-f71e100net
                • flag-us
                  DNS
                  firefox-settings-attachments.cdn.mozilla.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  firefox-settings-attachments.cdn.mozilla.net
                  IN A
                  Response
                  firefox-settings-attachments.cdn.mozilla.net
                  IN CNAME
                  fennec-catalog-cdn.prod.mozaws.net
                  fennec-catalog-cdn.prod.mozaws.net
                  IN A
                  34.117.121.53
                • flag-us
                  DNS
                  fennec-catalog-cdn.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  fennec-catalog-cdn.prod.mozaws.net
                  IN A
                  Response
                  fennec-catalog-cdn.prod.mozaws.net
                  IN A
                  34.117.121.53
                • flag-us
                  DNS
                  fennec-catalog-cdn.prod.mozaws.net
                  firefox.exe
                  Remote address:
                  8.8.8.8:53
                  Request
                  fennec-catalog-cdn.prod.mozaws.net
                  IN AAAA
                  Response
                • flag-us
                  DNS
                  53.121.117.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  53.121.117.34.in-addr.arpa
                  IN PTR
                  Response
                  53.121.117.34.in-addr.arpa
                  IN PTR
                  5312111734bcgoogleusercontentcom
                • flag-us
                  DNS
                  53.121.117.34.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  53.121.117.34.in-addr.arpa
                  IN PTR
                  Response
                  53.121.117.34.in-addr.arpa
                  IN PTR
                  5312111734bcgoogleusercontentcom
                • flag-us
                  DNS
                  73.254.224.20.in-addr.arpa
                  Remote address:
                  8.8.8.8:53
                  Request
                  73.254.224.20.in-addr.arpa
                  IN PTR
                  Response
                • 127.0.0.1:49726
                  firefox.exe
                • 104.21.41.218:443
                  https://capacitacionessat.actualizate.biz/login/index.php
                  tls, http2
                  firefox.exe
                  2.1kB
                  17.2kB
                  18
                  27

                  HTTP Request

                  GET https://capacitacionessat.actualizate.biz/login/change_password.php

                  HTTP Response

                  303

                  HTTP Request

                  GET https://capacitacionessat.actualizate.biz/login/index.php

                  HTTP Response

                  200
                • 34.117.237.239:443
                  https://contile.services.mozilla.com/v1/tiles
                  tls, http2
                  firefox.exe
                  1.7kB
                  7.2kB
                  14
                  16

                  HTTP Request

                  GET https://contile.services.mozilla.com/v1/tiles
                • 34.120.5.221:443
                  https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                  tls, http2
                  firefox.exe
                  2.2kB
                  54.6kB
                  22
                  48

                  HTTP Request

                  GET https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
                • 34.149.100.209:443
                  firefox.settings.services.mozilla.com
                  tls
                  firefox.exe
                  2.0kB
                  7.6kB
                  19
                  25
                • 54.148.16.146:443
                  shavar.services.mozilla.com
                  tls
                  firefox.exe
                  2.2kB
                  4.1kB
                  10
                  9
                • 34.117.65.55:443
                  https://push.services.mozilla.com/
                  tls, http
                  firefox.exe
                  1.9kB
                  6.1kB
                  10
                  12

                  HTTP Request

                  GET https://push.services.mozilla.com/

                  HTTP Response

                  101
                • 34.160.144.191:443
                  content-signature-2.cdn.mozilla.net
                  tls
                  firefox.exe
                  7.5kB
                  33.8kB
                  64
                  102
                • 172.64.133.15:443
                  https://use.fontawesome.com/releases/v6.1.1/css/all.css
                  tls, http2
                  firefox.exe
                  1.9kB
                  29.0kB
                  17
                  31

                  HTTP Request

                  GET https://use.fontawesome.com/releases/v6.1.1/css/all.css

                  HTTP Response

                  200
                • 127.0.0.1:49737
                  firefox.exe
                • 40.125.122.176:443
                  260 B
                  5
                • 34.149.100.209:443
                  firefox.settings.services.mozilla.com
                  tls
                  firefox.exe
                  18.0kB
                  1.2MB
                  258
                  949
                • 20.189.173.2:443
                  322 B
                  7
                • 209.197.3.8:80
                  322 B
                  7
                • 35.244.181.201:443
                  aus5.mozilla.org
                  tls
                  firefox.exe
                  1.4kB
                  5.5kB
                  11
                  13
                • 88.221.134.209:80
                  http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                  http
                  firefox.exe
                  4.1kB
                  467.2kB
                  82
                  342

                  HTTP Request

                  GET http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

                  HTTP Response

                  200
                • 173.223.113.164:443
                  322 B
                  7
                • 204.79.197.203:80
                  api.msn.com
                  322 B
                  7
                • 216.58.208.110:443
                  redirector.gvt1.com
                  tls
                  firefox.exe
                  1.5kB
                  8.9kB
                  15
                  19
                • 172.217.133.231:443
                  r2---sn-4g5edndr.gvt1.com
                  tls
                  firefox.exe
                  73.9kB
                  8.7MB
                  1460
                  6253
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  1.0kB
                  5.3kB
                  11
                  10
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  1.0kB
                  5.3kB
                  11
                  10
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  322.7kB
                  3.6MB
                  2924
                  5189
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  1.0kB
                  5.3kB
                  11
                  10
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  1.0kB
                  5.3kB
                  11
                  10
                • 34.117.121.53:443
                  firefox-settings-attachments.cdn.mozilla.net
                  tls
                  firefox.exe
                  1.1kB
                  5.3kB
                  12
                  10
                • 40.125.122.176:443
                  260 B
                  5
                • 8.238.177.126:80
                  322 B
                  7
                • 40.125.122.176:443
                  260 B
                  5
                • 40.125.122.176:443
                  156 B
                  3
                • 8.8.8.8:53
                  123.108.74.40.in-addr.arpa
                  dns
                  72 B
                  146 B
                  1
                  1

                  DNS Request

                  123.108.74.40.in-addr.arpa

                • 8.8.8.8:53
                  95.221.229.192.in-addr.arpa
                  dns
                  73 B
                  144 B
                  1
                  1

                  DNS Request

                  95.221.229.192.in-addr.arpa

                • 8.8.8.8:53
                  capacitacionessat.actualizate.biz
                  dns
                  firefox.exe
                  79 B
                  111 B
                  1
                  1

                  DNS Request

                  capacitacionessat.actualizate.biz

                  DNS Response

                  104.21.41.218
                  172.67.152.10

                • 8.8.8.8:53
                  capacitacionessat.actualizate.biz
                  dns
                  firefox.exe
                  79 B
                  111 B
                  1
                  1

                  DNS Request

                  capacitacionessat.actualizate.biz

                  DNS Response

                  104.21.41.218
                  172.67.152.10

                • 8.8.8.8:53
                  contile.services.mozilla.com
                  dns
                  firefox.exe
                  74 B
                  90 B
                  1
                  1

                  DNS Request

                  contile.services.mozilla.com

                  DNS Response

                  34.117.237.239

                • 8.8.8.8:53
                  capacitacionessat.actualizate.biz
                  dns
                  firefox.exe
                  79 B
                  135 B
                  1
                  1

                  DNS Request

                  capacitacionessat.actualizate.biz

                  DNS Response

                  2606:4700:3034::6815:29da
                  2606:4700:3035::ac43:980a

                • 8.8.8.8:53
                  contile.services.mozilla.com
                  dns
                  firefox.exe
                  74 B
                  90 B
                  1
                  1

                  DNS Request

                  contile.services.mozilla.com

                  DNS Response

                  34.117.237.239

                • 8.8.8.8:53
                  contile.services.mozilla.com
                  dns
                  firefox.exe
                  74 B
                  155 B
                  1
                  1

                  DNS Request

                  contile.services.mozilla.com

                • 8.8.8.8:53
                  getpocket.cdn.mozilla.net
                  dns
                  firefox.exe
                  71 B
                  174 B
                  1
                  1

                  DNS Request

                  getpocket.cdn.mozilla.net

                  DNS Response

                  34.120.5.221

                • 8.8.8.8:53
                  prod.pocket.prod.cloudops.mozgcp.net
                  dns
                  firefox.exe
                  82 B
                  98 B
                  1
                  1

                  DNS Request

                  prod.pocket.prod.cloudops.mozgcp.net

                  DNS Response

                  34.120.5.221

                • 8.8.8.8:53
                  prod.pocket.prod.cloudops.mozgcp.net
                  dns
                  firefox.exe
                  82 B
                  110 B
                  1
                  1

                  DNS Request

                  prod.pocket.prod.cloudops.mozgcp.net

                  DNS Response

                  2600:1901:0:524c::

                • 8.8.8.8:53
                  firefox.settings.services.mozilla.com
                  dns
                  firefox.exe
                  83 B
                  99 B
                  1
                  1

                  DNS Request

                  firefox.settings.services.mozilla.com

                  DNS Response

                  34.149.100.209

                • 8.8.8.8:53
                  firefox.settings.services.mozilla.com
                  dns
                  firefox.exe
                  83 B
                  99 B
                  1
                  1

                  DNS Request

                  firefox.settings.services.mozilla.com

                  DNS Response

                  34.149.100.209

                • 8.8.8.8:53
                  firefox.settings.services.mozilla.com
                  dns
                  firefox.exe
                  83 B
                  167 B
                  1
                  1

                  DNS Request

                  firefox.settings.services.mozilla.com

                • 8.8.8.8:53
                  shavar.services.mozilla.com
                  dns
                  firefox.exe
                  73 B
                  205 B
                  1
                  1

                  DNS Request

                  shavar.services.mozilla.com

                  DNS Response

                  54.148.16.146
                  44.226.58.216
                  54.149.70.91
                  54.212.120.154
                  52.42.197.123
                  44.228.121.26

                • 8.8.8.8:53
                  push.services.mozilla.com
                  dns
                  firefox.exe
                  71 B
                  125 B
                  1
                  1

                  DNS Request

                  push.services.mozilla.com

                  DNS Response

                  34.117.65.55

                • 8.8.8.8:53
                  shavar.prod.mozaws.net
                  dns
                  firefox.exe
                  68 B
                  164 B
                  1
                  1

                  DNS Request

                  shavar.prod.mozaws.net

                  DNS Response

                  52.42.197.123
                  54.149.70.91
                  44.226.58.216
                  54.148.16.146
                  44.228.121.26
                  54.212.120.154

                • 8.8.8.8:53
                  autopush.prod.mozaws.net
                  dns
                  firefox.exe
                  70 B
                  86 B
                  1
                  1

                  DNS Request

                  autopush.prod.mozaws.net

                  DNS Response

                  34.117.65.55

                • 8.8.8.8:53
                  shavar.prod.mozaws.net
                  dns
                  firefox.exe
                  68 B
                  153 B
                  1
                  1

                  DNS Request

                  shavar.prod.mozaws.net

                • 8.8.8.8:53
                  autopush.prod.mozaws.net
                  dns
                  firefox.exe
                  70 B
                  155 B
                  1
                  1

                  DNS Request

                  autopush.prod.mozaws.net

                • 34.149.100.209:443
                  firefox.settings.services.mozilla.com
                  https
                  firefox.exe
                  2.3kB
                  6.0kB
                  8
                  10
                • 8.8.8.8:53
                  content-signature-2.cdn.mozilla.net
                  dns
                  firefox.exe
                  81 B
                  235 B
                  1
                  1

                  DNS Request

                  content-signature-2.cdn.mozilla.net

                  DNS Response

                  34.160.144.191

                • 8.8.8.8:53
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  dns
                  firefox.exe
                  103 B
                  119 B
                  1
                  1

                  DNS Request

                  prod.content-signature-chains.prod.webservices.mozgcp.net

                  DNS Response

                  34.160.144.191

                • 8.8.8.8:53
                  218.41.21.104.in-addr.arpa
                  dns
                  72 B
                  134 B
                  1
                  1

                  DNS Request

                  218.41.21.104.in-addr.arpa

                • 8.8.8.8:53
                  239.237.117.34.in-addr.arpa
                  dns
                  73 B
                  126 B
                  1
                  1

                  DNS Request

                  239.237.117.34.in-addr.arpa

                • 8.8.8.8:53
                  221.5.120.34.in-addr.arpa
                  dns
                  71 B
                  122 B
                  1
                  1

                  DNS Request

                  221.5.120.34.in-addr.arpa

                • 8.8.8.8:53
                  209.100.149.34.in-addr.arpa
                  dns
                  73 B
                  126 B
                  1
                  1

                  DNS Request

                  209.100.149.34.in-addr.arpa

                • 8.8.8.8:53
                  55.65.117.34.in-addr.arpa
                  dns
                  71 B
                  122 B
                  1
                  1

                  DNS Request

                  55.65.117.34.in-addr.arpa

                • 8.8.8.8:53
                  prod.content-signature-chains.prod.webservices.mozgcp.net
                  dns
                  firefox.exe
                  206 B
                  262 B
                  2
                  2

                  DNS Request

                  prod.content-signature-chains.prod.webservices.mozgcp.net

                  DNS Response

                  2600:1901:0:92a9::

                  DNS Request

                  prod.content-signature-chains.prod.webservices.mozgcp.net

                  DNS Response

                  2600:1901:0:92a9::

                • 104.21.41.218:443
                  capacitacionessat.actualizate.biz
                  https
                  firefox.exe
                  22.6kB
                  2.0MB
                  148
                  1674
                • 8.8.8.8:53
                  use.fontawesome.com
                  dns
                  firefox.exe
                  65 B
                  149 B
                  1
                  1

                  DNS Request

                  use.fontawesome.com

                  DNS Response

                  172.64.133.15
                  172.64.132.15

                • 8.8.8.8:53
                  use.fontawesome.com.cdn.cloudflare.net
                  dns
                  firefox.exe
                  168 B
                  232 B
                  2
                  2

                  DNS Request

                  use.fontawesome.com.cdn.cloudflare.net

                  DNS Response

                  172.64.133.15
                  172.64.132.15

                  DNS Request

                  use.fontawesome.com.cdn.cloudflare.net

                  DNS Response

                  172.64.133.15
                  172.64.132.15

                • 8.8.8.8:53
                  use.fontawesome.com.cdn.cloudflare.net
                  dns
                  firefox.exe
                  84 B
                  140 B
                  1
                  1

                  DNS Request

                  use.fontawesome.com.cdn.cloudflare.net

                  DNS Response

                  2606:4700:e2::ac40:840f
                  2606:4700:e2::ac40:850f

                • 8.8.8.8:53
                  146.16.148.54.in-addr.arpa
                  dns
                  72 B
                  135 B
                  1
                  1

                  DNS Request

                  146.16.148.54.in-addr.arpa

                • 8.8.8.8:53
                  191.144.160.34.in-addr.arpa
                  dns
                  146 B
                  252 B
                  2
                  2

                  DNS Request

                  191.144.160.34.in-addr.arpa

                  DNS Request

                  191.144.160.34.in-addr.arpa

                • 8.8.8.8:53
                  15.133.64.172.in-addr.arpa
                  dns
                  72 B
                  134 B
                  1
                  1

                  DNS Request

                  15.133.64.172.in-addr.arpa

                • 8.8.8.8:53
                  106.208.58.216.in-addr.arpa
                  dns
                  73 B
                  143 B
                  1
                  1

                  DNS Request

                  106.208.58.216.in-addr.arpa

                • 8.8.8.8:53
                  200.179.250.142.in-addr.arpa
                  dns
                  74 B
                  112 B
                  1
                  1

                  DNS Request

                  200.179.250.142.in-addr.arpa

                • 172.64.133.15:443
                  use.fontawesome.com.cdn.cloudflare.net
                  https
                  firefox.exe
                  1.9kB
                  8.8kB
                  6
                  13
                • 8.8.8.8:53
                  131.179.250.142.in-addr.arpa
                  dns
                  74 B
                  112 B
                  1
                  1

                  DNS Request

                  131.179.250.142.in-addr.arpa

                • 8.8.8.8:53
                  206.23.217.172.in-addr.arpa
                  dns
                  73 B
                  173 B
                  1
                  1

                  DNS Request

                  206.23.217.172.in-addr.arpa

                • 8.8.8.8:53
                  209.205.72.20.in-addr.arpa
                  dns
                  72 B
                  158 B
                  1
                  1

                  DNS Request

                  209.205.72.20.in-addr.arpa

                • 8.8.8.8:53
                  aus5.mozilla.org
                  dns
                  firefox.exe
                  62 B
                  180 B
                  1
                  1

                  DNS Request

                  aus5.mozilla.org

                  DNS Response

                  35.244.181.201

                • 8.8.8.8:53
                  prod.balrog.prod.cloudops.mozgcp.net
                  dns
                  firefox.exe
                  82 B
                  98 B
                  1
                  1

                  DNS Request

                  prod.balrog.prod.cloudops.mozgcp.net

                  DNS Response

                  35.244.181.201

                • 8.8.8.8:53
                  prod.balrog.prod.cloudops.mozgcp.net
                  dns
                  firefox.exe
                  82 B
                  175 B
                  1
                  1

                  DNS Request

                  prod.balrog.prod.cloudops.mozgcp.net

                • 8.8.8.8:53
                  firefox.settings.services.mozilla.com
                  dns
                  firefox.exe
                  83 B
                  99 B
                  1
                  1

                  DNS Request

                  firefox.settings.services.mozilla.com

                  DNS Response

                  34.149.100.209

                • 8.8.8.8:53
                  firefox.settings.services.mozilla.com
                  dns
                  firefox.exe
                  166 B
                  334 B
                  2
                  2

                  DNS Request

                  firefox.settings.services.mozilla.com

                  DNS Request

                  firefox.settings.services.mozilla.com

                • 8.8.8.8:53
                  ciscobinary.openh264.org
                  dns
                  firefox.exe
                  140 B
                  572 B
                  2
                  2

                  DNS Request

                  ciscobinary.openh264.org

                  DNS Request

                  ciscobinary.openh264.org

                  DNS Response

                  88.221.134.209
                  88.221.134.155

                  DNS Response

                  88.221.134.209
                  88.221.134.155

                • 8.8.8.8:53
                  a19.dscg10.akamai.net
                  dns
                  firefox.exe
                  67 B
                  99 B
                  1
                  1

                  DNS Request

                  a19.dscg10.akamai.net

                  DNS Response

                  88.221.134.209
                  88.221.134.155

                • 8.8.8.8:53
                  a19.dscg10.akamai.net
                  dns
                  firefox.exe
                  134 B
                  246 B
                  2
                  2

                  DNS Request

                  a19.dscg10.akamai.net

                  DNS Request

                  a19.dscg10.akamai.net

                  DNS Response

                  2a02:26f0:a1::58dd:869b
                  2a02:26f0:a1::58dd:86d1

                  DNS Response

                  2a02:26f0:a1::58dd:869b
                  2a02:26f0:a1::58dd:86d1

                • 8.8.8.8:53
                  redirector.gvt1.com
                  dns
                  firefox.exe
                  130 B
                  162 B
                  2
                  2

                  DNS Request

                  redirector.gvt1.com

                  DNS Request

                  redirector.gvt1.com

                  DNS Response

                  216.58.208.110

                  DNS Response

                  216.58.208.110

                • 8.8.8.8:53
                  redirector.gvt1.com
                  dns
                  firefox.exe
                  65 B
                  81 B
                  1
                  1

                  DNS Request

                  redirector.gvt1.com

                  DNS Response

                  216.58.208.110

                • 8.8.8.8:53
                  redirector.gvt1.com
                  dns
                  firefox.exe
                  130 B
                  186 B
                  2
                  2

                  DNS Request

                  redirector.gvt1.com

                  DNS Request

                  redirector.gvt1.com

                  DNS Response

                  2a00:1450:400e:80e::200e

                  DNS Response

                  2a00:1450:400e:80e::200e

                • 216.58.208.110:443
                  redirector.gvt1.com
                  https
                  firefox.exe
                  3.2kB
                  9.5kB
                  7
                  10
                • 8.8.8.8:53
                  r2---sn-4g5edndr.gvt1.com
                  dns
                  firefox.exe
                  71 B
                  116 B
                  1
                  1

                  DNS Request

                  r2---sn-4g5edndr.gvt1.com

                  DNS Response

                  172.217.133.231

                • 8.8.8.8:53
                  201.181.244.35.in-addr.arpa
                  dns
                  73 B
                  126 B
                  1
                  1

                  DNS Request

                  201.181.244.35.in-addr.arpa

                • 8.8.8.8:53
                  209.134.221.88.in-addr.arpa
                  dns
                  146 B
                  278 B
                  2
                  2

                  DNS Request

                  209.134.221.88.in-addr.arpa

                  DNS Request

                  209.134.221.88.in-addr.arpa

                • 8.8.8.8:53
                  110.208.58.216.in-addr.arpa
                  dns
                  73 B
                  143 B
                  1
                  1

                  DNS Request

                  110.208.58.216.in-addr.arpa

                • 8.8.8.8:53
                  r2.sn-4g5edndr.gvt1.com
                  dns
                  firefox.exe
                  69 B
                  85 B
                  1
                  1

                  DNS Request

                  r2.sn-4g5edndr.gvt1.com

                  DNS Response

                  172.217.133.231

                • 8.8.8.8:53
                  r2.sn-4g5edndr.gvt1.com
                  dns
                  firefox.exe
                  69 B
                  97 B
                  1
                  1

                  DNS Request

                  r2.sn-4g5edndr.gvt1.com

                  DNS Response

                  2a00:1450:4001:24::7

                • 172.217.133.231:443
                  r2.sn-4g5edndr.gvt1.com
                  https
                  firefox.exe
                  1.9kB
                  6.5kB
                  6
                  8
                • 8.8.8.8:53
                  231.133.217.172.in-addr.arpa
                  dns
                  74 B
                  112 B
                  1
                  1

                  DNS Request

                  231.133.217.172.in-addr.arpa

                • 8.8.8.8:53
                  firefox-settings-attachments.cdn.mozilla.net
                  dns
                  firefox.exe
                  90 B
                  151 B
                  1
                  1

                  DNS Request

                  firefox-settings-attachments.cdn.mozilla.net

                  DNS Response

                  34.117.121.53

                • 8.8.8.8:53
                  fennec-catalog-cdn.prod.mozaws.net
                  dns
                  firefox.exe
                  80 B
                  96 B
                  1
                  1

                  DNS Request

                  fennec-catalog-cdn.prod.mozaws.net

                  DNS Response

                  34.117.121.53

                • 8.8.8.8:53
                  fennec-catalog-cdn.prod.mozaws.net
                  dns
                  firefox.exe
                  80 B
                  165 B
                  1
                  1

                  DNS Request

                  fennec-catalog-cdn.prod.mozaws.net

                • 8.8.8.8:53
                  53.121.117.34.in-addr.arpa
                  dns
                  144 B
                  248 B
                  2
                  2

                  DNS Request

                  53.121.117.34.in-addr.arpa

                  DNS Request

                  53.121.117.34.in-addr.arpa

                • 8.8.8.8:53
                  73.254.224.20.in-addr.arpa
                  dns
                  72 B
                  158 B
                  1
                  1

                  DNS Request

                  73.254.224.20.in-addr.arpa

                MITRE ATT&CK Enterprise v6

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bozzcyfh.default-release\activity-stream.discovery_stream.json.tmp

                  Filesize

                  151KB

                  MD5

                  56710c08d563d7883d5fea807dc1169c

                  SHA1

                  79b74b4a54da3cd599a09a13fc2f45ea4f678267

                  SHA256

                  80115f9b87824e9069b1c13bfe4547287c5064f19c774c06eaa0f10043d3939f

                  SHA512

                  6f1d388418c8dde93014513d74689f05a928505c69186700d6d77f2c233672f425a407c58c47c4be6bde91610f444057543cfab45d7240b426a0b4af4b43bd98

                • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\bozzcyfh.default-release\cache2\entries\250EE2BC03AFF526F1A1C3DB212A79DE3EB60D5E

                  Filesize

                  14KB

                  MD5

                  9ce76d7e288303604ebc3d47554156e7

                  SHA1

                  c35cc33e5cc6a1e725a5f6e4a2c17f1b9cd99d85

                  SHA256

                  f17388925b0ec71d261d998959ce489c8bb032f058d2148cf944ae225be45667

                  SHA512

                  7e46d33ae0ef83f81867c3ec160b3aa56fb8a5a5c4da4f6010cc0884743879b1def7baff0598a24f082965e520f38961777d0a7d333f7b11011c6296b042e873

                • C:\Users\Admin\AppData\Local\Temp\tmpaddon

                  Filesize

                  442KB

                  MD5

                  85430baed3398695717b0263807cf97c

                  SHA1

                  fffbee923cea216f50fce5d54219a188a5100f41

                  SHA256

                  a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                  SHA512

                  06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

                  Filesize

                  8.0MB

                  MD5

                  a01c5ecd6108350ae23d2cddf0e77c17

                  SHA1

                  c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                  SHA256

                  345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                  SHA512

                  b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

                  Filesize

                  997KB

                  MD5

                  fe3355639648c417e8307c6d051e3e37

                  SHA1

                  f54602d4b4778da21bc97c7238fc66aa68c8ee34

                  SHA256

                  1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                  SHA512

                  8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

                  Filesize

                  116B

                  MD5

                  3d33cdc0b3d281e67dd52e14435dd04f

                  SHA1

                  4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                  SHA256

                  f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                  SHA512

                  a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

                  Filesize

                  479B

                  MD5

                  49ddb419d96dceb9069018535fb2e2fc

                  SHA1

                  62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                  SHA256

                  2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                  SHA512

                  48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

                  Filesize

                  372B

                  MD5

                  8be33af717bb1b67fbd61c3f4b807e9e

                  SHA1

                  7cf17656d174d951957ff36810e874a134dd49e0

                  SHA256

                  e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                  SHA512

                  6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

                  Filesize

                  11.8MB

                  MD5

                  33bf7b0439480effb9fb212efce87b13

                  SHA1

                  cee50f2745edc6dc291887b6075ca64d716f495a

                  SHA256

                  8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                  SHA512

                  d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

                  Filesize

                  1KB

                  MD5

                  688bed3676d2104e7f17ae1cd2c59404

                  SHA1

                  952b2cdf783ac72fcb98338723e9afd38d47ad8e

                  SHA256

                  33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                  SHA512

                  7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

                  Filesize

                  1KB

                  MD5

                  937326fead5fd401f6cca9118bd9ade9

                  SHA1

                  4526a57d4ae14ed29b37632c72aef3c408189d91

                  SHA256

                  68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                  SHA512

                  b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs-1.js

                  Filesize

                  6KB

                  MD5

                  0691b0cedaf444447791755683d017ee

                  SHA1

                  1633cbca18b8ce8c4805412064953c09f103ce58

                  SHA256

                  cdbdaa1e019190dace67ac326783d8bcfe79a27502fbb68dfbe19386940a8a97

                  SHA512

                  e59b5be648bd062d312b99043d86a97f377cd100d6643a106c1640167081b0a3062790e9a79a661e04634d9ad0c28ce8de6e674bc66a1bf30382c2dd82f5b664

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs-1.js

                  Filesize

                  6KB

                  MD5

                  083db7934f105f941755cb3bce72bba5

                  SHA1

                  7fd8e2f9edaf7a6c7cfe7741661873e46952557f

                  SHA256

                  ed1a266250027564509b6493a5d1ddb62672b765b9cd9a18f6cfdcd4304afc55

                  SHA512

                  027c74067bde46f76018e5bdedda67c1f388815a0ba32280fe830c335d3aadf749b3efc8052e55a9ecb6e1d0b047126b21c7c624c5aad4402e01a173d66e3e39

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs-1.js

                  Filesize

                  7KB

                  MD5

                  558e544b84604c6af765f4a810ce2781

                  SHA1

                  9ff1e8cf4b8e26e941a7c0194e3c14095fc7d72d

                  SHA256

                  e400da96dcae84a85d25f9041fa10774c317f4f712db0ef087e51067356fe0ba

                  SHA512

                  e0aa9b7bdd1142fc8fc66540b45698ee2ff76ce79f02f211e671762e836aeda4f2b88a9f70fef541fd0992524a319c3b302b65831aa914729a144a687656910a

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs-1.js

                  Filesize

                  8KB

                  MD5

                  dd45be9752372e6bf4220833a22be3a5

                  SHA1

                  c53ab03ec7ddf9497973cd4e86cabb912f74e7c3

                  SHA256

                  7c47d7c945b1f0141b0ef83999a5653d36dbb615621ecf0ae67730cf85153e41

                  SHA512

                  9b5b81629fbcbfb27d23c1b7ab8fa6dadc36e27b348d7177a43f8b935373d60569abd057bbdeebdcb0b9831976ffb864ddec75bd3f3f860ee71e8b59d09b13ac

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs-1.js

                  Filesize

                  10KB

                  MD5

                  ee2805bfec712f76d7dc5c46b297eff1

                  SHA1

                  4436b5c8bae718a5435c99db7e8010e392fd9096

                  SHA256

                  f26d7ff5898612e50f892464d47f611f567476d3912a0f1ac8046b408d6695fe

                  SHA512

                  3b71a1c8c47b7b6d9b03b2f8867b939fbe389789e6dd1a78d012d4a4700b4bd400b0034c0b22bb244d7d8af3a9634eb0e7d6de3e6c9b0d3ce0cd68d46658c0ec

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\prefs.js

                  Filesize

                  6KB

                  MD5

                  fcd5f37e5e4066f7cffe8eb106b6ce19

                  SHA1

                  b0a1c4d3d5c96271429fb09cb71055d177c13402

                  SHA256

                  38dbdb91f24f8e138803d71d0f7e4758fbb78e7f657208325fe30a501e225c67

                  SHA512

                  afdf7697bc784c3c85f30a8a1e4caa32459cf7f19c1ffacde04f62f089218ff1899ffe69fc465677d719546c8f91bea0d04807b13d58096f79aeba8eef0a0a15

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\sessionstore-backups\recovery.jsonlz4

                  Filesize

                  24KB

                  MD5

                  9f0a8d74f4cc1e1a0e1d54ac1af520a9

                  SHA1

                  e42f43b1315bf5b6199d42bf1d6d78eec23e1325

                  SHA256

                  e88c418a33de02b8f157c2e1696c90a6f34457e8dccead8f3884341d8cee2694

                  SHA512

                  e6867a4e5572e9eea2fd2e0e89466511f5710fad877ff7f13d5decb92cb227b3a754ee0629cb40a39afae97ff8e372a513e7c6e14bdecbe7106dadc679a4763b

                • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bozzcyfh.default-release\sessionstore-backups\recovery.jsonlz4

                  Filesize

                  24KB

                  MD5

                  23ebd0b8d9db69518bcf58ab861d17a8

                  SHA1

                  d7abd62b109230e8c035faf0e4d474914a062dc3

                  SHA256

                  09c3282bef0fadc64fd3c9bcd5011555efff5b1f22f189da1711014c91980fd6

                  SHA512

                  3bc7bb5120cb3efcb1954bd983e8d1912b49a0dbf1b2096d8fa26359ec462e263b6e7040fc3247041896ec356b6461c4c4984058ccc0794b2146b08275c6050a

                We care about your privacy.

                This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.