hxxps://adfoc[.]us/serve/sitelinks/?id=271228&url=hxxps://maven[.]minecraftforge[.]net/net/minecraftforge/forge/1[.]20[.]1-47[.]2[.]0/forge-1[.]20[.]1-47[.]2[.]0-installer[.]jar

Resubmissions

05/11/2023, 21:47 UTC

231105-1m9h1sdb6v 6

05/11/2023, 21:43 UTC

231105-1lb65adb3x 6

05/11/2023, 21:37 UTC

231105-1gy54aeg83 1

Analysis

max time kernel
1797s
max time network
1536s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
05/11/2023, 21:47 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.0-installer.jar

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Checks processor information in registry 2 TTPs 7 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2231940048-779848787-2990559741-1000\{F9AB5F54-E9BD-462E-8532-ED2F2EC79ED9}	svchost.exe
Key created	\REGISTRY\USER\S-1-5-21-2231940048-779848787-2990559741-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe
Token: SeDebugPrivilege	4512	firefox.exe

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
1120	OpenWith.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe
4512	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4528 wrote to memory of 4512	4528	firefox.exe	101
PID 4512 wrote to memory of 964	4512	firefox.exe	102
PID 4512 wrote to memory of 964	4512	firefox.exe	102
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4268	4512	firefox.exe	103
PID 4512 wrote to memory of 4216	4512	firefox.exe	104
PID 4512 wrote to memory of 4216	4512	firefox.exe	104
PID 4512 wrote to memory of 4216	4512	firefox.exe	104

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.0-installer.jar
1⤵
PID:4272

C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
1⤵
PID:4008

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:1120

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:2924

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4528
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4512
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.0.924294888\1012719598" -parentBuildID 20221007134813 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 20938 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f9efb5c7-d36b-49c7-9da7-be575390d7ab} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 1976 1916c4daf58 gpu
    3⤵
    PID:964
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.1.913969159\2102000069" -parentBuildID 20221007134813 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 20974 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9dd204f4-c337-4f67-a73b-8e399ee685f8} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 2376 1915f970458 socket
    3⤵
    PID:4268
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.2.688427128\1842319297" -childID 1 -isForBrowser -prefsHandle 3256 -prefMapHandle 3252 -prefsLen 21077 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f14b87bd-c60b-4cb3-9dc5-e7c369c3d13c} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3056 191704bc858 tab
    3⤵
    PID:4216
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.3.1872152544\917884667" -childID 2 -isForBrowser -prefsHandle 3608 -prefMapHandle 3604 -prefsLen 26437 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d91611a-ef45-4194-b08f-70119258aff0} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3620 191707dbb58 tab
    3⤵
    PID:412
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.4.1512172254\874644161" -childID 3 -isForBrowser -prefsHandle 3980 -prefMapHandle 4528 -prefsLen 26496 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc4bba70-a735-44d0-8ed3-58f35d3df0a4} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4548 19171db0d58 tab
    3⤵
    PID:2776
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.5.708774172\1436829968" -childID 4 -isForBrowser -prefsHandle 5096 -prefMapHandle 4812 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82a8ae81-0b4a-4b54-90b9-65aae96f2b07} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4528 1917075e858 tab
    3⤵
    PID:3904
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.7.1284168408\1684331213" -childID 6 -isForBrowser -prefsHandle 5424 -prefMapHandle 5428 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {158fbbe3-2f74-4648-a1bc-0ddc278c7c29} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5416 191727fe558 tab
    3⤵
    PID:2896
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.6.1002324052\718414356" -childID 5 -isForBrowser -prefsHandle 5232 -prefMapHandle 5236 -prefsLen 26577 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3fbad538-9b76-490c-b45b-2c0863089d85} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5224 191727fe258 tab
    3⤵
    PID:2536
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.8.33864809\787158929" -childID 7 -isForBrowser -prefsHandle 4144 -prefMapHandle 3108 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ee3681f6-ac1e-4cfd-9156-db7fdd6de8c4} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 3584 1916eb4a658 tab
    3⤵
    PID:5616
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.9.235115941\993613165" -childID 8 -isForBrowser -prefsHandle 5468 -prefMapHandle 3560 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {266ec830-383a-4275-bb07-9442cde09522} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5456 1916ebbbb58 tab
    3⤵
    PID:5720
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.10.1067629413\324767158" -childID 9 -isForBrowser -prefsHandle 4544 -prefMapHandle 5624 -prefsLen 27232 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9c097ab-482e-4ff9-bc7a-0d70ffac4687} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 5252 19173018a58 tab
    3⤵
    PID:4988
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.11.771518578\1445988065" -childID 10 -isForBrowser -prefsHandle 6468 -prefMapHandle 6464 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a2591ba-4d56-4d7b-bc65-d06803b03e5e} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6160 191742b4e58 tab
    3⤵
    PID:5264
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.14.147792050\1140758413" -childID 13 -isForBrowser -prefsHandle 7008 -prefMapHandle 7004 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00fae9a8-9949-4809-bce7-a445f997eea0} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 7044 19175d71258 tab
    3⤵
    PID:4472
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.13.597676476\1119689998" -childID 12 -isForBrowser -prefsHandle 6832 -prefMapHandle 6836 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {055f8126-b8db-4e8a-b0e8-d0941dda4075} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6612 1917af6a558 tab
    3⤵
    PID:3732
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.12.1911021561\1120264688" -childID 11 -isForBrowser -prefsHandle 3152 -prefMapHandle 6312 -prefsLen 30287 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2096522b-0091-4e3f-93e1-eb2dc34dc89d} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6744 19172051558 tab
    3⤵
    PID:1932
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.15.2043869970\909712450" -childID 14 -isForBrowser -prefsHandle 7524 -prefMapHandle 7536 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {310fdcb3-d1ee-46d0-aa21-aad1c048b763} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 7548 19179779858 tab
    3⤵
    PID:6100
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.16.1931917460\627493466" -childID 15 -isForBrowser -prefsHandle 5816 -prefMapHandle 5828 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {35876f88-2fff-41a2-a9bd-d60a91f4e218} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 4944 1915f96b558 tab
    3⤵
    PID:5288
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.18.165102345\980701079" -childID 17 -isForBrowser -prefsHandle 10848 -prefMapHandle 10844 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {857f1415-1ba6-424e-b23c-f00a8942fc9c} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10856 1917a41d458 tab
    3⤵
    PID:624
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.19.564005134\1198867350" -childID 18 -isForBrowser -prefsHandle 10656 -prefMapHandle 10652 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d03450ae-9a46-4302-8ee6-864227564952} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10664 1917a41d758 tab
    3⤵
    PID:3280
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.17.744806913\1347835486" -childID 16 -isForBrowser -prefsHandle 5880 -prefMapHandle 4528 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e48a10fc-c385-4492-a946-92fcd7b301fb} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10988 1917a41cb58 tab
    3⤵
    PID:3012
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.20.2052515126\1929526248" -childID 19 -isForBrowser -prefsHandle 4676 -prefMapHandle 4628 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2258202-a01f-405b-a17f-18c028e0383d} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 6316 1917204ee58 tab
    3⤵
    PID:5424
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.21.1035365707\445453316" -childID 20 -isForBrowser -prefsHandle 10964 -prefMapHandle 10976 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9263b9e6-6509-407e-a348-d93f1ea07697} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10880 1916ebb8258 tab
    3⤵
    PID:1736
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.22.228601422\716639530" -childID 21 -isForBrowser -prefsHandle 10864 -prefMapHandle 7144 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {119a023f-8616-4590-a8a8-fd79085eeee1} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10988 1917204eb58 tab
    3⤵
    PID:2632
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4512.23.841828335\2085766854" -childID 22 -isForBrowser -prefsHandle 10484 -prefMapHandle 10480 -prefsLen 30296 -prefMapSize 232675 -jsInitHandle 1388 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {19948ff0-70d1-499f-95ee-ec38831f2feb} 4512 "\\.\pipe\gecko-crash-server-pipe.4512" 10504 1915f963258 tab
    3⤵
    PID:5028

Network

DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

140.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.32.126.40.in-addr.arpa

IN PTR

Response
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.a-0001.a-msedge.net

g-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=39E92D15040B6ECF362C3ED505676F0A; domain=.bing.com; expires=Fri, 29-Nov-2024 21:47:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36D37BA367A94649822D079530448415 Ref B: BRU30EDGE0522 Ref C: 2023-11-05T21:47:33Z
date: Sun, 05 Nov 2023 21:47:33 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=39E92D15040B6ECF362C3ED505676F0A

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF2860192F8C46769AC85CC1BA563DF0 Ref B: BRU30EDGE0522 Ref C: 2023-11-05T21:47:33Z
date: Sun, 05 Nov 2023 21:47:33 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

Remote address:

204.79.197.200:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=39E92D15040B6ECF362C3ED505676F0A

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 917D1F6DA3C4404999A6BB15A5D25301 Ref B: BRU30EDGE0522 Ref C: 2023-11-05T21:47:34Z
date: Sun, 05 Nov 2023 21:47:33 GMT
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

2.136.104.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.136.104.51.in-addr.arpa

IN PTR

Response
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

getpocket.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

getpocket.cdn.mozilla.net

IN A

Response

getpocket.cdn.mozilla.net

IN CNAME

getpocket-cdn.prod.mozaws.net

getpocket-cdn.prod.mozaws.net

IN CNAME

prod.pocket.prod.cloudops.mozgcp.net

prod.pocket.prod.cloudops.mozgcp.net

IN A

34.120.5.221
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

44.235.236.240

shavar.prod.mozaws.net

IN A

35.167.95.175

shavar.prod.mozaws.net

IN A

35.82.107.169
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.107.243.93
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
GET

https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30

firefox.exe

Remote address:

34.120.5.221:443

Request

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30 HTTP/2.0
host: getpocket.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
if-none-match: W/"5a64-h34UJnGeGzmKdOPmmZmkpouUUuE"
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.pocket.prod.cloudops.mozgcp.net

IN A

Response

prod.pocket.prod.cloudops.mozgcp.net

IN A

34.120.5.221
GET

https://push.services.mozilla.com/

firefox.exe

Remote address:

34.107.243.93:443

Request

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aGDdCOJzsV57yv7yNMC7Xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

Response

HTTP/1.1 101 Switching Protocols

connection: upgrade
sec-websocket-accept: z59kF5w83CC3OkoGg895jTQG8mk=
upgrade: websocket
date: Sun, 05 Nov 2023 21:47:59 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

Response

prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:524c::
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

35.167.95.175

shavar.prod.mozaws.net

IN A

35.82.107.169

shavar.prod.mozaws.net

IN A

44.235.236.240
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN A

Response

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

93.243.107.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

93.243.107.34.in-addr.arpa

IN PTR

Response

93.243.107.34.in-addr.arpa

IN PTR

9324310734bcgoogleusercontentcom
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN AAAA

Response
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
if-modified-since: Fri, 25 Mar 2022 17:45:46 GMT
if-none-match: "1648230346554"
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1693416467312

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1693416467312 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221699196235597%22

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json

Request

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221699196235597%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1699142465580

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json

Request

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1699142465580 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1699046525260&_since=%221689971565076%22

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 21:44:17 GMT
age: 286
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json

Request

GET /v1/buckets/main/collections/cfr/changeset?_expected=1699046525260&_since=%221689971565076%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 2147
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sun, 05 Nov 2023 20:56:09 GMT
age: 3174
last-modified: Mon, 30 Oct 2023 00:00:04 GMT
content-type: application/json
last-modified: Sun, 05 Nov 2023 14:57:15 GMT
content-type: application/json

Request

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1683667257606

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1683667257606 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1695659360044&_since=%221661199949574%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/search-config/changeset?_expected=1695659360044&_since=%221661199949574%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/url-classifier-skip-urls?_expected=1606870304609

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/url-classifier-skip-urls?_expected=1606870304609 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-telemetry-v2/changeset?_expected=1698666532326&_since=%221661199890666%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/search-telemetry-v2/changeset?_expected=1698666532326&_since=%221661199890666%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/devtools-compatibility-browsers/changeset?_expected=1698661473899&_since=%221662648201700%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/devtools-compatibility-browsers/changeset?_expected=1698661473899&_since=%221662648201700%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/addons-manager-settings/changeset?_expected=1688747728721

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/addons-manager-settings/changeset?_expected=1688747728721 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/sites-classification?_expected=1544035467383

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/sites-classification?_expected=1544035467383 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/anti-tracking-url-decoration?_expected=1564511755134

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/anti-tracking-url-decoration?_expected=1564511755134 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/public-suffix-list/changeset?_expected=1575468539758

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/public-suffix-list/changeset?_expected=1575468539758 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-default-override-allowlist?_expected=1595254618540

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/search-default-override-allowlist?_expected=1595254618540 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/pioneer-study-addons-v1/changeset?_expected=1607042143590

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/pioneer-study-addons-v1/changeset?_expected=1607042143590 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/top-sites?_expected=1647020600359

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/top-sites?_expected=1647020600359 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-providers/changeset?_expected=1647549722107&_since=%221621943542621%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/doh-providers/changeset?_expected=1647549722107&_since=%221621943542621%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-config/changeset?_expected=1651753780606&_since=%221621943462970%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/doh-config/changeset?_expected=1651753780606&_since=%221621943462970%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/devtools-devices?_expected=1653469171354

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/devtools-devices?_expected=1653469171354 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends?_expected=1659924446436

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/websites-with-shared-credential-backends?_expected=1659924446436 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/cert-revocations/changeset?_expected=1699196235597

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/security-state/collections/cert-revocations/changeset?_expected=1699196235597 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/intermediates/changeset?_expected=1698379023347&_since=%221664891823141%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/security-state/collections/intermediates/changeset?_expected=1698379023347&_since=%221664891823141%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/onecrl/changeset?_expected=1695656154676&_since=%221658781354245%22

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/security-state/collections/onecrl/changeset?_expected=1695656154676&_since=%221658781354245%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/ HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox.settings.services.mozilla.com/v1/

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/ HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

240.236.235.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.236.235.44.in-addr.arpa

IN PTR

Response

240.236.235.44.in-addr.arpa

IN PTR

ec2-44-235-236-240 us-west-2compute amazonawscom
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

89.254.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.254.221.88.in-addr.arpa

IN PTR

Response

89.254.221.88.in-addr.arpa

IN PTR

a88-221-254-89deploystaticakamaitechnologiescom
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301329_158N7EC87NQCHAYN7&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301329_158N7EC87NQCHAYN7&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 800951
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DE4C2CD7D7449329DB5D328FAFC4F3E Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:11Z
date: Sun, 05 Nov 2023 21:48:10 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301714_1EPLZW0KO7U2RACHB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301714_1EPLZW0KO7U2RACHB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 697131
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7A25DBAE40C4991A0EDA5AF82D1C605 Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:11Z
date: Sun, 05 Nov 2023 21:48:10 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301024_1S39Y613MNXDQQG0C&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301024_1S39Y613MNXDQQG0C&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 558814
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A08ADF692D4F467B9FE42093EC71C6E9 Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:11Z
date: Sun, 05 Nov 2023 21:48:10 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301305_1RDDROWSHG0C525AI&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301305_1RDDROWSHG0C525AI&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 692302
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 016499BC37A749EEB50A6EC9FD5D4C93 Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:11Z
date: Sun, 05 Nov 2023 21:48:10 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301738_1X6L2VINPQJNWJA05&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301738_1X6L2VINPQJNWJA05&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 940027
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 996E686917BA4A0E8D3DE2C0C33F7878 Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:11Z
date: Sun, 05 Nov 2023 21:48:10 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239317301457_1V7ZJVRAXG9TQ5156&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239317301457_1V7ZJVRAXG9TQ5156&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 577907
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E029899BA4F4ECDA96444B11CF40D30 Ref B: BRU30EDGE0810 Ref C: 2023-11-05T21:48:12Z
date: Sun, 05 Nov 2023 21:48:11 GMT
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

48.101.122.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.101.122.92.in-addr.arpa

IN PTR

Response

48.101.122.92.in-addr.arpa

IN PTR

a92-122-101-48deploystaticakamaitechnologiescom
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN A

Response

pastbin.com

IN A

72.14.178.174

pastbin.com

IN A

45.33.20.235

pastbin.com

IN A

45.33.2.79

pastbin.com

IN A

96.126.123.244

pastbin.com

IN A

45.56.79.23

pastbin.com

IN A

45.79.19.196

pastbin.com

IN A

45.33.30.197

pastbin.com

IN A

72.14.185.43

pastbin.com

IN A

45.33.18.44

pastbin.com

IN A

198.58.118.167

pastbin.com

IN A

45.33.23.183

pastbin.com

IN A

173.255.194.134
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN A

Response

pastbin.com

IN A

45.33.20.235

pastbin.com

IN A

45.79.19.196

pastbin.com

IN A

72.14.185.43

pastbin.com

IN A

45.33.23.183

pastbin.com

IN A

173.255.194.134

pastbin.com

IN A

198.58.118.167

pastbin.com

IN A

45.56.79.23

pastbin.com

IN A

45.33.2.79

pastbin.com

IN A

72.14.178.174

pastbin.com

IN A

45.33.30.197

pastbin.com

IN A

96.126.123.244

pastbin.com

IN A

45.33.18.44
GET

http://pastbin.com/9xQGK8pB

firefox.exe

Remote address:

72.14.178.174:80

Request

GET /9xQGK8pB HTTP/1.1
Host: pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Sun, 05 Nov 2023 21:49:02 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN A

Response

pastbin.com

IN A

72.14.185.43

pastbin.com

IN A

198.58.118.167

pastbin.com

IN A

96.126.123.244

pastbin.com

IN A

45.79.19.196

pastbin.com

IN A

173.255.194.134

pastbin.com

IN A

45.33.2.79

pastbin.com

IN A

45.33.23.183

pastbin.com

IN A

45.33.20.235

pastbin.com

IN A

45.33.30.197

pastbin.com

IN A

45.56.79.23

pastbin.com

IN A

45.33.18.44

pastbin.com

IN A

72.14.178.174
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN A

Response

pastbin.com

IN A

72.14.185.43

pastbin.com

IN A

198.58.118.167

pastbin.com

IN A

96.126.123.244

pastbin.com

IN A

45.79.19.196

pastbin.com

IN A

173.255.194.134

pastbin.com

IN A

45.33.2.79

pastbin.com

IN A

45.33.23.183

pastbin.com

IN A

45.33.20.235

pastbin.com

IN A

45.33.30.197

pastbin.com

IN A

45.56.79.23

pastbin.com

IN A

45.33.18.44

pastbin.com

IN A

72.14.178.174
GET

http://pastbin.com/favicon.ico

firefox.exe

Remote address:

72.14.178.174:80

Request

GET /favicon.ico HTTP/1.1
Host: pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pastbin.com/9xQGK8pB

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Sun, 05 Nov 2023 21:49:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN AAAA

Response
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN AAAA

Response
GET

http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699220942.0034556781&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

firefox.exe

Remote address:

72.14.178.174:80

Request

GET /9xQGK8pB?gp=1&js=1&uuid=1699220942.0034556781&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0= HTTP/1.1
Host: pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pastbin.com/9xQGK8pB
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 302 Found

server: openresty/1.13.6.1
date: Sun, 05 Nov 2023 21:49:02 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJwYXN0YmluLmNvbSIsImh0dHBzOi8vd3d3Ni5wYXN0YmluLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNjk5MjIwOTQyLjAxMzg1NzAwMDAmdXVpZD0xNjk5MjIwOTQyLjAxMzg1NzAwMDAmdGVybT1PbmxpbmUlMjBEb2N1bWVudHMlMjBNYW5hZ2VtZW50JTIwU29mdHdhcmUmdGVybT1UZXh0JTIwRGF0YSUyME9ubGluZSUyMFN0b3JhZ2UmdGVybT1DaGFuZ2UlMjBNYW5hZ2VtZW50JnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIzLTExLTA1IDIxOjQ5OjAyIiwxLCIxNjk5MjIwOTQyLjAxMzg1NzAwMDAiLDE5OSxudWxsLG51bGxd:1qzkzO:o70VxDEyvhBsnGjpn280c8u8wig; expires=Sun, 05-Nov-2023 22:49:02 GMT; Max-Age=3600; Path=/
connection: close
DNS

www6.pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www6.pastbin.com

IN A

Response

www6.pastbin.com

IN CNAME

www10.smartname.com

www10.smartname.com

IN A

3.33.243.145

www10.smartname.com

IN A

15.197.204.56
DNS

www6.pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www6.pastbin.com

IN A

Response

www6.pastbin.com

IN CNAME

www10.smartname.com

www10.smartname.com

IN A

15.197.204.56

www10.smartname.com

IN A

3.33.243.145
GET

https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:49:03 GMT
Content-Type: text/html
Content-Length: 1177
Last-Modified: Wed, 11 Oct 2023 21:17:57 GMT
Connection: keep-alive
ETag: "65271105-499"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_i2C+80ySpyVs3pYhLQeHAHAvyp+qUK5sF7bWuM7U6rov/MY2uqVNU+Se8wIQ0vkLiEkuwrs5YX2bwhjrInM2Kg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=10.116.88.77;Path=/;Max-Age=86400;
Set-Cookie: country=;Path=/;Max-Age=86400;
Set-Cookie: city="";Path=/;Max-Age=86400;
Set-Cookie: expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
GET

https://www6.pastbin.com/px.js?ch=1&abp=1

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /px.js?ch=1&abp=1 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
Cookie: caf_ipaddr=10.116.88.77; country=; city=""; expiry_partner=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:49:03 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Wed, 11 Oct 2023 21:17:58 GMT
Connection: keep-alive
ETag: "65271106-1dc"
Accept-Ranges: bytes
DNS

www10.smartname.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www10.smartname.com

IN A

Response

www10.smartname.com

IN A

15.197.204.56

www10.smartname.com

IN A

3.33.243.145
DNS

www10.smartname.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www10.smartname.com

IN AAAA

Response
DNS

174.178.14.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.178.14.72.in-addr.arpa

IN PTR

Response

174.178.14.72.in-addr.arpa

IN PTR

li40-174memberslinodecom
GET

https://www6.pastbin.com/px.js?ch=2&abp=1

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /px.js?ch=2&abp=1 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
Cookie: caf_ipaddr=10.116.88.77; country=; city=""; expiry_partner=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:49:03 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Wed, 11 Oct 2023 21:17:58 GMT
Connection: keep-alive
ETag: "65271106-1dc"
Accept-Ranges: bytes
DNS

img1.wsimg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

img1.wsimg.com

IN A

Response

img1.wsimg.com

IN CNAME

global-wildcard.wsimg.com.sni-only.edgekey.net

global-wildcard.wsimg.com.sni-only.edgekey.net

IN CNAME

e40258.g.akamaiedge.net

e40258.g.akamaiedge.net

IN A

23.62.100.179

e40258.g.akamaiedge.net

IN A

23.62.100.131
GET

https://img1.wsimg.com/parking-lander/static/js/main.32a72d74.js

firefox.exe

Remote address:

23.62.100.179:443

Request

GET /parking-lander/static/js/main.32a72d74.js HTTP/2.0
host: img1.wsimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www6.pastbin.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: yjZtlRlf+7j2xqa7RY+9xh0QnnpXyAC8EIJjb74+A1QaIRpz8/5U5b9xXtlzfMfehJYfv/KmzNk=
x-amz-request-id: BXXCRP4D7S61V121
last-modified: Wed, 11 Oct 2023 21:15:22 GMT
etag: "256e5c3738a4cf63368a60d2b8cf917e"
x-amz-server-side-encryption: AES256
x-amz-version-id: 89i32sZIro9NM.9yE26llqD2LxWoJ9JV
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 04 Nov 2024 21:49:03 GMT
date: Sun, 05 Nov 2023 21:49:03 GMT
content-length: 202232
timing-allow-origin: *
access-control-allow-origin: *
GET

https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

firefox.exe

Remote address:

23.62.100.179:443

Request

GET /parking-lander/static/css/main.b706c083.css HTTP/2.0
host: img1.wsimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www6.pastbin.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 1P32Fzo5aCEX8KZ4vPKHyhysqxLP9Xx7CWvgj5qnGwBKiM1Oyy5eL3K5PV1L6tSCaIB6B1rj+18dirTwv117ww==
x-amz-request-id: BXXB17205CVT20WE
last-modified: Wed, 11 Oct 2023 21:15:28 GMT
etag: "b370238e18d0f075f1527034e55ae938"
x-amz-server-side-encryption: AES256
x-amz-version-id: bOdoCQX056dtcHo25CQRQCautfa1Po3E
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 04 Nov 2024 21:49:03 GMT
date: Sun, 05 Nov 2023 21:49:03 GMT
content-length: 193
timing-allow-origin: *
access-control-allow-origin: *
DNS

e40258.g.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e40258.g.akamaiedge.net

IN A

Response

e40258.g.akamaiedge.net

IN A

23.62.100.179

e40258.g.akamaiedge.net

IN A

23.62.100.131
DNS

e40258.g.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e40258.g.akamaiedge.net

IN AAAA

Response
DNS

145.243.33.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.243.33.3.in-addr.arpa

IN PTR

Response

145.243.33.3.in-addr.arpa

IN PTR

a3edc0dabdef92d6dawsglobalacceleratorcom
DNS

196.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.168.217.172.in-addr.arpa

IN PTR

Response

196.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f41e100net
DNS

179.100.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

179.100.62.23.in-addr.arpa

IN PTR

Response

179.100.62.23.in-addr.arpa

IN PTR

a23-62-100-179deploystaticakamaitechnologiescom
DNS

api.aws.parking.godaddy.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.aws.parking.godaddy.com

IN A

Response

api.aws.parking.godaddy.com

IN CNAME

gddomainparking.com

gddomainparking.com

IN A

18.232.248.97

gddomainparking.com

IN A

3.91.4.33
DNS

gddomainparking.com

firefox.exe

Remote address:

8.8.8.8:53

Request

gddomainparking.com

IN A

Response

gddomainparking.com

IN A

18.232.248.97

gddomainparking.com

IN A

3.91.4.33
DNS

gddomainparking.com

firefox.exe

Remote address:

8.8.8.8:53

Request

gddomainparking.com

IN AAAA

Response
DNS

partner.googleadservices.com

firefox.exe

Remote address:

8.8.8.8:53

Request

partner.googleadservices.com

IN A

Response

partner.googleadservices.com

IN CNAME

partner46.googleadservices.com

partner46.googleadservices.com

IN A

142.251.36.2
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=www6.pastbin.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie

firefox.exe

Remote address:

142.251.36.2:443

Request

GET /gampad/cookie.js?domain=www6.pastbin.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/2.0
host: partner.googleadservices.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www6.pastbin.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

partner46.googleadservices.com

firefox.exe

Remote address:

8.8.8.8:53

Request

partner46.googleadservices.com

IN A

Response

partner46.googleadservices.com

IN A

142.251.36.2
DNS

106.132.217.172.in-addr.arpa

firefox.exe

Remote address:

8.8.8.8:53

Request

106.132.217.172.in-addr.arpa

IN PTR

Response

106.132.217.172.in-addr.arpa

IN PTR

ams15s39-in-f101e100net
DNS

97.248.232.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.248.232.18.in-addr.arpa

IN PTR

Response

97.248.232.18.in-addr.arpa

IN PTR

ec2-18-232-248-97 compute-1 amazonawscom
DNS

2.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.36.251.142.in-addr.arpa

IN PTR

Response

2.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f21e100net
DNS

partner46.googleadservices.com

firefox.exe

Remote address:

8.8.8.8:53

Request

partner46.googleadservices.com

IN AAAA

Response

partner46.googleadservices.com

IN AAAA

2a00:1450:400e:80f::2002
DNS

afs.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

afs.googleusercontent.com

IN A

Response

afs.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.251.36.1
GET

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

firefox.exe

Remote address:

142.251.36.1:443

Request

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/2.0
host: afs.googleusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

firefox.exe

Remote address:

142.251.36.1:443

Request

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/2.0
host: afs.googleusercontent.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.google.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

googlehosted.l.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

googlehosted.l.googleusercontent.com

IN A

Response

googlehosted.l.googleusercontent.com

IN A

142.251.36.1
DNS

googlehosted.l.googleusercontent.com

firefox.exe

Remote address:

8.8.8.8:53

Request

googlehosted.l.googleusercontent.com

IN AAAA

Response

googlehosted.l.googleusercontent.com

IN AAAA

2a00:1450:400e:80f::2001
DNS

postback.trafficmotor.com

firefox.exe

Remote address:

8.8.8.8:53

Request

postback.trafficmotor.com

IN A

Response

postback.trafficmotor.com

IN A

45.79.38.145
DNS

postback.trafficmotor.com

firefox.exe

Remote address:

8.8.8.8:53

Request

postback.trafficmotor.com

IN A

Response

postback.trafficmotor.com

IN A

45.79.38.145
DNS

postback.trafficmotor.com

firefox.exe

Remote address:

8.8.8.8:53

Request

postback.trafficmotor.com

IN AAAA

Response
DNS

1.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.36.251.142.in-addr.arpa

IN PTR

Response

1.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f11e100net
DNS

145.38.79.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.38.79.45.in-addr.arpa

IN PTR

Response

145.38.79.45.in-addr.arpa

IN PTR

li1137-145memberslinodecom
DNS

89.16.208.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.16.208.104.in-addr.arpa

IN PTR

Response
DNS

aus5.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

aus5.mozilla.org

IN A

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

2.18.121.79

a19.dscg10.akamai.net

IN A

2.18.121.73
GET

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

firefox.exe

Remote address:

2.18.121.79:80

Request

GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 07 Jun 2023 18:17:04 GMT
ETag: 85430baed3398695717b0263807cf97c
X-Trans-Id: tx231cb65c47de4879bf282-0064aac920dfw1
Content-Length: 453023
Accept-Ranges: bytes
X-Timestamp: 1686161823.28027
Content-Type: application/zip
Cache-Control: public, max-age=141141
Expires: Tue, 07 Nov 2023 13:02:49 GMT
Date: Sun, 05 Nov 2023 21:50:28 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

2.18.121.79

a19.dscg10.akamai.net

IN A

2.18.121.73
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

2.18.121.79

a19.dscg10.akamai.net

IN A

2.18.121.73
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:1180:4::212:794f

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:1180:4::212:7949
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

216.58.208.110
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

216.58.208.110
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

216.58.208.110
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:400e:80e::200e
DNS

r5---sn-5hne6nsy.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5---sn-5hne6nsy.gvt1.com

IN A

Response

r5---sn-5hne6nsy.gvt1.com

IN CNAME

r5.sn-5hne6nsy.gvt1.com

r5.sn-5hne6nsy.gvt1.com

IN A

172.217.132.106
DNS

r5.sn-5hne6nsy.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-5hne6nsy.gvt1.com

IN A

Response

r5.sn-5hne6nsy.gvt1.com

IN A

172.217.132.106
DNS

r5.sn-5hne6nsy.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-5hne6nsy.gvt1.com

IN AAAA

Response

r5.sn-5hne6nsy.gvt1.com

IN AAAA

2a00:1450:400e:7::a
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR

Response

201.181.244.35.in-addr.arpa

IN PTR

20118124435bcgoogleusercontentcom
DNS

79.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.121.18.2.in-addr.arpa

IN PTR

Response

79.121.18.2.in-addr.arpa

IN PTR

a2-18-121-79deploystaticakamaitechnologiescom
DNS

110.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.208.58.216.in-addr.arpa

IN PTR

Response

110.208.58.216.in-addr.arpa

IN PTR

ams17s08-in-f141e100net

110.208.58.216.in-addr.arpa

IN PTR

sof01s11-in-f110�I
DNS

firefox-settings-attachments.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN A

Response

firefox-settings-attachments.cdn.mozilla.net

IN CNAME

attachments.prod.remote-settings.prod.webservices.mozgcp.net

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.117.121.53
DNS

attachments.prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.117.121.53
DNS

attachments.prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

53.121.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

53.121.117.34.in-addr.arpa

IN PTR

Response

53.121.117.34.in-addr.arpa

IN PTR

5312111734bcgoogleusercontentcom
DNS

pastebin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastebin.com

IN A

Response

pastebin.com

IN A

104.20.67.143

pastebin.com

IN A

172.67.34.170

pastebin.com

IN A

104.20.68.143
GET

http://pastebin.com/9xQGK8pB

firefox.exe

Remote address:

104.20.67.143:80

Request

GET /9xQGK8pB HTTP/1.1
Host: pastebin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 05 Nov 2023 21:50:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Nov 2023 22:50:58 GMT
Location: https://pastebin.com/9xQGK8pB
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 821850c00fb46610-AMS
DNS

pastebin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastebin.com

IN A

Response

pastebin.com

IN A

172.67.34.170

pastebin.com

IN A

104.20.68.143

pastebin.com

IN A

104.20.67.143
DNS

pastebin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastebin.com

IN AAAA

Response

pastebin.com

IN AAAA

2606:4700:10::6814:448f

pastebin.com

IN AAAA

2606:4700:10::ac43:22aa

pastebin.com

IN AAAA

2606:4700:10::6814:438f
GET

https://pastebin.com/9xQGK8pB

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /9xQGK8pB HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:58 GMT
content-type: text/html; charset=UTF-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
set-cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D; path=/; HttpOnly
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821850c08d9b0e86-AMS
GET

https://pastebin.com/assets/c80611c4/css/bootstrap.min.css

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/c80611c4/css/bootstrap.min.css HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 15:55:38 GMT
etag: W/"5c643dfa-1da71"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c46b8c0e86-AMS
GET

https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/72fc434d/dist/bootstrap-tagsinput.css HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: text/css
last-modified: Sun, 27 Jul 2014 12:27:42 GMT
etag: W/"53d4f03e-431"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5761
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c48bcc0e86-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-3f2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5761
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c48be00e86-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-210f9"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 36
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c49bf40e86-AMS
GET

https://pastebin.com/themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-2c2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2937
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4abff0e86-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/img/guest.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/guest.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/png
content-length: 1152
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-480"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 571
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4ac130e86-AMS
GET

https://pastebin.com/themes/pastebin/img/hello.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/hello.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/webp
content-length: 2566
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-a06"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2112
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4ac200e86-AMS
GET

https://pastebin.com/assets/9ce1885/jquery.min.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/9ce1885/jquery.min.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 22:50:46 GMT
etag: W/"5eb09c46-15d84"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 944
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4cc4d0e86-AMS
GET

https://pastebin.com/assets/f04f76b8/yii.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/f04f76b8/yii.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 Jul 2020 21:45:32 GMT
etag: W/"5f04ecfc-51c6"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5792
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4fc7c0e86-AMS
GET

https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/72fc434d/dist/bootstrap-tagsinput.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 27 Jul 2014 12:27:42 GMT
etag: W/"53d4f03e-4ae1"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5761
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c4fc8a0e86-AMS
GET

https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-35083"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1369
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c50c9e0e86-AMS
GET

https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-9325"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5761
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c55d000e86-AMS
GET

https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/webp
content-length: 9642
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-25aa"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3131
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c64e700e86-AMS
GET

https://pastebin.com/themes/pastebin/sprite/spritesheet.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/sprite/spritesheet.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/webp
content-length: 47064
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-b7d8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5761
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c65e800e86-AMS
GET

https://pastebin.com/themes/pastebin/img/info.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/info.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/png
content-length: 1676
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-68c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6681
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c65e8d0e86-AMS
GET

https://pastebin.com/themes/pastebin/img/linebg.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/linebg.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/png
content-length: 375
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-177"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6890
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c67eb90e86-AMS
GET

https://pastebin.com/themes/pastebin/img/close_promo.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/close_promo.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/png
content-length: 1428
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-594"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3131
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c6aefa0e86-AMS
GET

https://pastebin.com/favicon.ico

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /favicon.ico HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
cookie: _ga_S72LBY47R8=GS1.1.1699221058.1.0.1699221058.0.0.0
cookie: _ga=GA1.1.1800863474.1699221058
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:50:59 GMT
content-type: image/x-icon
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-13e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1531
vary: Accept-Encoding
server: cloudflare
cf-ray: 821850c829440e86-AMS
content-encoding: gzip
POST

https://pastebin.com/site/check-last-posts?k=0&d=0

firefox.exe

Remote address:

104.20.67.143:443

Request

POST /site/check-last-posts?k=0&d=0 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
x-csrf-token: BBaUFvpOQAPwlgRnYsyl_76Cqpft0Ya9LotP9ZlVyndQQvZMuDknWpinVTUsq5WT3br9pJ-e5NFN_QzDwS2NIQ==
x-requested-with: XMLHttpRequest
origin: https://pastebin.com
referer: https://pastebin.com/9xQGK8pB
cookie: _csrf-frontend=c80f3466d474217192393cbe1ef998330ce32caa8c7fe5ea94a2014bc5333b68a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22TTbZBwgYh1QRNg0lc8W3rOblcvC6XxGV%22%3B%7D
cookie: _ga_S72LBY47R8=GS1.1.1699221058.1.0.1699221058.0.0.0
cookie: _ga=GA1.1.1800863474.1699221058
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
content-length: 0
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:51:00 GMT
content-type: application/json; charset=UTF-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821850cabdad0e86-AMS
DNS

143.67.20.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

143.67.20.104.in-addr.arpa

IN PTR

Response
DNS

8.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.36.251.142.in-addr.arpa

IN PTR

Response

8.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f81e100net
DNS

206.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.217.172.in-addr.arpa

IN PTR

Response

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f141e100net

206.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f14�I

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f206�I
DNS

adfoc.us

firefox.exe

Remote address:

8.8.8.8:53

Request

adfoc.us

IN A

Response

adfoc.us

IN A

104.26.7.10

adfoc.us

IN A

172.67.74.85

adfoc.us

IN A

104.26.6.10
GET

https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2. HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 302

date: Sun, 05 Nov 2023 21:52:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0; expires=Tue, 05-Dec-2023 21:52:24 GMT; Max-Age=2592000; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /serve/?id=27122897845572
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fov%2BmxnpR4pkRL2YadS0oJSg7OWE3a8h2gMMMI08EaKMiil2kpM2lkjKjzM0sgeO04e0n89N78AT2FoNZ2o1aRNZfWWateIA0%2B3clDLmmKZj7TwzBj3n5YxA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821852d86a460b44-AMS
GET

https://adfoc.us/serve/?id=27122897845572

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /serve/?id=27122897845572 HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:24 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBLU7L6VwS60PvgrX3%2FTg7JGO7LNnVezSGr6EiTOVtg81HEURefxTrRBqJzc3lNd2sQBbBtc%2F%2BVrEzpflq9DgZ9G7Nnd2%2BNkl2QrM1YO04RYFl9FKKVG0CV3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821852d8aab60b44-AMS
content-encoding: br
GET

https://adfoc.us/uploads/users/c869a040_eaf6b9f4_skip.jpg

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /uploads/users/c869a040_eaf6b9f4_skip.jpg HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/serve/?id=27122897845572
cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:24 GMT
content-type: image/jpeg
content-length: 5405
cf-bgj: h2pri
etag: "620d5733-151d"
last-modified: Wed, 16 Feb 2022 19:57:39 GMT
strict-transport-security: max-age=0;
cache-control: max-age=3600
cf-cache-status: HIT
age: 3288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDh%2F1LjuUOAPpe1JTuL95X1qWZ2OwbHjkITNMVOx4%2Fi0LudNQ0kbZ5D8W6qoKbK3RpwxDuVUD%2FFCMyRfeInfnUZdi1dqrewP3nZ6mw6aIIa%2Bym05kDD%2FWVmt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821852d9bc640b44-AMS
GET

https://adfoc.us/js/interstitial.js

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /js/interstitial.js HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/serve/?id=27122897845572
cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:24 GMT
content-type: application/javascript
last-modified: Fri, 20 Mar 2020 18:50:40 GMT
etag: W/"5e751080-100e"
strict-transport-security: max-age=0;
cache-control: max-age=3600
cf-cache-status: HIT
age: 3885
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8Cnf0jTx%2FyF8dMYs9q3qFnUFtErg%2BrKYyENp9Yu8ED2y8IFB253hqAz7W%2BCfkcAHmWu9w%2FN21324gx62ZA%2BPYGM8xdHvH0EizTwGbxm9kLNcs0VhTz6eF8O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821852d9cc7d0b44-AMS
content-encoding: br
POST

https://adfoc.us/serve/credit

firefox.exe

Remote address:

104.26.7.10:443

Request

POST /serve/credit HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded; charset=UTF-8
x-requested-with: XMLHttpRequest
content-length: 24
origin: https://adfoc.us
referer: https://adfoc.us/serve/?id=27122897845572
cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:24 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY0qVef4A%2FGM9mlX5fAYu0FPAJAOXiN8Z7orxC5zl7tlUTQOHDnwYlaUzf7EGgdY5FsxKUiYyCKL1QfJnklcWHBh5Iz3Ij42aUTmSVr1rboa14xHBJpaqn3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821852dbefd00b44-AMS
content-encoding: br
GET

https://adfoc.us/favicon.ico

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /favicon.ico HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/serve/?id=27122897845572
cookie: phpsessionname=c93soe5ultr95nf17c1tfupqn0
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:25 GMT
content-type: image/x-icon
last-modified: Mon, 18 Jun 2018 22:54:46 GMT
etag: W/"5b283836-3aee"
strict-transport-security: max-age=0;
cache-control: max-age=3600
cf-cache-status: HIT
age: 2170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYfCYrAZX1TKMHs3bRosnNUmFPrAWkgsFF7E%2FuGiklmeHDFbTI%2BQJl9Ote4KZ9rbaw2zlNWUWZGJycWZ4U9W92PZZ%2FA7XsQZGDk6bqXdvjS4xveAZAVbZNRz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821852dc487a0b44-AMS
content-encoding: br
DNS

adfoc.us

firefox.exe

Remote address:

8.8.8.8:53

Request

adfoc.us

IN A

Response

adfoc.us

IN A

104.26.7.10

adfoc.us

IN A

104.26.6.10

adfoc.us

IN A

172.67.74.85
DNS

adfoc.us

firefox.exe

Remote address:

8.8.8.8:53

Request

adfoc.us

IN AAAA

Response

adfoc.us

IN AAAA

2606:4700:20::681a:70a

adfoc.us

IN AAAA

2606:4700:20::681a:60a

adfoc.us

IN AAAA

2606:4700:20::ac43:4a55
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.202
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

172.217.168.202
DNS

files.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

files.minecraftforge.net

IN A

Response

files.minecraftforge.net

IN A

51.79.83.165
DNS

i.imgur.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.148.193
GET

https://files.minecraftforge.net/static/images/logo.svg

firefox.exe

Remote address:

51.79.83.165:443

Request

GET /static/images/logo.svg HTTP/2.0
host: files.minecraftforge.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-encoding: gzip
content-type: image/svg+xml
date: Sun, 05 Nov 2023 21:52:24 GMT
etag: W/"64ee21df-c97"
last-modified: Tue, 29 Aug 2023 16:50:39 GMT
server: nginx/1.19.10
vary: Accept-Encoding
DNS

ipv4.imgur.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4.imgur.map.fastly.net

IN A

Response

ipv4.imgur.map.fastly.net

IN A

199.232.148.193
DNS

files.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

files.minecraftforge.net

IN A

Response

files.minecraftforge.net

IN A

51.79.83.165
DNS

files.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

files.minecraftforge.net

IN A

Response

files.minecraftforge.net

IN A

51.79.83.165
DNS

10.7.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.7.26.104.in-addr.arpa

IN PTR

Response
DNS

10.7.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.7.26.104.in-addr.arpa

IN PTR

Response
DNS

ipv4.imgur.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4.imgur.map.fastly.net

IN AAAA

Response
DNS

ipv4.imgur.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4.imgur.map.fastly.net

IN AAAA

Response
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

firefox.exe

Remote address:

142.250.179.202:443

Request

GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.202
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN AAAA

Response

ajax.googleapis.com

IN AAAA

2a00:1450:400e:80f::200a
DNS

files.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

files.minecraftforge.net

IN AAAA

Response

files.minecraftforge.net

IN AAAA

2607:5300:203:65a5::
DNS

click.bounceads.net

firefox.exe

Remote address:

8.8.8.8:53

Request

click.bounceads.net

IN A

Response

click.bounceads.net

IN A

104.18.35.189

click.bounceads.net

IN A

172.64.152.67
GET

https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

firefox.exe

Remote address:

104.18.35.189:443

Request

GET /click.php?ID=adfcs1&sub=adfcs1&subid=271228 HTTP/2.0
host: click.bounceads.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

date: Sun, 05 Nov 2023 21:52:25 GMT
content-type: text/html; charset=UTF-8
location: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821852db68625c48-AMS
DNS

click.bounceads.net

firefox.exe

Remote address:

8.8.8.8:53

Request

click.bounceads.net

IN A

Response

click.bounceads.net

IN A

172.64.152.67

click.bounceads.net

IN A

104.18.35.189
DNS

click.bounceads.net

firefox.exe

Remote address:

8.8.8.8:53

Request

click.bounceads.net

IN AAAA

Response
DNS

fireplayersoftware.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fireplayersoftware.com

IN A

Response

fireplayersoftware.com

IN A

104.21.15.179

fireplayersoftware.com

IN A

172.67.163.153
GET

https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228 HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:25 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hI3EU8xKCzzxl4EmXy2Sle4geIYmpvCmMBCGXhyCWvr%2FeOTVI7Nuen2yASqKo%2BQHhdwRYKdFMeF6iYiIO%2FYLHru1ZDyHl%2BNge749ZanFZuYA8IhbGS8iDk9TwUwVN3tJeyLNSOdbt5E5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821852dd488e0be9-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

fireplayersoftware.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fireplayersoftware.com

IN A

Response

fireplayersoftware.com

IN A

104.21.15.179

fireplayersoftware.com

IN A

172.67.163.153
DNS

fireplayersoftware.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fireplayersoftware.com

IN AAAA

Response

fireplayersoftware.com

IN AAAA

2606:4700:3035::ac43:a399

fireplayersoftware.com

IN AAAA

2606:4700:3036::6815:fb3
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

172.217.168.226
GET

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

firefox.exe

Remote address:

172.217.168.226:443

Request

GET /pagead/html/r20231101/r20190131/zrt_lookup.html HTTP/2.0
host: googleads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

172.217.23.194
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN AAAA

Response

googleads.g.doubleclick.net

IN AAAA

2a00:1450:400e:811::2002
DNS

193.148.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.148.232.199.in-addr.arpa

IN PTR

Response
DNS

193.148.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.148.232.199.in-addr.arpa

IN PTR

Response
DNS

165.83.79.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

165.83.79.51.in-addr.arpa

IN PTR

Response

165.83.79.51.in-addr.arpa

IN PTR

filesminecraftforgenet
DNS

189.35.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.35.18.104.in-addr.arpa

IN PTR

Response
DNS

194.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.179.250.142.in-addr.arpa

IN PTR

Response

194.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f21e100net
DNS

179.15.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

179.15.21.104.in-addr.arpa

IN PTR

Response
DNS

226.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.168.217.172.in-addr.arpa

IN PTR

Response

226.168.217.172.in-addr.arpa

IN PTR

ams15s40-in-f21e100net
DNS

202.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.179.250.142.in-addr.arpa

IN PTR

Response

202.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f101e100net
DNS

tagstaticx.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tagstaticx.com

IN A

Response

tagstaticx.com

IN A

172.67.170.35

tagstaticx.com

IN A

104.21.28.10
GET

https://tagstaticx.com/tag.js

firefox.exe

Remote address:

172.67.170.35:443

Request

GET /tag.js HTTP/2.0
host: tagstaticx.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://fireplayersoftware.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:26 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:46 GMT
etag: W/"64f987a2-4a29"
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KenfiSEArooN%2B6ZgpMIZ%2BBLnsjd12wCHUmKIK8nEH4xK%2BPmYlUgZwMD6sOIS2jKaWk7p3KlfTOKZ6BkeemI8ihFLVN%2FCbvqVeLhBppPi20D3zf3mljObp%2B1RkskoBTBXig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821852e5fdaf66d9-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=adfoc.us&callback=_gfp_s_&client=ca-pub-9854779124424507

firefox.exe

Remote address:

142.251.36.2:443

Request

GET /gampad/cookie.js?domain=adfoc.us&callback=_gfp_s_&client=ca-pub-9854779124424507 HTTP/2.0
host: partner.googleadservices.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

tagstaticx.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tagstaticx.com

IN A

Response

tagstaticx.com

IN A

188.114.96.0

tagstaticx.com

IN A

188.114.97.0
DNS

tagstaticx.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tagstaticx.com

IN AAAA

Response

tagstaticx.com

IN AAAA

2a06:98c1:3121::9

tagstaticx.com

IN AAAA

2a06:98c1:3120::9
DNS

tagstaticx.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tagstaticx.com

IN AAAA

Response

tagstaticx.com

IN AAAA

2a06:98c1:3121::

tagstaticx.com

IN AAAA

2a06:98c1:3120::
DNS

35.170.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.170.67.172.in-addr.arpa

IN PTR

Response
DNS

35.170.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.170.67.172.in-addr.arpa

IN PTR

Response
DNS

datatechone.com

firefox.exe

Remote address:

8.8.8.8:53

Request

datatechone.com

IN A

Response

datatechone.com

IN A

139.45.195.253
DNS

datatechone.com

firefox.exe

Remote address:

8.8.8.8:53

Request

datatechone.com

IN A

Response

datatechone.com

IN A

139.45.195.253
DNS

datatechone.com

firefox.exe

Remote address:

8.8.8.8:53

Request

datatechone.com

IN AAAA

Response
DNS

253.195.45.139.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.195.45.139.in-addr.arpa

IN PTR

Response
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.251.36.1
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.251.36.1
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

firefox.exe

Remote address:

142.251.36.1:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

tpc.googlesyndication.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN AAAA

Response

tpc.googlesyndication.com

IN AAAA

2a00:1450:400e:80f::2001
DNS

maven.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

maven.minecraftforge.net

IN A

Response

maven.minecraftforge.net

IN A

51.79.83.165
DNS

maven.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

maven.minecraftforge.net

IN A

Response

maven.minecraftforge.net

IN A

51.79.83.165
GET

https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.

firefox.exe

Remote address:

51.79.83.165:443

Request

GET /net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2. HTTP/2.0
host: maven.minecraftforge.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 404

access-control-allow-credentials: true
access-control-allow-origin: https://adfoc.us/
content-type: text/html;charset=utf-8
date: Sun, 05 Nov 2023 21:52:44 GMT
server: Javalin
content-length: 112
GET

https://maven.minecraftforge.net/favicon.ico

firefox.exe

Remote address:

51.79.83.165:443

Request

GET /favicon.ico HTTP/2.0
host: maven.minecraftforge.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 203

access-control-allow-credentials: true
access-control-allow-origin: https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 05 Nov 2023 21:52:45 GMT
server: Javalin
content-length: 686
DNS

maven.minecraftforge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

maven.minecraftforge.net

IN AAAA

Response

maven.minecraftforge.net

IN AAAA

2607:5300:203:65a5::
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response
GET

https://adfoc.us/serve/?id=27122897845572

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /serve/?id=27122897845572 HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: phpsessionname=mi3p7osa3vdmdbpvhlv989ghl6; expires=Tue, 05-Dec-2023 21:52:59 GMT; Max-Age=2592000; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FqF4s3pNSOPX1wKh%2Fg6HA0Plx%2FuMQBZTfWMDpgqYO4r3V5iujAfFul27xTDAhG2dPnbImXjJo0RZ3dJy9XjIV%2BZetC2jici2kviBFXLuAtcJBcC%2Bs38EDFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821853b31ae3b926-AMS
content-encoding: br
GET

https://adfoc.us/uploads/users/c869a040_eaf6b9f4_skip.jpg

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /uploads/users/c869a040_eaf6b9f4_skip.jpg HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://adfoc.us/serve/?id=27122897845572
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:59 GMT
content-type: image/jpeg
content-length: 5405
cf-bgj: h2pri
etag: "620d5733-151d"
last-modified: Wed, 16 Feb 2022 19:57:39 GMT
strict-transport-security: max-age=0;
cache-control: max-age=3600
cf-cache-status: HIT
age: 6302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sfz0TfedBFKTs5DPkxe1Yg9hHyTxTupDdxBKhbe2VbvBRp4PNiPvPdz3FDZNdClVbqN6gK13xNyHxo%2BQnGiySW%2FGvDcVBFlpwIS3VhaB6p4xlW7wv0MU1UnK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b46c60b926-AMS
GET

https://adfoc.us/js/interstitial.js

firefox.exe

Remote address:

104.26.7.10:443

Request

GET /js/interstitial.js HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://adfoc.us/serve/?id=27122897845572
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:59 GMT
content-type: application/javascript
last-modified: Fri, 20 Mar 2020 18:50:40 GMT
etag: W/"5e751080-100e"
strict-transport-security: max-age=0;
cache-control: max-age=3600
cf-cache-status: HIT
age: 1244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjWMiC0wP6Ya9z96JLfTMepUYYsf9cZpNHwhJAczGFlChS1Seq%2FhNsw5PR7Qpn86bXB%2FZuE5Y3stjcXKlM66VgxQ1mSHWB0iA32APU2iAcE2rv1ts2KMiafm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b47c77b926-AMS
content-encoding: br
POST

https://adfoc.us/serve/credit

firefox.exe

Remote address:

104.26.7.10:443

Request

POST /serve/credit HTTP/2.0
host: adfoc.us
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded; charset=UTF-8
x-requested-with: XMLHttpRequest
content-length: 24
origin: https://adfoc.us
dnt: 1
referer: https://adfoc.us/serve/?id=27122897845572
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:52:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: phpsessionname=f0uleagnq37ncu7et65t3tlp54; expires=Tue, 05-Dec-2023 21:52:59 GMT; Max-Age=2592000; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=0;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GMTdRBkX1bCY60lk8vlWMGFJzNLg5gOgMm9Bz3jsxyApmGFkSUTFw%2B1cFnjdqyhMl4h9cflm%2BU1gUVYBKqPYwYjDJ2wfMHXPE0aytLOJbYozavmOFylhS%2B1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821853b54d2eb926-AMS
content-encoding: br
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

firefox.exe

Remote address:

142.250.179.202:443

Request

GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://adfoc.us/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers
GET

https://files.minecraftforge.net/static/images/logo.svg

firefox.exe

Remote address:

51.79.83.165:443

Request

GET /static/images/logo.svg HTTP/2.0
host: files.minecraftforge.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://adfoc.us/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

content-encoding: gzip
content-type: image/svg+xml
date: Sun, 05 Nov 2023 21:52:59 GMT
etag: W/"64ee21df-c97"
last-modified: Tue, 29 Aug 2023 16:50:39 GMT
server: nginx/1.19.10
vary: Accept-Encoding
DNS

i.imgur.com

firefox.exe

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.148.193
DNS

ipv4.imgur.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4.imgur.map.fastly.net

IN A

Response

ipv4.imgur.map.fastly.net

IN A

199.232.148.193
DNS

ipv4.imgur.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ipv4.imgur.map.fastly.net

IN AAAA

Response
GET

https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

firefox.exe

Remote address:

104.18.35.189:443

Request

GET /click.php?ID=adfcs1&sub=adfcs1&subid=271228 HTTP/2.0
host: click.bounceads.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://adfoc.us/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 302

date: Sun, 05 Nov 2023 21:52:59 GMT
content-type: text/html; charset=UTF-8
location: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821853b4e95965fc-AMS
DNS

click.bounceads.net

firefox.exe

Remote address:

8.8.8.8:53

Request

click.bounceads.net

IN AAAA

Response
GET

https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228 HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://adfoc.us/
dnt: 1
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1nF8G%2FGGPF1BK7Qp%2FUFg8Cx8xiPw5C1oMVNKNtQd3vqo6QfeTjBtgkCCxZH2ALx%2F%2BxeLoNlLUtiD0wfuC61uwIK%2FI9EEy5nY4ig5ipIgBH6aEFYW5YR%2Bg5deRKma7ILDGY%2BiK4xlnBa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 821853b68c690a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/css/bootstrap/css/bootstrap.min.css

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/css/bootstrap/css/bootstrap.min.css HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/css
last-modified: Fri, 27 Feb 2015 16:46:34 GMT
etag: W/"7c0d31-1ccbe-510149c772e80"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A76LS2mXj%2BZw2pdUgUiGawNb7RtHrhkRp4%2B0Fired%2BzmS4HWJR%2BFnU%2BHEO%2BagRhY555KSM%2BjTNRmp7Cfpu5YrC0T3pheXMk3kU34%2FV4M3RdfhrrGZAn4ihsojayw2ixwo3Qqt%2FsAtAfQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b84efc0a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/css/bootstrap/css/bootstrap-theme.min.css

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/css/bootstrap/css/bootstrap-theme.min.css HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/css
last-modified: Fri, 27 Feb 2015 16:46:34 GMT
etag: W/"7c0d2e-5158-510149c772e80"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSkXUf6Ua03J2KSzaQJyTtq08CcEKSDk%2FcVdXj2XCgJzhsE7fmNXHzlzyKj9tpmtz%2BAgJu7%2B1fL3DV3CDQFTYHSHa7sKXJR1dWvSUBGe7f9SHSdIEhP3uQE%2BDTWWsGtaRsifAjz0%2F7ql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b84f000a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/css/style.css

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/css/style.css HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/css
last-modified: Fri, 27 Feb 2015 16:46:35 GMT
etag: W/"7c0d36-2133-510149c8670c0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dHKqjjvwEaV3ZDw%2FZsqaSte7KVITAqg5fgdmZsm7fX9lvN9oA%2BKNssrCG6%2BZmxwYGfZPXww2Z1ITT4ygBUZwN28dCmSRIxrwhBOqcgZ5Z8MaMclyn4Rkvu7WwDgHOjOur2txLH%2Fp0X9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b85f0c0a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/js/jquery-1.11.2.min.js

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/js/jquery-1.11.2.min.js HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/javascript
last-modified: Fri, 27 Feb 2015 16:46:45 GMT
etag: W/"7c0d38-176bb-510149d1f0740"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpwcvIDGe67ykP3Jdu6f2ZAH8HBjR5vXsAbcRP8DjdCT6nig4qjNB4VDpH5OIl5aTQqMbAMdcEpBKGMQI8AhsDTjuRk3mi7PbP4OTGyh37JyTk4tbN4O6naa8abqwbWMx4%2F%2B6DjrjVgn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b85f1c0a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/css/bootstrap/js/bootstrap.min.js

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/css/bootstrap/js/bootstrap.min.js HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: image/png
content-length: 23675
last-modified: Fri, 27 Feb 2015 16:46:44 GMT
etag: "7c0d1b-5c7b-510149d0fc500"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoAobthdkfs39qxsEKwu0HrGTOQhhZThQ45ZFyQFVtYuSmqETSUHGa7kwT06nTwPbJMyrYUQiWHxCehhYA4iLV1V6TnjyfaddQWm%2FV6UwcppO7VGh2rU1vT0M4ljs%2BuEKnHxSRKbWHds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b86f290a54-AMS
alt-svc: h3=":443"; ma=86400
GET

https://fireplayersoftware.com/common/images/logo.png

firefox.exe

Remote address:

104.21.15.179:443

Request

GET /common/images/logo.png HTTP/2.0
host: fireplayersoftware.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: text/javascript
last-modified: Fri, 27 Feb 2015 16:46:35 GMT
etag: W/"7c0d34-8b3e-510149c8670c0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mihx49G1aT7%2FlKKH6WbYnehM1trVAmA%2Fq8cPpcaQG%2FExGsCMQnupigZe1lVmsHNkYEKITEL96TOq3nS9N9Oz1s%2Bvogiln80lyIFlRP6yB4AlFsTFgT52eR5BFWl814JBXrfdRaUVCqbt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853b86f210a54-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://tagstaticx.com/tag.js

firefox.exe

Remote address:

172.67.170.35:443

Request

GET /tag.js HTTP/2.0
host: tagstaticx.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://fireplayersoftware.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:00 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:46 GMT
etag: W/"64f987a2-4a29"
cache-control: max-age=1800
cf-cache-status: HIT
age: 34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjXrxLsai4byha9xWmxokfTw1ZBLz3reZT4TYGxeOMPIrAcJXuprm1xai9BMwQhnlQTshsNDgwNvUvYitGIUgqxKuULLelVoUSf9r3E%2FUOqrigTD8Dk3TUqKpNysLKjIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853bb2c426698-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

datatechone.com

firefox.exe

Remote address:

8.8.8.8:53

Request

datatechone.com

IN AAAA

Response
DNS

datatechone.com

firefox.exe

Remote address:

8.8.8.8:53

Request

datatechone.com

IN AAAA

Response
GET

https://pastebin.com/9xQGK8pB

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /9xQGK8pB HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/html; charset=UTF-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
set-cookie: _csrf-frontend=02d98d08af44d47b6b1fa1366bd11acf2940c41d093568c160ff548fdd16e9aba%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22jz04HflVoP1YjYVUtmpzmJ8Xr0EtINFQ%22%3B%7D; path=/; HttpOnly
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821853d0ad210bb6-AMS
GET

https://pastebin.com/assets/c80611c4/css/bootstrap.min.css

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/c80611c4/css/bootstrap.min.css HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 15:55:38 GMT
etag: W/"5c643dfa-1da71"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1504
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d28f680bb6-AMS
GET

https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/72fc434d/dist/bootstrap-tagsinput.css HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/css
last-modified: Sun, 27 Jul 2014 12:27:42 GMT
etag: W/"53d4f03e-431"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5118
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d2cfbf0bb6-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-3f2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d2f8080bb6-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-210f9"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d2f8090bb6-AMS
GET

https://pastebin.com/themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-2c2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2915
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d3080a0bb6-AMS
content-encoding: gzip
GET

https://pastebin.com/themes/pastebin/img/guest.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/guest.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/png
content-length: 1152
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-480"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2935
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d3587c0bb6-AMS
GET

https://pastebin.com/themes/pastebin/img/hello.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/hello.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/webp
content-length: 2566
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-a06"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5118
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d358800bb6-AMS
GET

https://pastebin.com/assets/9ce1885/jquery.min.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/9ce1885/jquery.min.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 22:50:46 GMT
etag: W/"5eb09c46-15d84"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3453
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d358830bb6-AMS
GET

https://pastebin.com/assets/f04f76b8/yii.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/f04f76b8/yii.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 07 Jul 2020 21:45:32 GMT
etag: W/"5f04ecfc-51c6"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3453
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d358850bb6-AMS
GET

https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /assets/72fc434d/dist/bootstrap-tagsinput.js HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-35083"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 580
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d358880bb6-AMS
GET

https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 27 Jul 2014 12:27:42 GMT
etag: W/"53d4f03e-4ae1"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d358870bb6-AMS
GET

https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: W/"6512b540-9325"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6063
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d3588a0bb6-AMS
GET

https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/webp
content-length: 47064
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-b7d8"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d449b70bb6-AMS
GET

https://pastebin.com/themes/pastebin/sprite/spritesheet.webp

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/sprite/spritesheet.webp HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/webp
content-length: 9642
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-25aa"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d439af0bb6-AMS
GET

https://pastebin.com/themes/pastebin/img/info.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/info.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/png
content-length: 1676
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-68c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2281
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d449be0bb6-AMS
GET

https://pastebin.com/themes/pastebin/img/linebg.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/linebg.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/png
content-length: 375
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-177"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4121
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d459c70bb6-AMS
GET

https://pastebin.com/themes/pastebin/img/close_promo.png

firefox.exe

Remote address:

104.20.67.143:443

Request

GET /themes/pastebin/img/close_promo.png HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
te: trailers

Response

HTTP/2.0 200

date: Sun, 05 Nov 2023 21:53:04 GMT
content-type: image/png
content-length: 1428
last-modified: Tue, 26 Sep 2023 10:41:04 GMT
etag: "6512b540-594"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5118
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 821853d459d40bb6-AMS
POST

https://pastebin.com/site/check-last-posts?k=0&d=0

firefox.exe

Remote address:

104.20.67.143:443

Request

POST /site/check-last-posts?k=0&d=0 HTTP/2.0
host: pastebin.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
x-csrf-token: NjEc3N1IqGwZv33N8VlPIYv5UFdTLWP3LVge3BD0WX5cSyzolS7EOnbvTJSbABl0_5QgLT5nW69faFuoWbofLw==
x-requested-with: XMLHttpRequest
origin: https://pastebin.com
dnt: 1
referer: https://pastebin.com/9xQGK8pB
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
pragma: no-cache
cache-control: no-cache
content-length: 0
te: trailers

Response

HTTP/2.0 400

date: Sun, 05 Nov 2023 21:53:05 GMT
content-type: text/html; charset=UTF-8
x-frame-options: DENY
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
x-xss-protection: 1;mode=block
set-cookie: _csrf-frontend=10d4d99632fa913d62c678c9f7a2335f4f3ce1342c65379cd6a22b39acb963aaa%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22byLmK2JyEoGDwVixZdfJws53Rte1FQ1z%22%3B%7D; path=/; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 821853d69ca90bb6-AMS
GET

http://pastbin.com/9xQGK8pB

firefox.exe

Remote address:

72.14.178.174:80

Request

GET /9xQGK8pB HTTP/1.1
Host: pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Sun, 05 Nov 2023 21:53:08 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN AAAA

Response
DNS

pastbin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

pastbin.com

IN AAAA

Response
GET

http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699221188.0051962494&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

firefox.exe

Remote address:

72.14.178.174:80

Request

GET /9xQGK8pB?gp=1&js=1&uuid=1699221188.0051962494&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0= HTTP/1.1
Host: pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://pastbin.com/9xQGK8pB
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 302 Found

server: openresty/1.13.6.1
date: Sun, 05 Nov 2023 21:53:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
referrer-policy: no-referrer
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJwYXN0YmluLmNvbSIsImh0dHBzOi8vd3d3Ni5wYXN0YmluLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNjk5MjIwOTQyLjAxMzg1NzAwMDAmdXVpZD0xNjk5MjIwOTQyLjAxMzg1NzAwMDAmdGVybT1PbmxpbmUlMjBEb2N1bWVudHMlMjBNYW5hZ2VtZW50JTIwU29mdHdhcmUmdGVybT1UZXh0JTIwRGF0YSUyME9ubGluZSUyMFN0b3JhZ2UmdGVybT1DaGFuZ2UlMjBNYW5hZ2VtZW50JnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIzLTExLTA1IDIxOjQ5OjAyIiwyLCIxNjk5MjIwOTQyLjAxMzg1NzA0NzQiLDE5OSxudWxsLG51bGxd:1qzl3M:ahvLDaO1MdxzBeG4dEtvh4YNQ7s; expires=Sun, 05-Nov-2023 22:53:08 GMT; Max-Age=3600; Path=/
connection: close
GET

https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:53:08 GMT
Content-Type: text/html
Content-Length: 1177
Last-Modified: Wed, 11 Oct 2023 21:17:57 GMT
Connection: keep-alive
ETag: "65271105-499"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_i2C+80ySpyVs3pYhLQeHAHAvyp+qUK5sF7bWuM7U6rov/MY2uqVNU+Se8wIQ0vkLiEkuwrs5YX2bwhjrInM2Kg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=10.116.88.77;Path=/;Max-Age=86400;
Set-Cookie: country=;Path=/;Max-Age=86400;
Set-Cookie: city="";Path=/;Max-Age=86400;
Set-Cookie: expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
GET

https://www6.pastbin.com/px.js?ch=1&abp=1

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /px.js?ch=1&abp=1 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
Cookie: caf_ipaddr=10.116.88.77; country=; city=""; expiry_partner=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:53:08 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Wed, 11 Oct 2023 21:17:58 GMT
Connection: keep-alive
ETag: "65271106-1dc"
Accept-Ranges: bytes
DNS

www10.smartname.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www10.smartname.com

IN AAAA

Response
DNS

img1.wsimg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

img1.wsimg.com

IN A

Response

img1.wsimg.com

IN CNAME

global-wildcard.wsimg.com.sni-only.edgekey.net

global-wildcard.wsimg.com.sni-only.edgekey.net

IN CNAME

e40258.g.akamaiedge.net

e40258.g.akamaiedge.net

IN A

23.62.61.57

e40258.g.akamaiedge.net

IN A

23.62.61.98
GET

https://www6.pastbin.com/px.js?ch=2&abp=1

firefox.exe

Remote address:

3.33.243.145:443

Request

GET /px.js?ch=2&abp=1 HTTP/1.1
Host: www6.pastbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0
Cookie: caf_ipaddr=10.116.88.77; country=; city=""; expiry_partner=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Server: openresty
Date: Sun, 05 Nov 2023 21:53:09 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Wed, 11 Oct 2023 21:17:58 GMT
Connection: keep-alive
ETag: "65271106-1dc"
Accept-Ranges: bytes
DNS

e40258.g.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e40258.g.akamaiedge.net

IN A

Response

e40258.g.akamaiedge.net

IN A

23.62.61.98

e40258.g.akamaiedge.net

IN A

23.62.61.57
GET

https://img1.wsimg.com/parking-lander/static/js/main.32a72d74.js

firefox.exe

Remote address:

23.62.61.57:443

Request

GET /parking-lander/static/js/main.32a72d74.js HTTP/2.0
host: img1.wsimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://www6.pastbin.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: e0t1Tis8A+GewI3m5/3RVPtbBHwBB458MQ/fSXtDqRg7ApM3rjwEvgYGRKThXGOch/ntbYfVpqtnsCBG8rHu1w==
x-amz-request-id: GY62C403BHBGW2WB
last-modified: Wed, 11 Oct 2023 21:15:22 GMT
etag: "256e5c3738a4cf63368a60d2b8cf917e"
x-amz-server-side-encryption: AES256
x-amz-version-id: 89i32sZIro9NM.9yE26llqD2LxWoJ9JV
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 04 Nov 2024 21:53:09 GMT
date: Sun, 05 Nov 2023 21:53:09 GMT
content-length: 202232
timing-allow-origin: *
access-control-allow-origin: *
GET

https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

firefox.exe

Remote address:

23.62.61.57:443

Request

GET /parking-lander/static/css/main.b706c083.css HTTP/2.0
host: img1.wsimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
dnt: 1
referer: https://www6.pastbin.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: eC/vB8g/3G+Wg1stmxDiCH1kuv5VPX0MyRmoJfdwA61aOuogx4579TjaEaX2Ij1xX5EA5OCmTYk=
x-amz-request-id: GY63GQ57Q7J9P0D6
last-modified: Wed, 11 Oct 2023 21:15:28 GMT
etag: "b370238e18d0f075f1527034e55ae938"
x-amz-server-side-encryption: AES256
x-amz-version-id: bOdoCQX056dtcHo25CQRQCautfa1Po3E
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Mon, 04 Nov 2024 21:53:09 GMT
date: Sun, 05 Nov 2023 21:53:09 GMT
content-length: 193
timing-allow-origin: *
access-control-allow-origin: *
DNS

e40258.g.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e40258.g.akamaiedge.net

IN AAAA

Response
DNS

57.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.61.62.23.in-addr.arpa

IN PTR

Response

57.61.62.23.in-addr.arpa

IN PTR

a23-62-61-57deploystaticakamaitechnologiescom
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-recipe/e4fb5038-c29e-4954-98a0-72a882e4841f.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-recipe/e4fb5038-c29e-4954-98a0-72a882e4841f.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/170a56ca-c1bf-4181-9b30-693002f7e245.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/170a56ca-c1bf-4181-9b30-693002f7e245.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/06e44aaa-324b-47ac-b458-72e1bccdf86b.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/06e44aaa-324b-47ac-b458-72e1bccdf86b.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/30c71fa2-8842-419c-89db-addd30268f5b.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/30c71fa2-8842-419c-89db-addd30268f5b.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/fa731eb2-b049-44bc-a12d-f42f7cea991d.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/fa731eb2-b049-44bc-a12d-f42f7cea991d.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/2a0dbd55-2eae-44ea-b787-5379594979ff.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/2a0dbd55-2eae-44ea-b787-5379594979ff.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/bd6fe48d-f356-4af1-bb7e-4de42b1e6272.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/bd6fe48d-f356-4af1-bb7e-4de42b1e6272.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/c2485f5d-8bb1-4a45-a752-efffe9cd55c3.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/c2485f5d-8bb1-4a45-a752-efffe9cd55c3.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/281d6a98-5f8e-4bc4-8bae-72e7e16933ca.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/281d6a98-5f8e-4bc4-8bae-72e7e16933ca.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/e8645388-afc5-48e3-8f3f-80f82a5353dc.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/e8645388-afc5-48e3-8f3f-80f82a5353dc.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/47d2bcee-b6c1-464e-a443-e3527d029b0f.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/47d2bcee-b6c1-464e-a443-e3527d029b0f.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/18f03fe5-a60f-48c5-8cb8-13da750ca395.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/18f03fe5-a60f-48c5-8cb8-13da750ca395.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/cdd3cdfb-1988-482a-850f-ec02aff07f45.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/cdd3cdfb-1988-482a-850f-ec02aff07f45.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/a3944b1a-5464-406f-a97e-691702019575.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/a3944b1a-5464-406f-a97e-691702019575.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/61c97d21-6576-4624-aa8b-37839293aebd.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/61c97d21-6576-4624-aa8b-37839293aebd.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/1db0b78b-42f2-44fd-b78c-43f5fc760fa1.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/1db0b78b-42f2-44fd-b78c-43f5fc760fa1.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/393f4033-c815-48d4-bf23-1eb42b4d30db.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/393f4033-c815-48d4-bf23-1eb42b4d30db.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/76666027-45db-4baa-8197-6e0f886966a8.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/76666027-45db-4baa-8197-6e0f886966a8.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/24538f21-45ca-4dab-addb-65f655a688e2.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/24538f21-45ca-4dab-addb-65f655a688e2.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/ad749af2-93d7-4bf3-982f-a558175fd806.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/ad749af2-93d7-4bf3-982f-a558175fd806.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/f477331d-33dc-4dfe-be46-88d5223fb439.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/f477331d-33dc-4dfe-be46-88d5223fb439.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/8267a2cc-0984-4410-87db-c02530703a98.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/8267a2cc-0984-4410-87db-c02530703a98.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/3fcbb458-7362-47bb-a426-6b542eb2f014.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/3fcbb458-7362-47bb-a426-6b542eb2f014.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/5d011771-de98-48f3-8565-7fc1ef6439c3.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/5d011771-de98-48f3-8565-7fc1ef6439c3.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/145b9461-d6cc-4341-8d96-ec3bacace059.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/145b9461-d6cc-4341-8d96-ec3bacace059.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/0685a1b5-34eb-4c13-8c90-bc82735e527f.json

firefox.exe

Remote address:

34.117.121.53:443

Request

GET /main-workspace/personality-provider-models/0685a1b5-34eb-4c13-8c90-bc82735e527f.json HTTP/2.0
host: firefox-settings-attachments.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

aus5.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

aus5.mozilla.org

IN A

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response

204.79.197.200:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

tls, http2

1.9kB
9.3kB
22
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=35a8c341990e4ff885d938456acc92ed&localId=w:7D8A3D4A-7AD6-E66F-793E-D8AC3AE61BC8&deviceId=6966556180221962&anid=

HTTP Response

204
127.0.0.1:60241

firefox.exe
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

2.0kB
6.1kB
18
18

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

2.5kB
12.1kB
27
28
34.120.5.221:443

https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30

tls, http2

firefox.exe

2.1kB
13.8kB
19
22

HTTP Request

GET https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
44.235.236.240:443

shavar.services.mozilla.com

tls

firefox.exe

2.2kB
4.2kB
10
11
34.107.243.93:443

https://push.services.mozilla.com/

tls, http

firefox.exe

2.2kB
6.6kB
15
21

HTTP Request

GET https://push.services.mozilla.com/

HTTP Response

101
34.149.100.209:443

https://firefox.settings.services.mozilla.com/v1/

tls, http2

firefox.exe

15.4kB
1.3MB
212
1061

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1693416467312

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221699196235597%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1699142465580

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1699046525260&_since=%221689971565076%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1683667257606

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1695659360044&_since=%221661199949574%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/url-classifier-skip-urls?_expected=1606870304609

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-telemetry-v2/changeset?_expected=1698666532326&_since=%221661199890666%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/devtools-compatibility-browsers/changeset?_expected=1698661473899&_since=%221662648201700%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/addons-manager-settings/changeset?_expected=1688747728721

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/sites-classification?_expected=1544035467383

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/anti-tracking-url-decoration?_expected=1564511755134

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/public-suffix-list/changeset?_expected=1575468539758

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-default-override-allowlist?_expected=1595254618540

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/pioneer-study-addons-v1/changeset?_expected=1607042143590

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/top-sites?_expected=1647020600359

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-providers/changeset?_expected=1647549722107&_since=%221621943542621%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-config/changeset?_expected=1651753780606&_since=%221621943462970%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/devtools-devices?_expected=1653469171354

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends?_expected=1659924446436

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/cert-revocations/changeset?_expected=1699196235597

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/intermediates/changeset?_expected=1698379023347&_since=%221664891823141%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/onecrl/changeset?_expected=1695656154676&_since=%221658781354245%22

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/
127.0.0.1:60248

firefox.exe
204.79.197.200:443

tse1.mm.bing.net

tls, http2

972 B
8.3kB
11
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

972 B
8.3kB
11
14
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239317301457_1V7ZJVRAXG9TQ5156&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

39.6kB
4.4MB
681
3199

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301329_158N7EC87NQCHAYN7&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301714_1EPLZW0KO7U2RACHB&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301024_1S39Y613MNXDQQG0C&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301305_1RDDROWSHG0C525AI&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301738_1X6L2VINPQJNWJA05&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239317301457_1V7ZJVRAXG9TQ5156&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

926 B
8.3kB
10
14
72.14.178.174:80

http://pastbin.com/9xQGK8pB

http

firefox.exe

583 B
919 B
5
4

HTTP Request

GET http://pastbin.com/9xQGK8pB

HTTP Response

200
72.14.178.174:80

http://pastbin.com/favicon.ico

http

firefox.exe

626 B
409 B
7
4

HTTP Request

GET http://pastbin.com/favicon.ico

HTTP Response

200
72.14.178.174:80

http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699220942.0034556781&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

http

firefox.exe

866 B
1.3kB
5
4

HTTP Request

GET http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699220942.0034556781&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

HTTP Response

302
3.33.243.145:443

https://www6.pastbin.com/px.js?ch=1&abp=1

tls, http

firefox.exe

2.9kB
8.9kB
20
27

HTTP Request

GET https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0

HTTP Response

200

HTTP Request

GET https://www6.pastbin.com/px.js?ch=1&abp=1

HTTP Response

200
3.33.243.145:443

https://www6.pastbin.com/px.js?ch=2&abp=1

tls, http

firefox.exe

2.2kB
2.9kB
17
19

HTTP Request

GET https://www6.pastbin.com/px.js?ch=2&abp=1

HTTP Response

200
23.62.100.179:443

img1.wsimg.com

tls, http2

firefox.exe

1.4kB
8.4kB
13
19
23.62.100.179:443

https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

tls, http2

firefox.exe

3.3kB
219.0kB
44
177

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/js/main.32a72d74.js

HTTP Response

200

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

HTTP Response

200
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

firefox.exe

1.1kB
5.3kB
12
11
18.232.248.97:443

api.aws.parking.godaddy.com

tls

firefox.exe

2.2kB
7.1kB
19
21
18.232.248.97:443

api.aws.parking.godaddy.com

tls

firefox.exe

3.4kB
7.1kB
22
21
142.251.36.2:443

https://partner.googleadservices.com/gampad/cookie.js?domain=www6.pastbin.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie

tls, http2

firefox.exe

1.9kB
6.6kB
15
18

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=www6.pastbin.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
142.251.36.1:443

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

tls, http2

firefox.exe

1.9kB
11.8kB
15
21

HTTP Request

GET https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

HTTP Request

GET https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.251.36.1:443

afs.googleusercontent.com

tls, http2

firefox.exe

1.2kB
10.3kB
10
14
45.79.38.145:443

postback.trafficmotor.com

tls

firefox.exe

1.6kB
5.5kB
9
10
45.79.38.145:443

postback.trafficmotor.com

tls

firefox.exe

1.7kB
5.4kB
10
10
35.244.181.201:443

aus5.mozilla.org

tls

firefox.exe

2.0kB
6.5kB
21
21
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

1.9kB
11.8kB
19
25
2.18.121.79:80

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

http

firefox.exe

2.7kB
467.5kB
52
348

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

HTTP Response

200
216.58.208.110:443

redirector.gvt1.com

tls

firefox.exe

1.6kB
10.2kB
16
20
172.217.132.106:443

r5---sn-5hne6nsy.gvt1.com

tls

firefox.exe

72.3kB
8.7MB
1291
6238
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

1.0kB
5.3kB
11
11
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

409.2kB
3.8MB
3863
6987
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

1.1kB
5.4kB
13
13
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

1.1kB
5.3kB
13
12
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

1.1kB
5.3kB
13
12
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

firefox.exe

1.1kB
5.4kB
13
12
104.20.67.143:80

http://pastebin.com/9xQGK8pB

http

firefox.exe

1.1kB
1.1kB
17
15

HTTP Request

GET http://pastebin.com/9xQGK8pB

HTTP Response

301
104.20.67.143:80

pastebin.com

firefox.exe

190 B
132 B
4
3
104.20.67.143:443

https://pastebin.com/site/check-last-posts?k=0&d=0

tls, http2

firefox.exe

6.7kB
270.1kB
71
273

HTTP Request

GET https://pastebin.com/9xQGK8pB

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/c80611c4/css/bootstrap.min.css

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css

HTTP Request

GET https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531

HTTP Request

GET https://pastebin.com/themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/guest.png

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/hello.webp

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/9ce1885/jquery.min.js

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/f04f76b8/yii.js

HTTP Request

GET https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js

HTTP Request

GET https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp

HTTP Request

GET https://pastebin.com/themes/pastebin/sprite/spritesheet.webp

HTTP Request

GET https://pastebin.com/themes/pastebin/img/info.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/linebg.png

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/close_promo.png

HTTP Response

200

HTTP Request

GET https://pastebin.com/favicon.ico

HTTP Response

200

HTTP Request

POST https://pastebin.com/site/check-last-posts?k=0&d=0

HTTP Response

200
72.14.178.174:80

pastbin.com

firefox.exe

190 B
132 B
4
3
104.26.7.10:443

https://adfoc.us/favicon.ico

tls, http2

firefox.exe

3.3kB
25.9kB
30
49

HTTP Request

GET https://adfoc.us/serve/sitelinks/?id=271228&url=https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.

HTTP Response

302

HTTP Request

GET https://adfoc.us/serve/?id=27122897845572

HTTP Response

200

HTTP Request

GET https://adfoc.us/uploads/users/c869a040_eaf6b9f4_skip.jpg

HTTP Request

GET https://adfoc.us/js/interstitial.js

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://adfoc.us/serve/credit

HTTP Response

200

HTTP Request

GET https://adfoc.us/favicon.ico

HTTP Response

200
199.232.148.193:443

i.imgur.com

tls

firefox.exe

2.1kB
17.5kB
19
33
51.79.83.165:443

https://files.minecraftforge.net/static/images/logo.svg

tls, http2

firefox.exe

2.1kB
8.1kB
20
24

HTTP Request

GET https://files.minecraftforge.net/static/images/logo.svg

HTTP Response

200
142.250.179.202:443

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

tls, http2

firefox.exe

2.0kB
42.5kB
19
42

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
104.18.35.189:443

https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

tls, http2

firefox.exe

2.1kB
4.3kB
18
14

HTTP Request

GET https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

HTTP Response

302
104.21.15.179:443

https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228

tls, http2

firefox.exe

1.8kB
8.2kB
14
17

HTTP Request

GET https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228

HTTP Response

200
172.217.168.226:443

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

tls, http2

firefox.exe

1.9kB
11.0kB
15
19

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
172.67.170.35:443

https://tagstaticx.com/tag.js

tls, http2

firefox.exe

1.8kB
14.3kB
15
22

HTTP Request

GET https://tagstaticx.com/tag.js

HTTP Response

200
142.251.36.2:443

https://partner.googleadservices.com/gampad/cookie.js?domain=adfoc.us&callback=_gfp_s_&client=ca-pub-9854779124424507

tls, http2

firefox.exe

1.9kB
6.5kB
16
16

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=adfoc.us&callback=_gfp_s_&client=ca-pub-9854779124424507
139.45.195.253:443

datatechone.com

tls

firefox.exe

3.1kB
7.4kB
12
15
142.251.36.1:443

https://tpc.googlesyndication.com/sodar/sodar2.js

tls, http2

firefox.exe

1.8kB
13.1kB
15
21

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js
51.79.83.165:443

https://maven.minecraftforge.net/favicon.ico

tls, http2

firefox.exe

2.5kB
7.6kB
23
25

HTTP Request

GET https://maven.minecraftforge.net/net/minecraftforge/forge/1.20.1-47.2.0/forge-1.20.1-47.2.

HTTP Response

404

HTTP Request

GET https://maven.minecraftforge.net/favicon.ico

HTTP Response

203
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

2.1kB
3.7kB
18
19

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles
104.26.7.10:443

https://adfoc.us/serve/credit

tls, http2

firefox.exe

2.9kB
19.0kB
27
37

HTTP Request

GET https://adfoc.us/serve/?id=27122897845572

HTTP Response

200

HTTP Request

GET https://adfoc.us/uploads/users/c869a040_eaf6b9f4_skip.jpg

HTTP Request

GET https://adfoc.us/js/interstitial.js

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://adfoc.us/serve/credit

HTTP Response

200
142.250.179.202:443

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

tls, http2

firefox.exe

2.2kB
42.1kB
21
44

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
51.79.83.165:443

https://files.minecraftforge.net/static/images/logo.svg

tls, http2

firefox.exe

2.1kB
8.1kB
20
24

HTTP Request

GET https://files.minecraftforge.net/static/images/logo.svg

HTTP Response

200
199.232.148.193:443

i.imgur.com

tls

firefox.exe

2.2kB
17.5kB
20
33
104.18.35.189:443

https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

tls, http2

firefox.exe

2.1kB
4.4kB
19
15

HTTP Request

GET https://click.bounceads.net/click.php?ID=adfcs1&sub=adfcs1&subid=271228

HTTP Response

302
104.21.15.179:443

https://fireplayersoftware.com/common/images/logo.png

tls, http2

firefox.exe

3.2kB
107.7kB
29
109

HTTP Request

GET https://fireplayersoftware.com/advertisingfe/lp.php?ID=adfcs1&sub=adfcs1&subid=271228

HTTP Response

200

HTTP Request

GET https://fireplayersoftware.com/common/css/bootstrap/css/bootstrap.min.css

HTTP Request

GET https://fireplayersoftware.com/common/css/bootstrap/css/bootstrap-theme.min.css

HTTP Request

GET https://fireplayersoftware.com/common/css/style.css

HTTP Request

GET https://fireplayersoftware.com/common/js/jquery-1.11.2.min.js

HTTP Request

GET https://fireplayersoftware.com/common/css/bootstrap/js/bootstrap.min.js

HTTP Request

GET https://fireplayersoftware.com/common/images/logo.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
172.67.170.35:443

https://tagstaticx.com/tag.js

tls, http2

firefox.exe

2.0kB
14.3kB
18
21

HTTP Request

GET https://tagstaticx.com/tag.js

HTTP Response

200
139.45.195.253:443

datatechone.com

tls

firefox.exe

3.2kB
7.4kB
13
15
104.20.67.143:443

https://pastebin.com/site/check-last-posts?k=0&d=0

tls, http2

firefox.exe

6.2kB
269.6kB
66
265

HTTP Request

GET https://pastebin.com/9xQGK8pB

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/c80611c4/css/bootstrap.min.css

HTTP Response

200

HTTP Request

GET https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.css

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/css/vendors.bundle.css?30d6ece6979ee0cf5531

HTTP Request

GET https://pastebin.com/themes/pastebin/css/app.bundle.css?30d6ece6979ee0cf5531

HTTP Request

GET https://pastebin.com/themes/pastebin/css/geshi/light/text.css?694707f98000ed24d865

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/guest.png

HTTP Request

GET https://pastebin.com/themes/pastebin/img/hello.webp

HTTP Request

GET https://pastebin.com/assets/9ce1885/jquery.min.js

HTTP Request

GET https://pastebin.com/assets/f04f76b8/yii.js

HTTP Request

GET https://pastebin.com/assets/72fc434d/dist/bootstrap-tagsinput.js

HTTP Request

GET https://pastebin.com/themes/pastebin/js/vendors.bundle.js?30d6ece6979ee0cf5531

HTTP Request

GET https://pastebin.com/themes/pastebin/js/app.bundle.js?30d6ece6979ee0cf5531

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/pastebin_logo_side_outline_support_ukraine.webp

HTTP Request

GET https://pastebin.com/themes/pastebin/sprite/spritesheet.webp

HTTP Request

GET https://pastebin.com/themes/pastebin/img/info.png

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/linebg.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pastebin.com/themes/pastebin/img/close_promo.png

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://pastebin.com/site/check-last-posts?k=0&d=0

HTTP Response

400
72.14.178.174:80

http://pastbin.com/9xQGK8pB

http

firefox.exe

634 B
918 B
5
4

HTTP Request

GET http://pastbin.com/9xQGK8pB

HTTP Response

200
72.14.178.174:80

http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699221188.0051962494&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

http

firefox.exe

874 B
1.2kB
5
4

HTTP Request

GET http://pastbin.com/9xQGK8pB?gp=1&js=1&uuid=1699221188.0051962494&other_args=eyJ1cmkiOiAiLzl4UUdLOHBCIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

HTTP Response

302
3.33.243.145:443

https://www6.pastbin.com/px.js?ch=1&abp=1

tls, http

firefox.exe

2.9kB
9.4kB
20
27

HTTP Request

GET https://www6.pastbin.com/?template=ARROW_3&tdfs=1&s_token=1699220942.0138570000&uuid=1699220942.0138570000&term=Online%20Documents%20Management%20Software&term=Text%20Data%20Online%20Storage&term=Change%20Management&searchbox=0&showDomain=0&backfill=0

HTTP Response

200

HTTP Request

GET https://www6.pastbin.com/px.js?ch=1&abp=1

HTTP Response

200
3.33.243.145:443

https://www6.pastbin.com/px.js?ch=2&abp=1

tls, http

firefox.exe

2.2kB
2.1kB
16
18

HTTP Request

GET https://www6.pastbin.com/px.js?ch=2&abp=1

HTTP Response

200
23.62.61.57:443

img1.wsimg.com

tls, http2

firefox.exe

1.4kB
8.3kB
14
18
23.62.61.57:443

https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

tls, http2

firefox.exe

2.9kB
218.6kB
36
176

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/js/main.32a72d74.js

HTTP Response

200

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/css/main.b706c083.css

HTTP Response

200
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

firefox.exe

4.1kB
61.0kB
40
84
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

1.6kB
807 B
15
11
34.117.121.53:443

https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/0685a1b5-34eb-4c13-8c90-bc82735e527f.json

tls, http2

firefox.exe

10.9kB
567.3kB
130
521

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-recipe/e4fb5038-c29e-4954-98a0-72a882e4841f.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/170a56ca-c1bf-4181-9b30-693002f7e245.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/06e44aaa-324b-47ac-b458-72e1bccdf86b.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/30c71fa2-8842-419c-89db-addd30268f5b.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/fa731eb2-b049-44bc-a12d-f42f7cea991d.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/2a0dbd55-2eae-44ea-b787-5379594979ff.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/bd6fe48d-f356-4af1-bb7e-4de42b1e6272.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/c2485f5d-8bb1-4a45-a752-efffe9cd55c3.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/281d6a98-5f8e-4bc4-8bae-72e7e16933ca.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/e8645388-afc5-48e3-8f3f-80f82a5353dc.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/47d2bcee-b6c1-464e-a443-e3527d029b0f.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/18f03fe5-a60f-48c5-8cb8-13da750ca395.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/cdd3cdfb-1988-482a-850f-ec02aff07f45.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/a3944b1a-5464-406f-a97e-691702019575.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/61c97d21-6576-4624-aa8b-37839293aebd.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/1db0b78b-42f2-44fd-b78c-43f5fc760fa1.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/393f4033-c815-48d4-bf23-1eb42b4d30db.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/76666027-45db-4baa-8197-6e0f886966a8.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/24538f21-45ca-4dab-addb-65f655a688e2.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/ad749af2-93d7-4bf3-982f-a558175fd806.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/f477331d-33dc-4dfe-be46-88d5223fb439.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/8267a2cc-0984-4410-87db-c02530703a98.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/3fcbb458-7362-47bb-a426-6b542eb2f014.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/5d011771-de98-48f3-8565-7fc1ef6439c3.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/145b9461-d6cc-4341-8d96-ec3bacace059.json

HTTP Request

GET https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/personality-provider-models/0685a1b5-34eb-4c13-8c90-bc82735e527f.json
35.244.181.201:443

aus5.mozilla.org

tls

firefox.exe

2.0kB
5.1kB
20
19
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

firefox.exe

2.3kB
33.5kB
23
42
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

1.4kB
5.6kB
17
17
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

2.0kB
8.6kB
19
21

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles

8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

140.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

140.32.126.40.in-addr.arpa
8.8.8.8:53

g.bing.com

dns

56 B
158 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
8.8.8.8:53

2.136.104.51.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.136.104.51.in-addr.arpa
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

getpocket.cdn.mozilla.net

dns

firefox.exe

71 B
174 B
1
1

DNS Request

getpocket.cdn.mozilla.net

DNS Response

34.120.5.221
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

shavar.services.mozilla.com

dns

firefox.exe

73 B
157 B
1
1

DNS Request

shavar.services.mozilla.com

DNS Response

44.235.236.240

35.167.95.175

35.82.107.169
8.8.8.8:53

push.services.mozilla.com

dns

firefox.exe

71 B
125 B
1
1

DNS Request

push.services.mozilla.com

DNS Response

34.107.243.93
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.pocket.prod.cloudops.mozgcp.net

DNS Response

34.120.5.221
8.8.8.8:53

prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
110 B
1
1

DNS Request

prod.pocket.prod.cloudops.mozgcp.net

DNS Response

2600:1901:0:524c::
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
116 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

35.167.95.175

35.82.107.169

44.235.236.240
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

autopush.prod.mozaws.net

DNS Response

34.107.243.93
8.8.8.8:53

93.243.107.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

93.243.107.34.in-addr.arpa
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
153 B
1
1

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
155 B
1
1

DNS Request

autopush.prod.mozaws.net
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
161 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

240.236.235.44.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

240.236.235.44.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

89.254.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

89.254.221.88.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
173 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

48.101.122.92.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

48.101.122.92.in-addr.arpa
8.8.8.8:53

48.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

48.229.111.52.in-addr.arpa
8.8.8.8:53

pastbin.com

dns

firefox.exe

114 B
498 B
2
2

DNS Request

pastbin.com

DNS Request

pastbin.com

DNS Response

72.14.178.174

45.33.20.235

45.33.2.79

96.126.123.244

45.56.79.23

45.79.19.196

45.33.30.197

72.14.185.43

45.33.18.44

198.58.118.167

45.33.23.183

173.255.194.134

DNS Response

45.33.20.235

45.79.19.196

72.14.185.43

45.33.23.183

173.255.194.134

198.58.118.167

45.56.79.23

45.33.2.79

72.14.178.174

45.33.30.197

96.126.123.244

45.33.18.44
8.8.8.8:53

pastbin.com

dns

firefox.exe

114 B
498 B
2
2

DNS Request

pastbin.com

DNS Request

pastbin.com

DNS Response

72.14.185.43

198.58.118.167

96.126.123.244

45.79.19.196

173.255.194.134

45.33.2.79

45.33.23.183

45.33.20.235

45.33.30.197

45.56.79.23

45.33.18.44

72.14.178.174

DNS Response

72.14.185.43

198.58.118.167

96.126.123.244

45.79.19.196

173.255.194.134

45.33.2.79

45.33.23.183

45.33.20.235

45.33.30.197

45.56.79.23

45.33.18.44

72.14.178.174
8.8.8.8:53

pastbin.com

dns

firefox.exe

114 B
268 B
2
2

DNS Request

pastbin.com

DNS Request

pastbin.com
8.8.8.8:53

www6.pastbin.com

dns

firefox.exe

124 B
248 B
2
2

DNS Request

www6.pastbin.com

DNS Request

www6.pastbin.com

DNS Response

3.33.243.145

15.197.204.56

DNS Response

15.197.204.56

3.33.243.145
8.8.8.8:53

www10.smartname.com

dns

firefox.exe

65 B
97 B
1
1

DNS Request

www10.smartname.com

DNS Response

15.197.204.56

3.33.243.145
8.8.8.8:53

www10.smartname.com

dns

firefox.exe

65 B
147 B
1
1

DNS Request

www10.smartname.com
8.8.8.8:53

174.178.14.72.in-addr.arpa

dns

72 B
113 B
1
1

DNS Request

174.178.14.72.in-addr.arpa
8.8.8.8:53

img1.wsimg.com

dns

firefox.exe

60 B
186 B
1
1

DNS Request

img1.wsimg.com

DNS Response

23.62.100.179

23.62.100.131
8.8.8.8:53

e40258.g.akamaiedge.net

dns

firefox.exe

69 B
101 B
1
1

DNS Request

e40258.g.akamaiedge.net

DNS Response

23.62.100.179

23.62.100.131
8.8.8.8:53

e40258.g.akamaiedge.net

dns

firefox.exe

69 B
130 B
1
1

DNS Request

e40258.g.akamaiedge.net
8.8.8.8:53

145.243.33.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

145.243.33.3.in-addr.arpa
8.8.8.8:53

196.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.168.217.172.in-addr.arpa
8.8.8.8:53

179.100.62.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

179.100.62.23.in-addr.arpa
8.8.8.8:53

api.aws.parking.godaddy.com

dns

firefox.exe

73 B
135 B
1
1

DNS Request

api.aws.parking.godaddy.com

DNS Response

18.232.248.97

3.91.4.33
8.8.8.8:53

gddomainparking.com

dns

firefox.exe

65 B
97 B
1
1

DNS Request

gddomainparking.com

DNS Response

18.232.248.97

3.91.4.33
8.8.8.8:53

gddomainparking.com

dns

firefox.exe

65 B
143 B
1
1

DNS Request

gddomainparking.com
8.8.8.8:53

partner.googleadservices.com

dns

firefox.exe

74 B
114 B
1
1

DNS Request

partner.googleadservices.com

DNS Response

142.251.36.2
8.8.8.8:53

partner46.googleadservices.com

dns

firefox.exe

150 B
205 B
2
2

DNS Request

partner46.googleadservices.com

DNS Response

142.251.36.2

DNS Request

106.132.217.172.in-addr.arpa
8.8.8.8:53

97.248.232.18.in-addr.arpa

dns

72 B
127 B
1
1

DNS Request

97.248.232.18.in-addr.arpa
8.8.8.8:53

2.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

2.36.251.142.in-addr.arpa
8.8.8.8:53

partner46.googleadservices.com

dns

firefox.exe

76 B
104 B
1
1

DNS Request

partner46.googleadservices.com

DNS Response

2a00:1450:400e:80f::2002
142.251.36.2:443

partner46.googleadservices.com

https

firefox.exe

1.9kB
6.9kB
6
8
8.8.8.8:53

afs.googleusercontent.com

dns

firefox.exe

71 B
116 B
1
1

DNS Request

afs.googleusercontent.com

DNS Response

142.251.36.1
8.8.8.8:53

googlehosted.l.googleusercontent.com

dns

firefox.exe

82 B
98 B
1
1

DNS Request

googlehosted.l.googleusercontent.com

DNS Response

142.251.36.1
8.8.8.8:53

googlehosted.l.googleusercontent.com

dns

firefox.exe

82 B
110 B
1
1

DNS Request

googlehosted.l.googleusercontent.com

DNS Response

2a00:1450:400e:80f::2001
142.251.36.1:443

googlehosted.l.googleusercontent.com

https

firefox.exe

2.1kB
14.8kB
9
14
8.8.8.8:53

postback.trafficmotor.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

postback.trafficmotor.com

DNS Response

45.79.38.145
8.8.8.8:53

postback.trafficmotor.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

postback.trafficmotor.com

DNS Response

45.79.38.145
8.8.8.8:53

postback.trafficmotor.com

dns

firefox.exe

71 B
126 B
1
1

DNS Request

postback.trafficmotor.com
8.8.8.8:53

1.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

1.36.251.142.in-addr.arpa
8.8.8.8:53

145.38.79.45.in-addr.arpa

dns

71 B
114 B
1
1

DNS Request

145.38.79.45.in-addr.arpa
8.8.8.8:53

89.16.208.104.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

89.16.208.104.in-addr.arpa
8.8.8.8:53

aus5.mozilla.org

dns

firefox.exe

62 B
180 B
1
1

DNS Request

aus5.mozilla.org

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

70 B
286 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

2.18.121.79

2.18.121.73
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

134 B
198 B
2
2

DNS Request

a19.dscg10.akamai.net

DNS Response

2.18.121.79

2.18.121.73

DNS Request

a19.dscg10.akamai.net

DNS Response

2.18.121.79

2.18.121.73
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
123 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:1180:4::212:794f

2a02:26f0:1180:4::212:7949
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

216.58.208.110
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

130 B
162 B
2
2

DNS Request

redirector.gvt1.com

DNS Response

216.58.208.110

DNS Request

redirector.gvt1.com

DNS Response

216.58.208.110
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:400e:80e::200e
216.58.208.110:443

redirector.gvt1.com

https

firefox.exe

3.4kB
9.6kB
10
11
8.8.8.8:53

r5---sn-5hne6nsy.gvt1.com

dns

firefox.exe

71 B
116 B
1
1

DNS Request

r5---sn-5hne6nsy.gvt1.com

DNS Response

172.217.132.106
8.8.8.8:53

r5.sn-5hne6nsy.gvt1.com

dns

firefox.exe

69 B
85 B
1
1

DNS Request

r5.sn-5hne6nsy.gvt1.com

DNS Response

172.217.132.106
8.8.8.8:53

r5.sn-5hne6nsy.gvt1.com

dns

firefox.exe

69 B
97 B
1
1

DNS Request

r5.sn-5hne6nsy.gvt1.com

DNS Response

2a00:1450:400e:7::a
172.217.132.106:443

r5.sn-5hne6nsy.gvt1.com

https

firefox.exe

2.1kB
8.0kB
9
10
8.8.8.8:53

201.181.244.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

201.181.244.35.in-addr.arpa
8.8.8.8:53

79.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

79.121.18.2.in-addr.arpa
8.8.8.8:53

110.208.58.216.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

110.208.58.216.in-addr.arpa
8.8.8.8:53

firefox-settings-attachments.cdn.mozilla.net

dns

firefox.exe

90 B
177 B
1
1

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Response

34.117.121.53
8.8.8.8:53

attachments.prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

106 B
122 B
1
1

DNS Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.117.121.53
8.8.8.8:53

attachments.prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

106 B
199 B
1
1

DNS Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

53.121.117.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

53.121.117.34.in-addr.arpa
8.8.8.8:53

pastebin.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

pastebin.com

DNS Response

104.20.67.143

172.67.34.170

104.20.68.143
8.8.8.8:53

pastebin.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

pastebin.com

DNS Response

172.67.34.170

104.20.68.143

104.20.67.143
8.8.8.8:53

pastebin.com

dns

firefox.exe

58 B
142 B
1
1

DNS Request

pastebin.com

DNS Response

2606:4700:10::6814:448f

2606:4700:10::ac43:22aa

2606:4700:10::6814:438f
8.8.8.8:53

143.67.20.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

143.67.20.104.in-addr.arpa
8.8.8.8:53

8.36.251.142.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

8.36.251.142.in-addr.arpa
8.8.8.8:53

206.23.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

206.23.217.172.in-addr.arpa
8.8.8.8:53

adfoc.us

dns

firefox.exe

54 B
102 B
1
1

DNS Request

adfoc.us

DNS Response

104.26.7.10

172.67.74.85

104.26.6.10
8.8.8.8:53

adfoc.us

dns

firefox.exe

54 B
102 B
1
1

DNS Request

adfoc.us

DNS Response

104.26.7.10

104.26.6.10

172.67.74.85
8.8.8.8:53

adfoc.us

dns

firefox.exe

54 B
138 B
1
1

DNS Request

adfoc.us

DNS Response

2606:4700:20::681a:70a

2606:4700:20::681a:60a

2606:4700:20::ac43:4a55
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

130 B
162 B
2
2

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.202

DNS Request

ajax.googleapis.com

DNS Response

172.217.168.202
8.8.8.8:53

files.minecraftforge.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

files.minecraftforge.net

DNS Response

51.79.83.165
8.8.8.8:53

i.imgur.com

dns

firefox.exe

57 B
112 B
1
1

DNS Request

i.imgur.com

DNS Response

199.232.148.193
8.8.8.8:53

ipv4.imgur.map.fastly.net

dns

firefox.exe

71 B
87 B
1
1

DNS Request

ipv4.imgur.map.fastly.net

DNS Response

199.232.148.193
8.8.8.8:53

files.minecraftforge.net

dns

firefox.exe

140 B
172 B
2
2

DNS Request

files.minecraftforge.net

DNS Response

51.79.83.165

DNS Request

files.minecraftforge.net

DNS Response

51.79.83.165
8.8.8.8:53

10.7.26.104.in-addr.arpa

dns

140 B
264 B
2
2

DNS Request

10.7.26.104.in-addr.arpa

DNS Request

10.7.26.104.in-addr.arpa
8.8.8.8:53

ipv4.imgur.map.fastly.net

dns

firefox.exe

142 B
264 B
2
2

DNS Request

ipv4.imgur.map.fastly.net

DNS Request

ipv4.imgur.map.fastly.net
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.202
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

2a00:1450:400e:80f::200a
8.8.8.8:53

files.minecraftforge.net

dns

firefox.exe

70 B
98 B
1
1

DNS Request

files.minecraftforge.net

DNS Response

2607:5300:203:65a5::
142.250.179.202:443

ajax.googleapis.com

https

firefox.exe

3.3kB
8.7kB
7
9
8.8.8.8:53

click.bounceads.net

dns

firefox.exe

65 B
97 B
1
1

DNS Request

click.bounceads.net

DNS Response

104.18.35.189

172.64.152.67
8.8.8.8:53

click.bounceads.net

dns

firefox.exe

65 B
97 B
1
1

DNS Request

click.bounceads.net

DNS Response

172.64.152.67

104.18.35.189
8.8.8.8:53

click.bounceads.net

dns

firefox.exe

65 B
127 B
1
1

DNS Request

click.bounceads.net
8.8.8.8:53

fireplayersoftware.com

dns

firefox.exe

68 B
100 B
1
1

DNS Request

fireplayersoftware.com

DNS Response

104.21.15.179

172.67.163.153
8.8.8.8:53

fireplayersoftware.com

dns

firefox.exe

68 B
100 B
1
1

DNS Request

fireplayersoftware.com

DNS Response

104.21.15.179

172.67.163.153
8.8.8.8:53

fireplayersoftware.com

dns

firefox.exe

68 B
124 B
1
1

DNS Request

fireplayersoftware.com

DNS Response

2606:4700:3035::ac43:a399

2606:4700:3036::6815:fb3
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

172.217.168.226
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

172.217.23.194
172.217.168.226:443

googleads.g.doubleclick.net

https

firefox.exe

4.5kB
8.0kB
10
12
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
101 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

2a00:1450:400e:811::2002
104.21.15.179:443

fireplayersoftware.com

https

firefox.exe

20.1kB
2.7MB
173
2244
8.8.8.8:53

193.148.232.199.in-addr.arpa

dns

148 B
256 B
2
2

DNS Request

193.148.232.199.in-addr.arpa

DNS Request

193.148.232.199.in-addr.arpa
8.8.8.8:53

165.83.79.51.in-addr.arpa

dns

71 B
109 B
1
1

DNS Request

165.83.79.51.in-addr.arpa
8.8.8.8:53

189.35.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

189.35.18.104.in-addr.arpa
8.8.8.8:53

194.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.179.250.142.in-addr.arpa
8.8.8.8:53

179.15.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

179.15.21.104.in-addr.arpa
8.8.8.8:53

226.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

226.168.217.172.in-addr.arpa
8.8.8.8:53

202.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.179.250.142.in-addr.arpa
8.8.8.8:53

tagstaticx.com

dns

firefox.exe

60 B
92 B
1
1

DNS Request

tagstaticx.com

DNS Response

172.67.170.35

104.21.28.10
8.8.8.8:53

tagstaticx.com

dns

firefox.exe

60 B
92 B
1
1

DNS Request

tagstaticx.com

DNS Response

188.114.96.0

188.114.97.0
8.8.8.8:53

tagstaticx.com

dns

firefox.exe

120 B
232 B
2
2

DNS Request

tagstaticx.com

DNS Response

2a06:98c1:3121::9

2a06:98c1:3120::9

DNS Request

tagstaticx.com

DNS Response

2a06:98c1:3121::

2a06:98c1:3120::
172.67.170.35:443

tagstaticx.com

https

firefox.exe

1.9kB
8.4kB
6
12
142.251.36.2:443

partner46.googleadservices.com

https

firefox.exe

4.6kB
3.6kB
6
5
8.8.8.8:53

35.170.67.172.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

35.170.67.172.in-addr.arpa

DNS Request

35.170.67.172.in-addr.arpa
8.8.8.8:53

datatechone.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

datatechone.com

DNS Response

139.45.195.253
8.8.8.8:53

datatechone.com

dns

firefox.exe

61 B
77 B
1
1

DNS Request

datatechone.com

DNS Response

139.45.195.253
8.8.8.8:53

datatechone.com

dns

firefox.exe

61 B
145 B
1
1

DNS Request

datatechone.com
8.8.8.8:53

253.195.45.139.in-addr.arpa

dns

73 B
127 B
1
1

DNS Request

253.195.45.139.in-addr.arpa
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.251.36.1
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.251.36.1
8.8.8.8:53

tpc.googlesyndication.com

dns

firefox.exe

71 B
99 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

2a00:1450:400e:80f::2001
142.251.36.1:443

tpc.googlesyndication.com

https

firefox.exe

2.6kB
13.1kB
10
17
8.8.8.8:53

maven.minecraftforge.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

maven.minecraftforge.net

DNS Response

51.79.83.165
8.8.8.8:53

maven.minecraftforge.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

maven.minecraftforge.net

DNS Response

51.79.83.165
8.8.8.8:53

maven.minecraftforge.net

dns

firefox.exe

70 B
98 B
1
1

DNS Request

maven.minecraftforge.net

DNS Response

2607:5300:203:65a5::
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com
142.250.179.202:443

ajax.googleapis.com

https

firefox.exe

1.8kB
2.4kB
4
5
8.8.8.8:53

i.imgur.com

dns

firefox.exe

57 B
112 B
1
1

DNS Request

i.imgur.com

DNS Response

199.232.148.193
8.8.8.8:53

ipv4.imgur.map.fastly.net

dns

firefox.exe

71 B
87 B
1
1

DNS Request

ipv4.imgur.map.fastly.net

DNS Response

199.232.148.193
8.8.8.8:53

ipv4.imgur.map.fastly.net

dns

firefox.exe

71 B
132 B
1
1

DNS Request

ipv4.imgur.map.fastly.net
8.8.8.8:53

click.bounceads.net

dns

firefox.exe

65 B
127 B
1
1

DNS Request

click.bounceads.net
104.21.15.179:443

fireplayersoftware.com

https

firefox.exe

1.7kB
3.2kB
3
7
104.21.15.179:443

fireplayersoftware.com

https

firefox.exe

18.3kB
2.6MB
185
2135
172.67.170.35:443

tagstaticx.com

https

firefox.exe

2.1kB
8.4kB
7
13
8.8.8.8:53

datatechone.com

dns

firefox.exe

122 B
290 B
2
2

DNS Request

datatechone.com

DNS Request

datatechone.com
8.8.8.8:53

pastbin.com

dns

firefox.exe

114 B
268 B
2
2

DNS Request

pastbin.com

DNS Request

pastbin.com
8.8.8.8:53

www10.smartname.com

dns

firefox.exe

65 B
147 B
1
1

DNS Request

www10.smartname.com
8.8.8.8:53

img1.wsimg.com

dns

firefox.exe

60 B
186 B
1
1

DNS Request

img1.wsimg.com

DNS Response

23.62.61.57

23.62.61.98
8.8.8.8:53

e40258.g.akamaiedge.net

dns

firefox.exe

69 B
101 B
1
1

DNS Request

e40258.g.akamaiedge.net

DNS Response

23.62.61.98

23.62.61.57
8.8.8.8:53

e40258.g.akamaiedge.net

dns

firefox.exe

69 B
130 B
1
1

DNS Request

e40258.g.akamaiedge.net
8.8.8.8:53

57.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

57.61.62.23.in-addr.arpa
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
161 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

aus5.mozilla.org

dns

firefox.exe

62 B
180 B
1
1

DNS Request

aus5.mozilla.org

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
161 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\activity-stream.discovery_stream.json.tmp

Filesize
22KB

MD5
ab1719ec5fedc2936ab7cc25cbeb067e

SHA1
29a689fba61e1cf5997183087fa712a911a72208

SHA256
649c7c5d5f404865b8360ccaf0f768e86892ad9e13fc387a2f06f2b3757f9cc3

SHA512
7778d41abd81d81591e81420759fb55231e4586ce73234695fdb02f60bb51817c401b1ff122f663f83f4e683ea2d5d8ee157e6aea5383c7bee8e3201e4ef5a32

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\doomed\22196

Filesize
8KB

MD5
4c0b9d32d7ab45e460fcfcd901c8ca80

SHA1
434530d31f150199a91c0217fe090a9be4383a53

SHA256
5478b742efbd29bd55235c4345f85ef3f5a8cf544ebc1fef458de5cd491014ff

SHA512
283fabda10ea49d5ffdc0e3075dafd5b9244d925d5aa597daeb22153769734a8a60ac4ce84ca9db369c4a080740b81edf785a0a23ff01bc5eb0b7051e24f3c17

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\doomed\9174

Filesize
9KB

MD5
469dd160afe151274483dce478c47801

SHA1
85d8b11c6db6c749800f3c5e4e1c3f41af59c0c4

SHA256
95ced7edf47b02574073f559b9091ba4ceb703f00da219003a5d2463db833ad4

SHA512
13281cdec1310143e7c4ddd7bd3d188e18a6770a3f45b882a931cf0a32447a8b53edf665d1bffcb4d8137a0d88451cf104ea93e509575bc0cecf9f8f6dd6b7ed

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\cache2\entries\51D52D298316CD3F9A90A40E946BB34EFA1BFB72

Filesize
13KB

MD5
96489cd4e9d4b66fd44c109eecea0942

SHA1
17d4f6c5b025562d722c151f6260048190d451e2

SHA256
6bf4025b02ad2ac434b79a7b4a601d233ac5f6d8a75723a7ac506f81ec14a62a

SHA512
f0c7dbe37e0f930581fa0ca6a01a276fbbe93f27557011f3150f4b562bca59d17bb209880920d365d93600120b464b3ae324ce716c757535492b72b9c2bf571c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json

Filesize
67KB

MD5
6c651609d367b10d1b25ef4c5f2b3318

SHA1
0abcc756ea415abda969cd1e854e7e8ebeb6f2d4

SHA256
960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9

SHA512
3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json

Filesize
44KB

MD5
39b73a66581c5a481a64f4dedf5b4f5c

SHA1
90e4a0883bb3f050dba2fee218450390d46f35e2

SHA256
022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17

SHA512
cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json

Filesize
33KB

MD5
0ed0473b23b5a9e7d1116e8d4d5ca567

SHA1
4eb5e948ac28453c4b90607e223f9e7d901301c4

SHA256
eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b

SHA512
464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json

Filesize
33KB

MD5
c82700fcfcd9b5117176362d25f3e6f6

SHA1
a7ad40b40c7e8e5e11878f4702952a4014c5d22a

SHA256
c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780

SHA512
d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json

Filesize
67KB

MD5
df96946198f092c029fd6880e5e6c6ec

SHA1
9aee90b66b8f9656063f9476ff7b87d2d267dcda

SHA256
df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996

SHA512
43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json

Filesize
45KB

MD5
a92a0fffc831e6c20431b070a7d16d5a

SHA1
da5bbe65f10e5385cbe09db3630ae636413b4e39

SHA256
8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c

SHA512
31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json

Filesize
45KB

MD5
6ccd943214682ac8c4ec08b7ec6dbcbd

SHA1
18417647f7c76581d79b537a70bf64f614f60fa2

SHA256
ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b

SHA512
e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_finance.json

Filesize
33KB

MD5
e95c2d2fc654b87e77b0a8a37aaa7fcf

SHA1
b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc

SHA256
384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e

SHA512
9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json

Filesize
67KB

MD5
70ba02dedd216430894d29940fc627c2

SHA1
f0c9aa816c6b0e171525a984fd844d3a8cabd505

SHA256
905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34

SHA512
3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_games.json

Filesize
44KB

MD5
4182a69a05463f9c388527a7db4201de

SHA1
5a0044aed787086c0b79ff0f51368d78c36f76bc

SHA256
35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85

SHA512
40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_health.json

Filesize
33KB

MD5
11711337d2acc6c6a10e2fb79ac90187

SHA1
5583047c473c8045324519a4a432d06643de055d

SHA256
150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565

SHA512
c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json

Filesize
67KB

MD5
bb45971231bd3501aba1cd07715e4c95

SHA1
ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a

SHA256
47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d

SHA512
74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json

Filesize
33KB

MD5
250acc54f92176775d6bdd8412432d9f

SHA1
a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65

SHA256
19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54

SHA512
a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json

Filesize
67KB

MD5
36689de6804ca5af92224681ee9ea137

SHA1
729d590068e9c891939fc17921930630cd4938dd

SHA256
e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52

SHA512
1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json

Filesize
33KB

MD5
2d69892acde24ad6383082243efa3d37

SHA1
d8edc1c15739e34232012bb255872991edb72bc7

SHA256
29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a

SHA512
da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_law_and_government.json

Filesize
68KB

MD5
80c49b0f2d195f702e5707ba632ae188

SHA1
e65161da245318d1f6fdc001e8b97b4fd0bc50e7

SHA256
257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63

SHA512
972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_online_communities.json

Filesize
67KB

MD5
37a74ab20e8447abd6ca918b6b39bb04

SHA1
b50986e6bb542f5eca8b805328be51eaa77e6c39

SHA256
11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f

SHA512
49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_people_and_society.json

Filesize
45KB

MD5
b1bd26cf5575ebb7ca511a05ea13fbd2

SHA1
e83d7f64b2884ea73357b4a15d25902517e51da8

SHA256
4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0

SHA512
edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json

Filesize
44KB

MD5
5b26aca80818dd92509f6a9013c4c662

SHA1
31e322209ba7cc1abd55bbb72a3c15bc2e4a895f

SHA256
dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671

SHA512
29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_real_estate.json

Filesize
67KB

MD5
9899942e9cd28bcb9bf5074800eae2d0

SHA1
15e5071e5ed58001011652befc224aed06ee068f

SHA256
efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a

SHA512
9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_reference.json

Filesize
56KB

MD5
567eaa19be0963b28b000826e8dd6c77

SHA1
7e4524c36113bbbafee34e38367b919964649583

SHA256
3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49

SHA512
6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_science.json

Filesize
56KB

MD5
7a8fd079bb1aeb4710a285ec909c62b9

SHA1
8429335e5866c7c21d752a11f57f76399e5634b6

SHA256
9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32

SHA512
8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_shopping.json

Filesize
67KB

MD5
97d4a0fd003e123df601b5fd205e97f8

SHA1
a802a515d04442b6bde60614e3d515d2983d4c00

SHA256
bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6

SHA512
111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_sports.json

Filesize
56KB

MD5
ce4e75385300f9c03fdd52420e0f822f

SHA1
85c34648c253e4c88161d09dd1e25439b763628c

SHA256
44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14

SHA512
d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\nb_model_build_attachment_travel.json

Filesize
67KB

MD5
48139e5ba1c595568f59fe880d6e4e83

SHA1
5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78

SHA256
4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa

SHA512
57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\personality-provider\recipe_attachment.json

Filesize
1KB

MD5
be3d0f91b7957bbbf8a20859fd32d417

SHA1
fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10

SHA256
fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7

SHA512
8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\snaxaw5u.default-release\thumbnails\8c50218f57456e46c2e166e0bd8f2011.png

Filesize
1KB

MD5
fc02db049d091e42f9c9857bd390b101

SHA1
ea1574b2d0bd9b2c8645dbfe80915a52e82812c6

SHA256
40b1bb64fe8a4fee70a2591cae2574171fd43255f51f051c285c7a32cee7b172

SHA512
fdeb347870ff94f55faf91c32d1906c552eddf8091bf52df2b2fc3fe0ee4c8846382b1b5cd5b8a947175abece84565356efc68a27c00aa64421c98cd9c09d6f8

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
12KB

MD5
8f1909a1a8da377e368413493d780af4

SHA1
0df8b10fed30223294f97b57e7ec48c57c57584f

SHA256
b376cd2728c736f8eefdb28f46980a6a75ddc7bf74d1d1f1be687de8cd567c07

SHA512
0966c7bc800a05b1c3e8d3b044a7452750dc65ffbd65fc0d6ec32cb387a66448523ca0adf1f73e83b153935505487b890cae23a24f8d46dfb18c0d517aa70146

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
16KB

MD5
380c9db835b148471d37c062c3408a20

SHA1
42b21f47b2ca9e97f42b66ad4b81da4e3b362f41

SHA256
380706904ee6ab28fa9d0419eeb2cb792c38b63c9845006eb465d86ba346e0ee

SHA512
4f51e854fa5d6365fbac2f94afae6bd8ee2d820b566c16ed72c72e2f5ef361a12b1a09a628c4765810a5997a70bd4d4987df93fa71611f6bb058487dfb393747

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

Filesize
10KB

MD5
b932a509be59d02c898c7f4debda7608

SHA1
670c1cc17bae33b52f654333950b3b1992a4baf6

SHA256
f2e5779a020e63bd2008e0d53a8c3adb11e61de132f6fc1fead21d95a0db5438

SHA512
6fb5d9855a1dc892c254d17c907bdb93b81766f19063b50bbdde6e50b4236d99de8e06bcfbfbc4542e2e2989085291e9eac276a52aca5d66e2cb1df9b215ba1f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\SiteSecurityServiceState.txt

Filesize
372B

MD5
7b48e296ae1a8b759ff72e978b89be83

SHA1
e2b1b35b08907a2e4718a5ef8a8df9bb6200d954

SHA256
7cd267c3b57356587418909a6002a9a75145a0393ff8c6a25230ba5225407545

SHA512
37c7fa277daeda6fa8851d01b1a088e7fe9e59724bf6232640aded6b46a5cfcf38bcab6a5e3161570bb378a9659fb034814bc9bead983798e79db0e5e41da0a2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\bookmarkbackups\bookmarks-2023-11-05_11_vOzwxHBIdEztZvfWp3i0Ow==.jsonlz4

Filesize
945B

MD5
117785831f1e4de76dd2c162f25543e6

SHA1
98d9c9841eed8d3c8882aee83888d553662e9a70

SHA256
db8d2b1a6fb2e76f39c9ba42024f0ce626b15ba435916b4b55b3b2746a51c4c9

SHA512
8252bfc41632a2370732d9ece0088f5eee3cd7533eaa6754d914ba616223412f7f781387e29954f843ab33fa5125406b9d3dea310c8af657d00cd629f47b37ac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\broadcast-listeners.json

Filesize
216B

MD5
2b7cfe037e7f294efffbf7c937c404f1

SHA1
891e113d1ad7ac7587d3da09e9ba3d359a2ffed7

SHA256
1f39f56f06bd68ba2bf564ee67888bf9918631f02f9ee1b1056754c433efc11c

SHA512
fdaa12d5e44fe2217cbc198ab951ade4ba1ea35134d7f93dfd1cf429a9e3f6ce24d2ffd1e1c9da38e7e0e73be3f2181de20df862f173cb82384df948d6ef4b9a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
11KB

MD5
f6c0ecceaee3ef4a2c4c2c02ba234200

SHA1
661b39184d71b07ff52460dae6df12173ee1074d

SHA256
500a341824ac7023deefec71071147b0b881469786a8df5952c2f23f10aba3b2

SHA512
fe738be4451979548507aa782ac8347743434b1f9e699edaca294bdf498062542a342b38a6fbccc2e0acca4c7597cc7a16a8f8d59bbc7d02a582058be9e2dbad

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
6KB

MD5
bc66a36fa1f0a8199abaa973548d3f88

SHA1
fa9c95eb9914d7f535b30dec3343a8e0fbda57f3

SHA256
61fb6f36a7a373b344a42b1c6704a0549da3ea9661cfb2e7e383087be4ea3d65

SHA512
55a16a990f47aedfd2a4d33c5448fe0c1150bb3158c08168af0e6b3e4ec10fd7012b12cde7b89cce06f9e298d4c53964d1ac3a52f2e09f285f0e2be5e482c915

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs-1.js

Filesize
7KB

MD5
4cf869a64c66fc32182b9ffea2fcf1a4

SHA1
34fca7b4675816e0377af0ef1ed940552f7977e1

SHA256
d541b72aff2148a79ad316af664846791ec59ca726eef3877fced9f739bad9d6

SHA512
04ab67efa28281538b05e8066c2a6dc58928c60dbda140528d0313dab4dbbfe48c49281dacc5471c1fc19f6dec409f4ab9eebad75b73a2f7ec73082025c524d9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
6KB

MD5
c184ad46d064909e8ca348682753af04

SHA1
b9ae31f831f22e4fd39f595fe627382ad3a01c11

SHA256
774f876a93f4f87d2d21c2ef24cf92e45b84f5cbcb55d744b325e1b8da025688

SHA512
dbba11c71d8d29b33d68bb667d62f1a9dfe0765df1193761818fdd008266be7b4b793fdaabc73a47d333ecf48be565ce1f2f58147675a531ebd5afe993c86213

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
8KB

MD5
755fc90addfbda401a564d7bb1266e22

SHA1
25adf2e168ba225940be91c5ebae23031ba2994c

SHA256
60782df9371de11c7ee98776bfd9fb2381194043852deeed419e9e5f83c8f52d

SHA512
170f9d89fe511f16296bfc3263c8743baa24c5f55859aa9dfe7cade3ff0178d433c01e372afc4f22ad47c75c6ed0b27365ca28d1b5f1e366ad67e970e7e5a70b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
10KB

MD5
0bab6856e25f4b96e527984bd7818805

SHA1
4db3a0d2eeaf5909525482ffe7d9f729b4cbae08

SHA256
c01aac9713c3ff547b75da54f71062b0e621c1fd2a0c6e52066c5cfca6a6a156

SHA512
f06123ccc066f74b3966bdf461f3773c24f1a4ececb509c861031a309bbea641d188805abd3bd64ded9c640835594ed05f0d7d7e8ba74272d6d3e42a50eba8ea

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
6KB

MD5
d5b1dd2f5f61b8e8fb1e7ef551ad4764

SHA1
5901082ee44ded890ce6a90ebc3b0755ee428ae3

SHA256
b6dd130990228b381e6b185157d6468d4af969fe2f4aea1aec44ba9a231daefe

SHA512
6c6b876c045f328980b35375f6f3dee9ff826d7bc1aa4eb76b6932f8f6679303fc7bfa13d01abb61efc5c2f862ea77092fe5ac4edced5e81483277cc3e2b25ac

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\prefs.js

Filesize
10KB

MD5
ad4d555312d798a256033287d5bed32f

SHA1
7ffc45d1e604bec49e81948e7d5b5b443f48258a

SHA256
5a8bd3520b7a2b3212969d4528f55f2c5b50213a35059851ca024fa0618a0c54

SHA512
0d33dfc10980e3f7b1bc6e900ac31961c7488cd7f58a400c8ac720895ebd0cb983de3db1a7d4979fab4d20323356a4948fb58402833a47db6e44b4b338490862

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionCheckpoints.json

Filesize
90B

MD5
c4ab2ee59ca41b6d6a6ea911f35bdc00

SHA1
5942cd6505fc8a9daba403b082067e1cdefdfbc4

SHA256
00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2

SHA512
71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
3ce8bd70eb1ff347ae77c5f10eb8d171

SHA1
79074e5dccabf194f6dd732875acf2a1e9625a99

SHA256
ca7625a870e6446f498d747bafbf611cecd7da237badde35bbe981bc3499d858

SHA512
58b58e14cac262907d7524d0477181aea3f4ee38a486f21c3b53f6e2dadbd8c8db60b0c2870a3ee114b2c72826e4ba7e761273e1f2c564fd4b5e6f19b2a9c314

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
4b7ae0ea21f8a75e2d482331089a54be

SHA1
f824b4b6e4bb88f41d33a0db0b67082c8ed97684

SHA256
77c5e99f1f1b9694b551c17c7b9a775c7b97ae6d2cd53d2a945111296716c86d

SHA512
55b9983eb45d4cd8c3b43c1ce31968b5768abf1fd5aac7738ce5f4a843e25a8f4945a03f85878f983a8c8f72c97ad5e3858499a21e09cfd712224f50a81626f2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
cbe3c43aa8731f07fc4290654a8f79ad

SHA1
bb656141496b7f2ff2ffe91f6a0ff059914fb886

SHA256
59a23e944d927ef0820701c337c99294427564a391a5061c55f5c485cd5c3f01

SHA512
91d914de0dce9396f770965f0b434f8f197ae8a05ad11160baa15effc339d700c25819fd926bb80abc31f808578ee3093e6d07c7b55204ad6222613d9096b47e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
1c89fa33f1e6229a28fc03cdabe95efe

SHA1
8dc85b679a8e1c34ad09e3b4e9fe5d8dde8ab9d1

SHA256
68004bfb5ae5158bd757b7746e3c7847e1bc4d46bd23aee20ff8aedc97ed4bab

SHA512
83fa0d70876c4f4523e7b057482461f51115c3c20f10e84b324565fded5a12521c104daacfb2da0e841cdde4ee9616efeb69e7e62da9440f081843aa8147bdf4

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
987dc236217b802956b2f605aee9df96

SHA1
a877066b9bdbace205c9c760a70e091169339b81

SHA256
d0ce81be938a51a595d170319ec257073851a97cfeb65067277f042db8d17535

SHA512
bc1480d8d6e677761e11d6dae7378da6b484b2c8e87ad24d096cf7be3d2b6b68d24cd604dd02ed6ae2ea838f13c6f8d5cc84e9ea74f17ce213a6d1968bebe6d9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
0c8b858ff7e17eb98b0e458b89cf893c

SHA1
830c859345ad517657c2c9afd1509ed5a087769e

SHA256
0ead48eddeac7dbe0b9b1a8b6ccdbe9a4cd23c275e85557d92ee013107b01661

SHA512
15ac485179c238c272a234e3dca0a7d8aba8513ce080a9ebd57f87bb8fad692102d2afc600b758535bc2b939caa26731dc429d12edf62b8f188b8259f4131b64

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
10KB

MD5
973a31da424a8804af54ed3728310033

SHA1
ea644247190104d36399fb2c0f6fe2b20abb51bd

SHA256
baffb235ef4d5d12c3e6a3a5a4e270da5ef13ef0c05eaa14e59325ddec765079

SHA512
a29ebddf6777406d375bb26d58679ac597328b61d65075105dc72b5858ae97ea8e646c5411548accd8458aba5bf5abdc2ed636548c6c083a8984201546819bab

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
2826faf17f7d2e9663d38156460827bb

SHA1
12bd928e3368266c184219a5859556aebce55054

SHA256
35947954e3e7eb1b9222a13374069b4f10e674f6bbcf235615ba4124009f54e2

SHA512
1fa2f2b97157f20a328a47d2f15d035520a8349615ade78d85aa547566da882a32846700e4c533aaf755b954460a731f1416f9184face3d83da0ef5968ba467c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
95f05876d4c4d959733392204d6c5a11

SHA1
acfbda64cca1f36199b6d83a5db7b194d0e71d85

SHA256
54092b85e3ac3b75c0ba399688e37ff71ec1a97096a3d73cf146c45843d0249e

SHA512
833f28f74f1d4342be41fba04109c5e900ab286dcfd68b1a4f49e8a6ba6062fbd9b9d741924f5bc9ee7661e4b0dd50af59efb00d27ba2066e87f61c384c6fc22

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
9320c830fbb0fa09b8feb95e7390da46

SHA1
818bafa54609a137941b732736e214028bacb84c

SHA256
f42ec2aa97ec74654aa9db7e9c6da916d486bbf551095850f34136b02380f7cb

SHA512
42c3285091b733469cb4d3c9ea99b1d4c5bdc1a10697efac74fbb85577838f5a0d419fdb315a64989b2488109d4a43181cc1e325cebc0a946770364569a1cdaf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
e11922704f11d53c06e19615a1e7bcd9

SHA1
3e1a33e184de415e23c3db7c81e64bfd852643a5

SHA256
e8fae7f22cf3eda05e1c5659535fb0883cf909efcc1c9fa11b0bc6b62383258d

SHA512
148caac79b9f88d413cf06a62ecf72ea94fbc5d490a9a1d4925d8609f1eecba22f0af971cdd4944d101f54b781f95466c8e893f74f0c9f960b810a20cbff351a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
7a706e1d8f9af89f2fa35d5224aeac61

SHA1
405962b2bddc1e8f10cf9afab67ee7e0eadd6a3b

SHA256
7713e28fc4c33038a62b8918d2d0df8d9c61ecdb888a62bdc010e87fdab09c37

SHA512
f9013125b812aa296be0f8e274899c72cb83ef936987e25dec3aff27c84b1cd41020f5090f739207e260e5f073338570f197dc33b987d7a3fb0bf7a3ee7c7166

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
9KB

MD5
f4910d55578327e77e3026a7321bb942

SHA1
9a07994c6c61fd61340accdce95e1212196b3bb4

SHA256
546a994cb1a5c635ac52c145efc35eb8e0eaa0bcb4475f4d479ba7470ae28f9e

SHA512
be6c29df345ea67758da72ccc18524f05600d48c8eaa358aacb1e3fcf863a00ffa50273e54e246fa3773ea8792868334596aadc2856785f51724ab8afeef0c86

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
3KB

MD5
d4f284edbfbf984c712e0cd868cd1034

SHA1
0431686cbafa7d283d92e3f38c4e4d911ae1b7ea

SHA256
de92f0d943d52d4770e9281b944396ad8f08352314b2b29eafc1ca83d3eef9a2

SHA512
ea4c78e98b39e2c7214ae3c4bfb2847fce1477d5314f490e08eb1862d66ad2539431f93a94f219d108ca8d28c5a94d25409488f99cd1efae5e2df0cc7043cab0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\targeting.snapshot.json

Filesize
4KB

MD5
937037e308db480fb9e0d6aa51c1df85

SHA1
d35f6221796d2c12ae78a95c3f8310286c0427c4

SHA256
6a12bacbc2dfa0a742605d0aeb39901d0f254ed5681e27f4e874e84c515549c6

SHA512
bdab4a06553bb51573812385649640bae136b07883f4a01afd3af5127fd636d1a4b8ef458da8af0a0809fb14ce1108c5f3745b49fb60c305427a587f25aa051a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\snaxaw5u.default-release\xulstore.json

Filesize
107B

MD5
3b2d27df61056e1a61f69a879bbb1d90

SHA1
259da055fb555d24f690f4205018edaf1b36da39

SHA256
554f7a52e24ffee4b836376301deb4027798f988a64c1dc0ed79e425490e4585

SHA512
c885c7a4a70e38f96d7b867bea1eb41ef09b6a50797e2efa9f1e378a7453bda0951e65ce3a6bedec6ffa332e2b0d73364a35334f24bffbafe57ba5d1f5fa83ff

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request