Analysis Overview
Threat Level: Known bad
The file http://tinyurl.com/588khyhz was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Suspicious use of SetThreadContext
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Uses Task Scheduler COM API
Modifies registry class
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious behavior: LoadsDriver
Checks processor information in registry
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Opens file in notepad (likely ransom note)
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-22 20:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-22 20:01
Reported
2024-02-22 20:07
Platform
win10v2004-20240221-en
Max time kernel
344s
Max time network
334s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Tra1ner\Trainer.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Tra1ner\Trainer.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 5536 set thread context of 5116 | N/A | C:\Users\Admin\Downloads\Tra1ner\Trainer.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 4308 set thread context of 5628 | N/A | C:\Users\Admin\Downloads\Tra1ner\Trainer.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2200714112-3788720386-2559682836-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2200714112-3788720386-2559682836-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Tra1ner.rar:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://tinyurl.com/588khyhz"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://tinyurl.com/588khyhz
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.0.2092385368\33558557" -parentBuildID 20221007134813 -prefsHandle 1896 -prefMapHandle 1884 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b435c4ba-8368-4108-a3fa-cfdad5e86c8f} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 1988 26f340da158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.1.1702254572\1246310244" -parentBuildID 20221007134813 -prefsHandle 2404 -prefMapHandle 2400 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b0407e16-4cf2-493b-83de-bf3c2bec9ac5} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 2416 26f27872e58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.2.863972235\2030237667" -childID 1 -isForBrowser -prefsHandle 3472 -prefMapHandle 3468 -prefsLen 21603 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e84917e7-fd15-4bc1-8d65-59f5ccbfeef0} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 3484 26f3405b358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.3.978705115\1057207117" -childID 2 -isForBrowser -prefsHandle 3936 -prefMapHandle 3932 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d8ea4c06-ac3b-413c-b792-567589e2e596} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 4004 26f27862b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.6.474570356\220307647" -childID 5 -isForBrowser -prefsHandle 5180 -prefMapHandle 5184 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ec278d3-1773-4132-a2dd-54a230861d19} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 5168 26f3aac3f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.5.397817156\1257861263" -childID 4 -isForBrowser -prefsHandle 5060 -prefMapHandle 5056 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {88333bf0-84f8-494d-94e6-2ccfa6d785e3} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 4976 26f3a579858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.4.1106183015\1181860253" -childID 3 -isForBrowser -prefsHandle 4884 -prefMapHandle 4872 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d53be895-874a-40f5-8c8c-b835c8843ff1} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 4896 26f3a577158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.7.1280290091\376609638" -childID 6 -isForBrowser -prefsHandle 5228 -prefMapHandle 5368 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3dc8886e-4ff6-4434-83b3-09a83f7b087c} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 5268 26f3aac4b58 tab
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.8.1228036973\1353603353" -childID 7 -isForBrowser -prefsHandle 9468 -prefMapHandle 9472 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9364efcd-525e-4fc9-bf78-8915488895ee} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 9436 26f2782db58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.9.1084707915\181066799" -childID 8 -isForBrowser -prefsHandle 4396 -prefMapHandle 4392 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {831b13a4-8d81-4f2c-91ab-1fb3d7b1f3fb} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 3792 26f3ca06758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.10.75533762\1289317356" -childID 9 -isForBrowser -prefsHandle 4980 -prefMapHandle 4984 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6830a38-d06a-4659-99a2-642f7bffffbf} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 5096 26f3acbac58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.11.601683248\1623817556" -childID 10 -isForBrowser -prefsHandle 5096 -prefMapHandle 8892 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15a59249-6fdd-4dec-baae-260731829115} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 8788 26f3b9b2958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.14.2021475766\844152864" -childID 13 -isForBrowser -prefsHandle 8732 -prefMapHandle 8736 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d4965a5-f2b7-4b97-a625-b0a2746e4021} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 8372 26f369c4a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.13.987041849\1102674830" -childID 12 -isForBrowser -prefsHandle 8748 -prefMapHandle 8752 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a766f1ed-d23f-456e-ac1a-2144ec211776} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 3572 26f3bedce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.12.450616406\1625544581" -childID 11 -isForBrowser -prefsHandle 8764 -prefMapHandle 8800 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc238d27-087e-4a69-8b7c-e48e86714a0a} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 8584 26f3bed9558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.15.1745376367\125579188" -childID 14 -isForBrowser -prefsHandle 8480 -prefMapHandle 8764 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b812dc9-0463-455b-902b-68b33158f410} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7812 26f3c38f558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.16.233569954\1482805369" -childID 15 -isForBrowser -prefsHandle 8092 -prefMapHandle 8764 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {652fd887-684d-44ce-b10b-d1a5b1c84308} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7492 26f3cd3fb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.17.1445508327\650277940" -childID 16 -isForBrowser -prefsHandle 8660 -prefMapHandle 7924 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {050c702e-27b8-44bf-ba52-2024b1d6905f} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7456 26f3c533c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.18.489143468\514819739" -childID 17 -isForBrowser -prefsHandle 8248 -prefMapHandle 8584 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5cdb83a-95b1-4613-9dc4-b0520448920a} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7324 26f3beda458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.19.92821390\1722250985" -childID 18 -isForBrowser -prefsHandle 7208 -prefMapHandle 7204 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {01905563-456a-4570-bcae-bac2cbd2e1af} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7216 26f3c405c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.20.586469551\872338587" -childID 19 -isForBrowser -prefsHandle 7028 -prefMapHandle 7024 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c73becc-7401-4059-8abd-841a75a1d04e} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7032 26f3aa4f558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.22.1972607219\107387443" -childID 21 -isForBrowser -prefsHandle 7032 -prefMapHandle 6716 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a82dcc5c-3d26-47dd-9eb6-ce549b61be6e} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 6812 26f3b9b0258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4756.21.550648527\1384294237" -childID 20 -isForBrowser -prefsHandle 8000 -prefMapHandle 3876 -prefsLen 26702 -prefMapSize 233444 -jsInitHandle 1404 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e8a26c61-835e-4f72-a3b8-5ad15fc594f8} 4756 "\\.\pipe\gecko-crash-server-pipe.4756" 7044 26f3adcee58 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Tra1ner\" -spe -an -ai#7zMap21582:76:7zEvent7624
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Tra1ner\" -spe -an -ai#7zMap9215:76:7zEvent6748
C:\Users\Admin\Downloads\Tra1ner\Trainer.exe
"C:\Users\Admin\Downloads\Tra1ner\Trainer.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\Tra1ner\Trainer.exe
"C:\Users\Admin\Downloads\Tra1ner\Trainer.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Tra1ner\config.dll
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\7b9a28f51bde402f9deb0a58498910d5 /t 2788 /p 3248
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:56289 | tcp | |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 104.20.138.65:80 | tinyurl.com | tcp |
| US | 104.20.138.65:80 | tinyurl.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 52.24.144.241:443 | shavar.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | 208.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.138.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 241.144.24.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| DE | 52.222.190.163:443 | cdn.amplitude.com | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.2.37.23.in-addr.arpa | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| GB | 142.250.178.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 34.214.11.157:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.190.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.178.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 54.69.165.92:443 | api.amplitude.com | tcp |
| GB | 142.250.178.10:443 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.165.69.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 35.195.240.157.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | udp |
| FR | 157.240.195.35:443 | www.facebook.com | udp |
| N/A | 127.0.0.1:56298 | tcp | |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.184.233.64.in-addr.arpa | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 172.64.193.22:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | udp |
| US | 172.64.193.22:443 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.214.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 172.64.192.4:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.192.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 172.64.193.4:443 | g.ezodn.com | tcp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.64.193.4:443 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | 4.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 52.85.92.42:443 | tags.crwdcntrl.net | tcp |
| IE | 54.155.211.205:443 | bcp.crwdcntrl.net | tcp |
| IE | 54.77.245.72:443 | ad.crwdcntrl.net | tcp |
| GB | 172.217.169.34:443 | securepubads46.g.doubleclick.net | tcp |
| GB | 23.37.0.235:443 | e6603.g.akamaiedge.net | tcp |
| GB | 172.217.169.34:443 | securepubads46.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.245.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.211.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.0.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | download2265.mediafire.com | udp |
| US | 199.91.155.6:443 | download2265.mediafire.com | tcp |
| US | 8.8.8.8:53 | download2265.mediafire.com | udp |
| US | 8.8.8.8:53 | download2265.mediafire.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 104.19.215.37:443 | otnolatrnup.com | tcp |
| US | 104.19.215.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | 6.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.19.215.37:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| DE | 54.230.206.4:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | 4.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 104.21.96.72:443 | www.ovardu.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 52.59.35.203:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | front-geo.production.opera-website.route53.opera.com | udp |
| US | 8.8.8.8:53 | front-geo.production.opera-website.route53.opera.com | udp |
| US | 8.8.8.8:53 | 72.96.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.35.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 216.58.213.14:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 23.214.117.149:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.117.149:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.117.149:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.117.149:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.117.149:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | e11604.dscf.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | e11604.dscf.akamaiedge.net | udp |
| GB | 23.214.117.149:443 | e11604.dscf.akamaiedge.net | tcp |
| GB | 216.58.213.14:443 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.117.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 151.101.1.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | tags.creativecdn.com | udp |
| US | 8.8.8.8:53 | dualstack.reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | static-cdn.hotjar.com | udp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | static-cdn.hotjar.com | udp |
| US | 8.8.8.8:53 | dualstack.reddit.map.fastly.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | 1589314308.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 8.8.8.8:53 | 1589314308.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| DE | 52.85.92.115:443 | static-cdn.hotjar.com | tcp |
| GB | 88.221.134.88:443 | a1916.dscg2.akamai.net | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| GB | 89.187.167.8:443 | tags.creativecdn.com | tcp |
| US | 151.101.1.140:443 | reddit.map.fastly.net | tcp |
| US | 8.8.8.8:53 | 8.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.134.221.88.in-addr.arpa | udp |
| GB | 89.187.167.8:443 | tags.creativecdn.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ams.creativecdn.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | ams.creativecdn.com | udp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | ams.creativecdn.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| DE | 18.155.153.33:443 | script.hotjar.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| DE | 18.155.153.33:443 | script.hotjar.com | tcp |
| US | 13.107.42.14:443 | l-0005.l-msedge.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.153.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| GB | 157.240.221.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | vc.hotjar.io | udp |
| DE | 54.230.206.5:443 | vc.hotjar.io | tcp |
| US | 8.8.8.8:53 | vc-live-cf.hotjar.io | udp |
| US | 8.8.8.8:53 | vc-live-cf.hotjar.io | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 5.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | dual-a-0001.a-msedge.net | udp |
| US | 204.79.197.200:443 | dual-a-0001.a-msedge.net | tcp |
| US | 8.8.8.8:53 | dual-a-0001.a-msedge.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 8.8.8.8:53 | r.clarity.ms | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus2-b-sc.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus2-b-sc.eastus2.cloudapp.azure.com | udp |
| US | 20.119.174.243:443 | clarity-ingest-eus2-b-sc.eastus2.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.174.119.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clarity-ingest-eus2-b-sc.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| DE | 35.158.201.105:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| GB | 185.64.190.77:443 | hbopenbid-lhrc.pubmnet.com | tcp |
| US | 8.8.8.8:53 | eu-tlx.3lift.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| FR | 178.250.7.10:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| IE | 34.246.3.179:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | bidder.fr3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | am6-prebid.a-mx.net | udp |
| US | 8.8.8.8:53 | bidder.fr3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 104.22.68.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.68.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.68.131:443 | prebid.smilewanted.com | tcp |
| US | 104.22.68.131:443 | prebid.smilewanted.com | tcp |
| IE | 52.31.160.248:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.201.158.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.3.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.68.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.160.31.52.in-addr.arpa | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.fr3.eu.criteo.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc5.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc5.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| FR | 185.235.86.235:443 | gbc8.fr3.eu.criteo.com | tcp |
| FR | 185.235.86.140:443 | gbc5.fr3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | 235.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| GB | 23.37.0.235:443 | e6603.g.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 104.22.68.131:443 | csync.smilewanted.com | tcp |
| DE | 3.75.62.37:443 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| IE | 54.155.211.205:443 | id.crwdcntrl.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| NL | 213.19.162.80:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| GB | 185.64.190.79:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| NL | 131.153.158.209:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| DE | 18.198.96.60:443 | rtb.mfadsrvr.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| FR | 91.134.110.133:443 | ssbsync-global.smartadserver.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| FR | 154.54.250.151:443 | ads.stickyadstv.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | imagesync-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | imagesync-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | 209.158.153.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.96.198.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| NL | 104.98.130.104:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| DK | 37.157.2.229:443 | cm.adform.net | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| IE | 18.200.223.165:443 | ap.lijit.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ow-amsc.pubmnet.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ow-amsc.pubmnet.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| GB | 23.37.1.59:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| NL | 81.17.55.117:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| NL | 147.75.84.158:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 185.89.210.82:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | 104.130.98.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.69.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.223.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.1.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| IE | 54.73.163.254:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| NL | 185.89.210.82:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| DE | 18.155.145.39:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | 254.163.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 147.75.84.158:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 172.64.149.180:443 | cdn.indexww.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 213.19.162.80:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r4---sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-1gi7znek.gvt1.com | udp |
| CH | 74.125.108.201:443 | r4.sn-1gi7znek.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.108.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 150.1.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 8.8.8.8:53 | technologyenterdo.shop | udp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | detectordiscusser.shop | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 8.8.8.8:53 | turkeyunlikelyofw.shop | udp |
| US | 104.21.76.253:443 | turkeyunlikelyofw.shop | tcp |
| US | 8.8.8.8:53 | 92.60.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | associationokeo.shop | udp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 253.76.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.147.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 172.67.180.132:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 104.21.76.253:443 | turkeyunlikelyofw.shop | tcp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 9c4a6a5868ae77bfef51198846eb1dcd |
| SHA1 | 557128f5a31c70903ae6a7390de884fc44f33b2c |
| SHA256 | 88ec8254da9a2843b83dc87197c9e08f151fd06b0046bf55d50d7239010c20ca |
| SHA512 | 0c970d11c2b994657e53cb9e314383be5c4bc84b706b69c25e5fa159642475bf85708cd960a15734135e9a58cfc58b8b11dcafc9b5c92658df9d5588368c215b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\datareporting\glean\pending_pings\e8ed9abe-8294-482d-841c-d6a1da653eda
| MD5 | 5a5f6207bfe674827a1f15da85352014 |
| SHA1 | d05274e6a273ada78d346ef3473e8e6f8be56ea4 |
| SHA256 | ec77dd40dae7f843c8ead4a3d203fc3254a8fbc18c319afae993d5d0b0bfb6b7 |
| SHA512 | 1dac9b8bcd9d6f480ae275da4f2c66146ea35e294b4cba8a7fe5ecca16f06e6daf7c6d85d51ab5d97afc638b37a6d6d626a2205ca6b304fbdd8b386228463188 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\datareporting\glean\pending_pings\0f1d8ff8-a3d1-4e78-945f-8abd510da1ee
| MD5 | 6093081ff93bfbee918635bc60ecc6a3 |
| SHA1 | 3d6963ab769bef9cb54e9ba7d630df75e4a618c7 |
| SHA256 | 6eee39d62c2647bece592545a2cfb9982ea17e3b79e742350a2f060cd7745603 |
| SHA512 | 725a2ee3bc7d32fd91b9c34745bb446edb5105d19a142d63edbd7aef9583b7b723f1a89adc137cc49c09cfaba65f10b7f6e1d9492b24a0b3185e092da7eea043 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs.js
| MD5 | 7633495e4fc4ea79b698996186e5e727 |
| SHA1 | 6a8cf2873f97dc223eca6061376f2700253d7124 |
| SHA256 | 5e00341ba2f385a1af5c08ca38fc800720925926636fa9ddda6ce6611f257f87 |
| SHA512 | 0bbe796a58220a7a19f2264e0387cca2bf8df431077471605c11cf26a3748e9b02a80216b7cb821ee48346432671099a7eb469bf65409f55bb165c51d4b19a19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs.js
| MD5 | 1573d5544efa25690291eb664323e536 |
| SHA1 | febd319e64a660a9324461436dd6063f6684bb49 |
| SHA256 | a7166d51c0f9e3bbec82db3164f7004e49f8581c8fa51ec1102da7141aa016fe |
| SHA512 | 8678ec6c943089bbee766c9e010fbcc04060d2f40855a21b88d5cd7b5e4d106ee0ac819c8f951856f5603d2eed98cad08e2613d2e8c4052f3f285ec6ba312979 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\btade21m.default-release\cache2\doomed\18664
| MD5 | 14e47c4cd92a181832b9d1d18cacff2f |
| SHA1 | b5feb96be9912bd57c0573ca0f8108727d99edda |
| SHA256 | 3539bf3a94bf684023564cf21cbf19e7898cd5082a4b1d14cbfd0e062e7a730d |
| SHA512 | 592a82db50327361df95852d32c705ca9a809c260681eb331c986d59771ad2a50e18f60798114a61bc2b6b905ee47a7909ebab5a1012ceb554d365c1de61fd51 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\btade21m.default-release\cache2\entries\92113961329D1377FCC1268209DBA0FFFFB50300
| MD5 | 35613fbae9da8d0a9589962cfe7da358 |
| SHA1 | 6ed825df4d2530b877c796ff1980fbef0df71dde |
| SHA256 | 8f2bea64701b4c71abaede0d17c348c5a8f3045265eb6df70ba0cbcbf56dbcdc |
| SHA512 | 045de475fe0c3c7ad007bb08b72b4a412e9347627e5e1f13801084a5cf07102c8b4ef57a418b271d2e12be5f0f4c1693341c6ad99264e5276143afa1a6592250 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs.js
| MD5 | 15cfe8b022aa4b6bdeabb2171394f41a |
| SHA1 | 5ad1cf02f45b850614e3ab2d4ea33ed336649064 |
| SHA256 | 41cb48e31b30e22b447ef6453102c302f40f28114118c373f4e001ffc52043cc |
| SHA512 | 28f68fa1d2098af0ac092bffad2d99882c1c9fb8772aba0b92bb5b53a50f976f43bcc50ca003655153f57f44d06595c0c84d3c384a1a145e5e55ccd61cf26bca |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c315432c76bd9bbf05cf803393448028 |
| SHA1 | 74e18a633fe84ad90b75a6eaabf503fca2eafc18 |
| SHA256 | 439977e930ad8dabfe85cf388927d126a81d63c88251751108de5eec91a79ac8 |
| SHA512 | e2231afc58e1bebd351017c6d874c09bf09c08bb280d40ebe586bd85460e403d629d121fa9b166301066e2293abf777e4d95c129ceec18c50e01ebaa02cf7d94 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\btade21m.default-release\cache2\doomed\32625
| MD5 | be25187fd4089e480640ca1dc1d486f2 |
| SHA1 | dbf5ffaa02ae917835006d9ce694f8169b2a54ba |
| SHA256 | 59e2a009dd458fda7e95703a5219988971cca08a4e336400e06ee3879a0b5d34 |
| SHA512 | cb55e6874bd20db169de4cdb35179f699d38f7a435a7e7a910ee11abd47a6bbc42749728f8aaa1d8897435d35d335134caa617dcff3bde40decf9575d5364a16 |
memory/5960-346-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-347-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-348-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-354-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-357-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-358-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-359-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-360-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-356-0x0000025104A50000-0x0000025104A51000-memory.dmp
memory/5960-355-0x0000025104A50000-0x0000025104A51000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs.js
| MD5 | e3385dce9bd20a6869c7c301ab7ee062 |
| SHA1 | cccbbf0b7937562acb2f92c14e6f9de4b1052151 |
| SHA256 | 06a72bfb115866fa84a03b0029ca966708a0a715ebd4908623a112163c1e985b |
| SHA512 | c777e12d211a57220b0b63a9fb2706c9a0c27586b337798dbcaec263cb2bbe5f82106318b58b4f048529173cd94758c26d23c5cd586f31b985fa8030504289c6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 16f343af69d33b186021677512f10501 |
| SHA1 | c4b401c78dabb9c46050fe2db99a171871898205 |
| SHA256 | d490fbd93ea720980531343d136d7279fcee7b83048fa63269e76803a65b9a19 |
| SHA512 | 7612a4d0bc3de8309e950e990ca96e91a6ce59cfdf0dede44678aef9f674c89145dc5220a06e39ba45d8ed780ee6bbefaffc94eebe5f869238139a09eb0744a8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | aa81474280f7abb683118f517b0cb49c |
| SHA1 | 9784342a18b84968dc38cf4da4959661d7e77964 |
| SHA256 | a49d937a29386a03b14de08537639747cf2eecf946ebe0980bfcd3e173dcc346 |
| SHA512 | 126e0b63734ed7028af58bd00f81f60619537cc27abb7669ecf2df47fa925fa00276ae7c918817813e9314ca8f51d68e35c6c48fa891818ea6350dcfad15b45f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c12ad22d300dabef51034a039483e57e |
| SHA1 | 05788f6fbb695fdd3c2a98e35e1a9f4035ee3d2e |
| SHA256 | 60fb87cb4c57c92980e0c90e25f79d9ccbec29f9bd55a6fcc490bd19ed1e522b |
| SHA512 | 93f35ed269a2fb9304214dd6b9f5212dca8d04345845181b8a93515b0f7042d9595dc4bc0e2d15d5b710e2f135f4c94e0382a63fe4281c95f0702eef5450b509 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs.js
| MD5 | a0b5afd4c446b4a3837ea661642c7707 |
| SHA1 | 18f638ab466f087c5cba637fd0008e5410123e31 |
| SHA256 | 2f707cc755ba48d938e87382f65e5762dc529d76a8e27befc64d3580bebe0f65 |
| SHA512 | 9a457a56e99593c4d3fb00155b89d5ea809f5743b15b3a7677b87d0d8bc01e7acf4ccdcca1efb20c450262f2dd200b47fe96ae4b1ed7260806edaa2b7d1aa8ea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\prefs-1.js
| MD5 | 0c509d137f29e9376d92db155fb9a1bc |
| SHA1 | 9516bf50310fe311b8679ac2a5302ed1509cf54e |
| SHA256 | 60e64ccc4b7d57190734e52b6a8df3b7db53afa6132f4af1ec50ca35945376ff |
| SHA512 | ce31a59286c40c467182fdbf72c1f8927dd2b73c9639bd729c7b32b008f20b760a3921640a6a77f1f533cb6248c931a981f3a635920a0e79ecb86610455e120a |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\btade21m.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | dc57a2de43f770b95686c52ad00a33f4 |
| SHA1 | 6aea7ac8a77a9b2450fa06992c4238030e3e49e4 |
| SHA256 | a359bce4271d5771aee453e92b76c2d2267c7ec77d978c8e8745957e09905e65 |
| SHA512 | 977dd43a14f324953cbd08cfd38ddd858ef2a8d99c3df910e5c86bd81a71104550428615426269c504b370235f191e8a2ccb5af2ae46279ffb3c8ace766850cb |
C:\Users\Admin\Downloads\Tra1ner.hueDOYJ6.rar.part
| MD5 | d2cd8f367bb5bc22dc63b82afd88a9a1 |
| SHA1 | 6675d6f99b0c971d4becc71830020ee70a5a77e9 |
| SHA256 | 9ad62f8e558cdce7ba80f2dc031ab1415dae6bc5b8e455a8e8a8f99757f3845f |
| SHA512 | 40e8f48de2b544fa6fd41bed96fccc85857f36b40759f8f0bfa247316349c2ad6df2e3015d46505dfe3d7759b1f9dde3f1e60c1af8dae35dbcb96f4f9485fa08 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 9e28f5a713b8e5ed3af28881ce4c55f0 |
| SHA1 | 24503b247044a9f5a747546d7863fe8fc92de61f |
| SHA256 | dd0b6326cffd1cb3035c3839c99278c2db798a1aeba88130ff1b8c13d35c6c87 |
| SHA512 | 40fa354220e90424b796d33715cb2084d0bd5cdc4cdc3f57017e5b7b3360c89596ee0a9231efe99cc863372201e125db60e5beee1afde6f9fc6fc6d06670fbdf |
C:\Users\Admin\Downloads\Tra1ner.rar
| MD5 | f08cad62836e7dfa5bce95cf587c4061 |
| SHA1 | e1ba2c8a48b8632cdf3663cc7c5e02dd4b1887e7 |
| SHA256 | 34069a450046fe59ceb0db8ee971c700e8b587bd1d91e0d20e02f278b50fddb3 |
| SHA512 | bcd259320d23a7d72dcdcba10b030bfb57fda4e9e9916982ad8d29c562cd24e4578bf010ab91ae860fe8c32a9728b1d97b48e9ab4cd3f9d423bedcb15d38d45a |
C:\Users\Admin\Downloads\Tra1ner\Trainer.exe
| MD5 | 44b8777af0485153ac9a64c1d60335c3 |
| SHA1 | 793080149efc516cdb962418599f51a6d9a7293f |
| SHA256 | 6cda1908e8de75b4285175306ff7396d75599b59cad4828a424d3f6b00b5d849 |
| SHA512 | 41d10fab420cbacf6d29400dbaf5aa1ba37349e24a3aea4aa7f023fcba51eb183208f006e6451d0b901d9df2e9338ca3bd266698723256954e667a01d375151d |
memory/5536-990-0x00000000749E0000-0x0000000075190000-memory.dmp
memory/5536-989-0x00000000005F0000-0x0000000000640000-memory.dmp
memory/5116-993-0x0000000000400000-0x0000000000448000-memory.dmp
memory/5116-996-0x0000000000400000-0x0000000000448000-memory.dmp
memory/5536-999-0x0000000002970000-0x0000000004970000-memory.dmp
memory/5536-998-0x00000000749E0000-0x0000000075190000-memory.dmp
memory/5116-1000-0x0000000000FB0000-0x0000000000FB1000-memory.dmp
memory/5116-1001-0x0000000000FB0000-0x0000000000FB1000-memory.dmp
memory/5116-1002-0x0000000000400000-0x0000000000448000-memory.dmp
memory/5536-1003-0x0000000002970000-0x0000000004970000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Trainer.exe.log
| MD5 | 84cfdb4b995b1dbf543b26b86c863adc |
| SHA1 | d2f47764908bf30036cf8248b9ff5541e2711fa2 |
| SHA256 | d8988d672d6915b46946b28c06ad8066c50041f6152a91d37ffa5cf129cc146b |
| SHA512 | 485f0ed45e13f00a93762cbf15b4b8f996553baa021152fae5aba051e3736bcd3ca8f4328f0e6d9e3e1f910c96c4a9ae055331123ee08e3c2ce3a99ac2e177ce |
memory/4308-1008-0x0000000074A80000-0x0000000075230000-memory.dmp
memory/4308-1013-0x0000000074A80000-0x0000000075230000-memory.dmp
memory/4308-1014-0x0000000002580000-0x0000000004580000-memory.dmp
memory/5628-1015-0x0000000000A90000-0x0000000000AC2000-memory.dmp
memory/5628-1016-0x0000000000A90000-0x0000000000AC2000-memory.dmp
memory/5628-1017-0x0000000000400000-0x0000000000448000-memory.dmp
memory/5628-1018-0x0000000000A90000-0x0000000000AC2000-memory.dmp
C:\Users\Admin\Downloads\Tra1ner\config.dll
| MD5 | b75e926e1c5500bce9e684b2e76378e9 |
| SHA1 | 0fea8e57ea435e01924700b57f86e643b4cfe1dc |
| SHA256 | fcd86d3e4d3fa7114b0e56a8f7ad6431055cff71a7dfb942ac5943dd28583c1d |
| SHA512 | 8b39488eff24fdeb2e9415b0797c6ab80e4f9e34836a5e8769cf063ebd0026efca7d0fbb476fdb7f2aced163b4c8dfdb292f493de7ff61fa5c57c8ef8c366c94 |
memory/4308-1020-0x0000000002580000-0x0000000004580000-memory.dmp