d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1

Resubmissions

20/03/2024, 06:52 UTC

240320-hndtmabf8v 10

19/03/2024, 22:55 UTC

240319-2v3k4sae3y 10

19/03/2024, 22:06 UTC

240319-11gedshf2x 10

19/03/2024, 22:03 UTC

240319-1ynqpahe6y 10

19/03/2024, 07:56 UTC

240319-jsxmzaeb53 10

19/03/2024, 07:27 UTC

240319-h98wwsde35 10

19/03/2024, 07:23 UTC

240319-h7r6csec3y 10

Analysis

max time kernel
0s
max time network
154s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
19/03/2024, 07:23 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

xmrig
Size

5.8MB
MD5

fd4de73efcd750b5d8a548a61084d33c
SHA1

bd4163c2c7f1ea909d901e93677361561263de27
SHA256

d32b8556e6cb03b6274b1874fd3ad73ba5c5a1aacaba84def8c0f00f0d4ecea1
SHA512

488950df2e40793ae89528805c87647c4639e2f3a0a50b3a733130fd95b6faf25304fdf3371f076ab1063f4cbec05510233ba1272c00bb81f78424290c7f6cb7
SSDEEP

98304:PNAvuNeDarlWPtb2aYjDAGAoQGilg7qOZkyxPEai1EzNVA2TiLVCEqs:PkOrlWsIaihCTs

Score

1^/10

Malware Config

Signatures

/tmp/xmrig
/tmp/xmrig
1⤵
PID:1583

Network

DNS

cdn.fwupd.org

Remote address:

1.1.1.1:53

Request

cdn.fwupd.org

IN A

Response

cdn.fwupd.org

IN CNAME

dualstack.p2.shared.global.fastly.net

dualstack.p2.shared.global.fastly.net

IN A

151.101.2.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.66.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.130.49

dualstack.p2.shared.global.fastly.net

IN A

151.101.194.49
DNS

cdn.fwupd.org

Remote address:

1.1.1.1:53

Request

cdn.fwupd.org

IN AAAA

Response

cdn.fwupd.org

IN CNAME

dualstack.p2.shared.global.fastly.net

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:200::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:400::561

dualstack.p2.shared.global.fastly.net

IN AAAA

2a04:4e42:600::561
DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN A

Response

1527653184.rsc.cdn77.org

IN A

89.187.167.9

1527653184.rsc.cdn77.org

IN A

195.181.164.19
DNS

1527653184.rsc.cdn77.org

Remote address:

1.1.1.1:53

Request

1527653184.rsc.cdn77.org

IN AAAA

Response

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::3

1527653184.rsc.cdn77.org

IN AAAA

2a02:6ea0:ca00::4
DNS

services.addons.mozilla.org

Remote address:

1.1.1.1:53

Request

services.addons.mozilla.org

IN A

Response

services.addons.mozilla.org

IN A

18.245.162.43

services.addons.mozilla.org

IN A

18.245.162.100

services.addons.mozilla.org

IN A

18.245.162.3

services.addons.mozilla.org

IN A

18.245.162.105
DNS

services.addons.mozilla.org

Remote address:

1.1.1.1:53

Request

services.addons.mozilla.org

IN AAAA

Response
DNS

location.services.mozilla.com

Remote address:

1.1.1.1:53

Request

location.services.mozilla.com

IN A

Response

location.services.mozilla.com

IN CNAME

locprod2-elb-us-west-2.prod.mozaws.net

locprod2-elb-us-west-2.prod.mozaws.net

IN A

44.230.179.24

locprod2-elb-us-west-2.prod.mozaws.net

IN A

44.239.120.226

locprod2-elb-us-west-2.prod.mozaws.net

IN A

52.39.120.181
DNS

location.services.mozilla.com

Remote address:

1.1.1.1:53

Request

location.services.mozilla.com

IN AAAA

Response

location.services.mozilla.com

IN CNAME

locprod2-elb-us-west-2.prod.mozaws.net
DNS

locprod2-elb-us-west-2.prod.mozaws.net

Remote address:

1.1.1.1:53

Request

locprod2-elb-us-west-2.prod.mozaws.net

IN AAAA

Response
DNS

detectportal.firefox.com

Remote address:

1.1.1.1:53

Request

detectportal.firefox.com

IN A

Response

detectportal.firefox.com

IN CNAME

detectportal.prod.mozaws.net

detectportal.prod.mozaws.net

IN CNAME

prod.detectportal.prod.cloudops.mozgcp.net

prod.detectportal.prod.cloudops.mozgcp.net

IN A

34.107.221.82
DNS

detectportal.firefox.com

Remote address:

1.1.1.1:53

Request

detectportal.firefox.com

IN AAAA

Response

detectportal.firefox.com

IN CNAME

detectportal.prod.mozaws.net

detectportal.prod.mozaws.net

IN CNAME

prod.detectportal.prod.cloudops.mozgcp.net

prod.detectportal.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:38d7::
GET

http://detectportal.firefox.com/canonical.html

Remote address:

34.107.221.82:80

Request

GET /canonical.html HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive

Response

HTTP/1.1 200 OK

Server: nginx
Content-Length: 90
Via: 1.1 google
Date: Mon, 18 Mar 2024 11:23:38 GMT
Age: 72082
Content-Type: text/html
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
DNS

example.org

Remote address:

1.1.1.1:53

Request

example.org

IN A

Response

example.org

IN A

93.184.216.34
DNS

example.org

Remote address:

1.1.1.1:53

Request

example.org

IN A
DNS

example.org

Remote address:

1.1.1.1:53

Request

example.org

IN AAAA

Response

example.org

IN AAAA

2606:2800:220:1:248:1893:25c8:1946
DNS

example.org

Remote address:

1.1.1.1:53

Request

example.org

IN AAAA
DNS

ipv4only.arpa

Remote address:

1.1.1.1:53

Request

ipv4only.arpa

IN A

Response

ipv4only.arpa

IN A

192.0.0.170

ipv4only.arpa

IN A

192.0.0.171
DNS

ipv4only.arpa

Remote address:

1.1.1.1:53

Request

ipv4only.arpa

IN A
DNS

ipv4only.arpa

Remote address:

1.1.1.1:53

Request

ipv4only.arpa

IN AAAA

Response
DNS

ipv4only.arpa

Remote address:

1.1.1.1:53

Request

ipv4only.arpa

IN AAAA
DNS

www.mozilla.org

Remote address:

1.1.1.1:53

Request

www.mozilla.org

IN A

Response

www.mozilla.org

IN CNAME

www.mozorg.moz.works

www.mozorg.moz.works

IN A

143.204.72.186
DNS

www.mozilla.org

Remote address:

1.1.1.1:53

Request

www.mozilla.org

IN A
DNS

www.mozilla.org

Remote address:

1.1.1.1:53

Request

www.mozilla.org

IN AAAA

Response

www.mozilla.org

IN CNAME

www.mozorg.moz.works
DNS

www.mozilla.org

Remote address:

1.1.1.1:53

Request

www.mozilla.org

IN AAAA
GET

http://detectportal.firefox.com/success.txt?ipv4

Remote address:

34.107.221.82:80

Request

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 18 Mar 2024 13:13:41 GMT
Age: 65480
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
DNS

contile.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

contile.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile.services.mozilla.com

IN AAAA

Response
DNS

www.mozorg.moz.works

Remote address:

1.1.1.1:53

Request

www.mozorg.moz.works

IN AAAA

Response
DNS

firefox.settings.services.mozilla.com

Remote address:

1.1.1.1:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

firefox.settings.services.mozilla.com

Remote address:

1.1.1.1:53

Request

firefox.settings.services.mozilla.com

IN AAAA

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net
DNS

prod.remote-settings.prod.webservices.mozgcp.net

Remote address:

1.1.1.1:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN A
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN A
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN A
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN AAAA

Response

incoming.telemetry.mozilla.org

IN CNAME

telemetry-incoming.r53-2.services.mozilla.com
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN AAAA
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN AAAA
DNS

incoming.telemetry.mozilla.org

Remote address:

1.1.1.1:53

Request

incoming.telemetry.mozilla.org

IN AAAA
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN A

Response

accounts.firefox.com

IN A

34.110.207.168
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN A
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN A
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN A
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN AAAA

Response
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN AAAA
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN AAAA
DNS

accounts.firefox.com

Remote address:

1.1.1.1:53

Request

accounts.firefox.com

IN AAAA
DNS

contile-images.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile-images.services.mozilla.com

IN A

Response

contile-images.services.mozilla.com

IN A

34.120.115.102
DNS

contile-images.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile-images.services.mozilla.com

IN A
DNS

contile-images.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile-images.services.mozilla.com

IN AAAA

Response
DNS

contile-images.services.mozilla.com

Remote address:

1.1.1.1:53

Request

contile-images.services.mozilla.com

IN AAAA
DNS

www.amazon.co.uk

Remote address:

1.1.1.1:53

Request

www.amazon.co.uk

IN A

Response

www.amazon.co.uk

IN CNAME

tp.bfbdc3ca1-frontier.amazon.co.uk

tp.bfbdc3ca1-frontier.amazon.co.uk

IN CNAME

www-amazon-co-uk.customer.fastly.net

www-amazon-co-uk.customer.fastly.net

IN A

162.219.226.83
DNS

www.amazon.co.uk

Remote address:

1.1.1.1:53

Request

www.amazon.co.uk

IN AAAA

Response

www.amazon.co.uk

IN CNAME

tp.bfbdc3ca1-frontier.amazon.co.uk

tp.bfbdc3ca1-frontier.amazon.co.uk

IN CNAME

dmv2chczz9u6u.cloudfront.net

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:ee00:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:b800:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:a000:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:1800:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:7400:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:9a00:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:3600:15:c9dc:593:6781

dmv2chczz9u6u.cloudfront.net

IN AAAA

2600:9000:26ba:be00:15:c9dc:593:6781
DNS

uk.hotels.com

Remote address:

1.1.1.1:53

Request

uk.hotels.com

IN A

Response

uk.hotels.com

IN CNAME

ipv6-global.hotels.com.edgekey.net

ipv6-global.hotels.com.edgekey.net

IN CNAME

e10109.dscx.akamaiedge.net

e10109.dscx.akamaiedge.net

IN A

104.115.33.110
DNS

uk.hotels.com

Remote address:

1.1.1.1:53

Request

uk.hotels.com

IN AAAA

Response

uk.hotels.com

IN CNAME

ipv6-global.hotels.com.edgekey.net

ipv6-global.hotels.com.edgekey.net

IN CNAME

e10109.dscx.akamaiedge.net

e10109.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:daf::277d

e10109.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:dbd::277d

e10109.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:dbc::277d

e10109.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:da5::277d

e10109.dscx.akamaiedge.net

IN AAAA

2a02:26f0:fd00:dbe::277d
DNS

www.youtube.com

Remote address:

1.1.1.1:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.187.238
DNS

www.youtube.com

Remote address:

1.1.1.1:53

Request

www.youtube.com

IN AAAA

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN AAAA

2a00:1450:4009:817::200e

youtube-ui.l.google.com

IN AAAA

2a00:1450:4009:819::200e

youtube-ui.l.google.com

IN AAAA

2a00:1450:4009:81d::200e

youtube-ui.l.google.com

IN AAAA

2a00:1450:4009:81e::200e
DNS

www.facebook.com

Remote address:

1.1.1.1:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.151.35
DNS

www.wikipedia.org

Remote address:

1.1.1.1:53

Request

www.wikipedia.org

IN A

Response

www.wikipedia.org

IN CNAME

dyna.wikimedia.org

dyna.wikimedia.org

IN A

185.15.59.224
DNS

www.wikipedia.org

Remote address:

1.1.1.1:53

Request

www.wikipedia.org

IN AAAA

Response

www.wikipedia.org

IN CNAME

dyna.wikimedia.org

dyna.wikimedia.org

IN AAAA

2a02:ec80:300:ed1a::1
DNS

www.facebook.com

Remote address:

1.1.1.1:53

Request

www.facebook.com

IN AAAA

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN AAAA

2a03:2880:f189:80:face:b00c:0:25de
DNS

www.reddit.com

Remote address:

1.1.1.1:53

Request

www.reddit.com

IN A

Response

www.reddit.com

IN CNAME

reddit.map.fastly.net

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.65.140

reddit.map.fastly.net

IN A

151.101.129.140

reddit.map.fastly.net

IN A

151.101.193.140
DNS

www.reddit.com

Remote address:

1.1.1.1:53

Request

www.reddit.com

IN AAAA

Response

www.reddit.com

IN CNAME

reddit.map.fastly.net
DNS

shavar.services.mozilla.com

Remote address:

1.1.1.1:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

52.25.97.240

shavar.prod.mozaws.net

IN A

44.230.91.85

shavar.prod.mozaws.net

IN A

52.13.152.141
DNS

reddit.map.fastly.net

Remote address:

1.1.1.1:53

Request

reddit.map.fastly.net

IN AAAA

Response
DNS

twitter.com

Remote address:

1.1.1.1:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.129
DNS

shavar.services.mozilla.com

Remote address:

1.1.1.1:53

Request

shavar.services.mozilla.com

IN AAAA

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net
DNS

twitter.com

Remote address:

1.1.1.1:53

Request

twitter.com

IN AAAA

Response
DNS

shavar.prod.mozaws.net

Remote address:

1.1.1.1:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN A
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN A
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN AAAA

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN AAAA
DNS

content-signature-2.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

content-signature-2.cdn.mozilla.net

IN AAAA
DNS

push.services.mozilla.com

Remote address:

1.1.1.1:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

push.services.mozilla.com

Remote address:

1.1.1.1:53

Request

push.services.mozilla.com

IN AAAA

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net
DNS

autopush.prod.mozaws.net

Remote address:

1.1.1.1:53

Request

autopush.prod.mozaws.net

IN AAAA

Response
DNS

telemetry-incoming.r53-2.services.mozilla.com

Remote address:

1.1.1.1:53

Request

telemetry-incoming.r53-2.services.mozilla.com

IN AAAA

Response
DNS

normandy.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

normandy.cdn.mozilla.net

IN A

Response

normandy.cdn.mozilla.net

IN CNAME

normandy-cdn.services.mozilla.com

normandy-cdn.services.mozilla.com

IN A

35.201.103.21
DNS

normandy.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

normandy.cdn.mozilla.net

IN AAAA

Response

normandy.cdn.mozilla.net

IN CNAME

normandy-cdn.services.mozilla.com
DNS

normandy-cdn.services.mozilla.com

Remote address:

1.1.1.1:53

Request

normandy-cdn.services.mozilla.com

IN AAAA

Response
DNS

a1887.dscq.akamai.net

Remote address:

1.1.1.1:53

Request

a1887.dscq.akamai.net

IN A

Response

a1887.dscq.akamai.net

IN A

104.86.110.200

a1887.dscq.akamai.net

IN A

104.86.110.232
DNS

telemetry-incoming.r53-2.services.mozilla.com

Remote address:

1.1.1.1:53

Request

telemetry-incoming.r53-2.services.mozilla.com

IN A

Response

telemetry-incoming.r53-2.services.mozilla.com

IN A

34.120.208.123
DNS

a1887.dscq.akamai.net

Remote address:

1.1.1.1:53

Request

a1887.dscq.akamai.net

IN AAAA

Response

a1887.dscq.akamai.net

IN AAAA

2a02:26f0:da::5c7b:8c61

a1887.dscq.akamai.net

IN AAAA

2a02:26f0:da::5c7b:8c70
DNS

fp2e7a.wpc.phicdn.net

Remote address:

1.1.1.1:53

Request

fp2e7a.wpc.phicdn.net

IN AAAA

Response
DNS

fp2e7a.wpc.phicdn.net

Remote address:

1.1.1.1:53

Request

fp2e7a.wpc.phicdn.net

IN AAAA
POST

http://r3.o.lencr.org/

Remote address:

104.86.110.232:80

Request

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68C3E1F1C02761DA27F53D2E34AA802F27141382A01C4C887F892E303F99FACA"
Last-Modified: Sun, 17 Mar 2024 12:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2613
Expires: Tue, 19 Mar 2024 08:08:42 GMT
Date: Tue, 19 Mar 2024 07:25:09 GMT
Connection: keep-alive
POST

http://r3.o.lencr.org/

Remote address:

104.86.110.232:80

Request

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "890215E3AE001BBBA1191628E31FC2E1E1FB36B9348414AE460FD3652653B0F1"
Last-Modified: Mon, 18 Mar 2024 23:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Tue, 19 Mar 2024 08:05:52 GMT
Date: Tue, 19 Mar 2024 07:25:10 GMT
Connection: keep-alive
DNS

classify-client.services.mozilla.com

Remote address:

1.1.1.1:53

Request

classify-client.services.mozilla.com

IN A

Response

classify-client.services.mozilla.com

IN CNAME

prod-classifyclient.normandy.prod.cloudops.mozgcp.net

prod-classifyclient.normandy.prod.cloudops.mozgcp.net

IN A

34.98.75.36
DNS

classify-client.services.mozilla.com

Remote address:

1.1.1.1:53

Request

classify-client.services.mozilla.com

IN AAAA

Response

classify-client.services.mozilla.com

IN CNAME

prod-classifyclient.normandy.prod.cloudops.mozgcp.net
DNS

prod-classifyclient.normandy.prod.cloudops.mozgcp.net

Remote address:

1.1.1.1:53

Request

prod-classifyclient.normandy.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

tracking-protection.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

tracking-protection.cdn.mozilla.net

IN A

Response

tracking-protection.cdn.mozilla.net

IN CNAME

tracking-protection.prod.mozaws.net

tracking-protection.prod.mozaws.net

IN A

34.120.158.37
DNS

tracking-protection.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

tracking-protection.cdn.mozilla.net

IN AAAA

Response

tracking-protection.cdn.mozilla.net

IN CNAME

tracking-protection.prod.mozaws.net
DNS

tracking-protection.prod.mozaws.net

Remote address:

1.1.1.1:53

Request

tracking-protection.prod.mozaws.net

IN AAAA

Response
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN A

Response

firefox-settings-attachments.cdn.mozilla.net

IN CNAME

attachments.prod.remote-settings.prod.webservices.mozgcp.net

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.117.121.53
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN A
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN A
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN AAAA

Response

firefox-settings-attachments.cdn.mozilla.net

IN CNAME

attachments.prod.remote-settings.prod.webservices.mozgcp.net
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN AAAA
DNS

firefox-settings-attachments.cdn.mozilla.net

Remote address:

1.1.1.1:53

Request

firefox-settings-attachments.cdn.mozilla.net

IN AAAA
DNS

attachments.prod.remote-settings.prod.webservices.mozgcp.net

Remote address:

1.1.1.1:53

Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

aus5.mozilla.org

Remote address:

1.1.1.1:53

Request

aus5.mozilla.org

IN A

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

aus5.mozilla.org

Remote address:

1.1.1.1:53

Request

aus5.mozilla.org

IN AAAA

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net
DNS

prod.balrog.prod.cloudops.mozgcp.net

Remote address:

1.1.1.1:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

archive.mozilla.org

Remote address:

1.1.1.1:53

Request

archive.mozilla.org

IN A

Response

archive.mozilla.org

IN A

34.117.35.28
DNS

archive.mozilla.org

Remote address:

1.1.1.1:53

Request

archive.mozilla.org

IN A
DNS

archive.mozilla.org

Remote address:

1.1.1.1:53

Request

archive.mozilla.org

IN AAAA

Response

archive.mozilla.org

IN AAAA

2600:1901:0:b9fd::
DNS

archive.mozilla.org

Remote address:

1.1.1.1:53

Request

archive.mozilla.org

IN AAAA
DNS

ciscobinary.openh264.org

Remote address:

1.1.1.1:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

2.18.121.73

a19.dscg10.akamai.net

IN A

2.18.121.79
DNS

ciscobinary.openh264.org

Remote address:

1.1.1.1:53

Request

ciscobinary.openh264.org

IN AAAA

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:1180:4::212:7949

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:1180:4::212:794f
GET

http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

Remote address:

2.18.121.79:80

Request

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 08 Feb 2024 02:25:33 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1707359132.76424
Content-Type: application/zip
X-Trans-Id: txb593868315dd4afd8b70b-0065c6e04edfw1
Cache-Control: public, max-age=230297
Expires: Thu, 21 Mar 2024 23:23:45 GMT
Date: Tue, 19 Mar 2024 07:25:28 GMT
Connection: keep-alive
DNS

star-mini.c10r.facebook.com

Remote address:

1.1.1.1:53

Request

star-mini.c10r.facebook.com

IN AAAA

Response

star-mini.c10r.facebook.com

IN AAAA

2a03:2880:f189:80:face:b00c:0:25de
DNS

dyna.wikimedia.org

Remote address:

1.1.1.1:53

Request

dyna.wikimedia.org

IN AAAA

Response

dyna.wikimedia.org

IN AAAA

2a02:ec80:300:ed1a::1
DNS

reddit.map.fastly.net

Remote address:

1.1.1.1:53

Request

reddit.map.fastly.net

IN AAAA

Response
DNS

safebrowsing.googleapis.com

Remote address:

1.1.1.1:53

Request

safebrowsing.googleapis.com

IN A

Response

safebrowsing.googleapis.com

IN A

142.250.180.10
DNS

safebrowsing.googleapis.com

Remote address:

1.1.1.1:53

Request

safebrowsing.googleapis.com

IN AAAA

Response

safebrowsing.googleapis.com

IN AAAA

2a00:1450:4009:820::200a

151.101.130.49:443

tls, https

268 B
40 B
1
1
151.101.194.49:443

cdn.fwupd.org

tls

10.9kB
947.9kB
167
693
185.125.188.61:443

tls

135 B
2
185.125.188.61:443

tls

135 B
2
151.101.129.91:443

tls, https

233 B
40 B
1
1
151.101.129.91:443

extensions.gnome.org

tls

4.4kB
223.4kB
74
174
89.187.167.3:443

tls

851 B
11
89.187.167.9:443

odrs.gnome.org

tls

17.9kB
1.7MB
294
1197
18.245.162.43:443

services.addons.mozilla.org

tls

1.5kB
5.1kB
14
13
18.245.162.43:443

services.addons.mozilla.org

tls

3.6kB
15.1kB
25
24
52.39.120.181:443

location.services.mozilla.com

tls

3.7kB
4.8kB
16
9
52.39.120.181:443

location.services.mozilla.com

tls

1.3kB
3.6kB
12
9
34.107.221.82:80

http://detectportal.firefox.com/canonical.html

http

725 B
670 B
8
7

HTTP Request

GET http://detectportal.firefox.com/canonical.html

HTTP Response

200
34.107.221.82:80

detectportal.firefox.com

388 B
112 B
7
2
34.107.221.82:80

http://detectportal.firefox.com/success.txt?ipv4

http

779 B
588 B
9
7

HTTP Request

GET http://detectportal.firefox.com/success.txt?ipv4

HTTP Response

200
34.117.237.239:443

contile.services.mozilla.com

tls

2.0kB
7.7kB
16
14
143.204.72.186:443

www.mozilla.org

tls

18.0kB
382.1kB
219
302
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

1.7kB
4.0kB
15
9
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

26.5kB
617.0kB
301
583
52.13.152.141:443

shavar.services.mozilla.com

tls

2.3kB
5.5kB
13
9
52.13.152.141:443

shavar.services.mozilla.com

tls

1.5kB
3.8kB
16
11
34.107.243.93:443

push.services.mozilla.com

tls

1.8kB
4.2kB
12
9
34.107.243.93:443

push.services.mozilla.com

tls

2.2kB
1.6kB
11
8
34.120.115.102:443

contile-images.services.mozilla.com

tls

1.5kB
4.3kB
13
9
34.120.115.102:443

contile-images.services.mozilla.com

tls

2.3kB
24.7kB
20
25
34.107.243.93:443

push.services.mozilla.com

tls

1.4kB
550 B
11
6
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

3.6kB
22.3kB
32
31
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

1.5kB
4.1kB
15
12
35.201.103.21:443

normandy.cdn.mozilla.net

tls

2.3kB
5.4kB
14
11
34.110.207.168:443

accounts.firefox.com

tls

1.9kB
5.4kB
15
12
34.120.208.123:443

incoming.telemetry.mozilla.org

tls

7.1kB
9.1kB
46
41
34.120.208.123:443

incoming.telemetry.mozilla.org

tls

1.3kB
4.9kB
15
12
34.120.208.123:443

incoming.telemetry.mozilla.org

tls

1.3kB
5.0kB
16
13
34.120.208.123:443

incoming.telemetry.mozilla.org

tls

1.5kB
4.7kB
13
10
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

2.7kB
4.3kB
17
10
104.86.110.232:80

a1887.dscq.akamai.net

380 B
224 B
7
4
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

1.5kB
4.3kB
13
9
104.86.110.232:80

http://r3.o.lencr.org/

http

1.3kB
2.2kB
9
8

HTTP Request

POST http://r3.o.lencr.org/

HTTP Response

200

HTTP Request

POST http://r3.o.lencr.org/

HTTP Response

200
34.98.75.36:443

classify-client.services.mozilla.com

tls

3.4kB
5.1kB
21
17
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.0kB
8.0kB
16
15
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.9kB
61.1kB
30
53
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.4kB
4.2kB
15
14
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.1kB
12.9kB
17
17
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

3.2kB
10.9kB
22
18
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.4kB
19.1kB
20
25
34.120.158.37:443

tracking-protection.cdn.mozilla.net

60 B
1
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

8.7kB
365.9kB
119
271
34.120.158.37:443

tracking-protection.cdn.mozilla.net

60 B
1
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

16.6kB
1.5MB
285
1121
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.0kB
5.6kB
13
14
34.120.158.37:443

tracking-protection.cdn.mozilla.net

60 B
1
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.8kB
4.7kB
18
14
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

1.4kB
4.0kB
14
10
34.117.121.53:443

firefox-settings-attachments.cdn.mozilla.net

tls

21.0kB
902.1kB
336
666
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.0kB
2.3kB
14
12
34.120.158.37:443

tracking-protection.cdn.mozilla.net

60 B
1
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.0kB
1.9kB
13
10
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.3kB
2.3kB
18
15
34.120.158.37:443

tracking-protection.cdn.mozilla.net

60 B
1
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.8kB
9.1kB
17
15
34.120.158.37:443

tracking-protection.cdn.mozilla.net

tls

2.9kB
11.2kB
20
19
52.39.120.181:443

location.services.mozilla.com

tls

1.4kB
3.6kB
13
8
35.244.181.201:443

aus5.mozilla.org

tls

1.2kB
4.5kB
14
11
35.244.181.201:443

aus5.mozilla.org

tls

2.5kB
7.0kB
21
21
52.39.120.181:443

location.services.mozilla.com

tls

1.6kB
4.2kB
11
9
2.18.121.79:80

http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

http

12.9kB
532.4kB
231
387

HTTP Request

GET http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

HTTP Response

200
34.117.35.28:443

archive.mozilla.org

tls

2.3kB
20.5kB
21
24
142.250.180.10:443

safebrowsing.googleapis.com

tls

163.9kB
10.5MB
2441
7523

224.0.0.251:5353

146 B
2
1.1.1.1:53

cdn.fwupd.org

dns

70 B
185 B
1
1

DNS Request

cdn.fwupd.org

DNS Response

151.101.2.49

151.101.66.49

151.101.130.49

151.101.194.49
1.1.1.1:53

cdn.fwupd.org

dns

70 B
233 B
1
1

DNS Request

cdn.fwupd.org

DNS Response

2a04:4e42::561

2a04:4e42:200::561

2a04:4e42:400::561

2a04:4e42:600::561
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
113 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

89.187.167.9

195.181.164.19
1.1.1.1:53

1527653184.rsc.cdn77.org

dns

81 B
137 B
1
1

DNS Request

1527653184.rsc.cdn77.org

DNS Response

2a02:6ea0:ca00::3

2a02:6ea0:ca00::4
1.1.1.1:53

services.addons.mozilla.org

dns

84 B
148 B
1
1

DNS Request

services.addons.mozilla.org

DNS Response

18.245.162.43

18.245.162.100

18.245.162.3

18.245.162.105
1.1.1.1:53

services.addons.mozilla.org

dns

84 B
165 B
1
1

DNS Request

services.addons.mozilla.org
1.1.1.1:53

location.services.mozilla.com

dns

86 B
186 B
1
1

DNS Request

location.services.mozilla.com

DNS Response

44.230.179.24

44.239.120.226

52.39.120.181
1.1.1.1:53

location.services.mozilla.com

dns

86 B
220 B
1
1

DNS Request

location.services.mozilla.com
1.1.1.1:53

locprod2-elb-us-west-2.prod.mozaws.net

dns

95 B
180 B
1
1

DNS Request

locprod2-elb-us-west-2.prod.mozaws.net
1.1.1.1:53

detectportal.firefox.com

dns

81 B
192 B
1
1

DNS Request

detectportal.firefox.com

DNS Response

34.107.221.82
1.1.1.1:53

detectportal.firefox.com

dns

81 B
204 B
1
1

DNS Request

detectportal.firefox.com

DNS Response

2600:1901:0:38d7::
1.1.1.1:53

example.org

dns

136 B
84 B
2
1

DNS Request

example.org

DNS Request

example.org

DNS Response

93.184.216.34
1.1.1.1:53

example.org

dns

136 B
96 B
2
1

DNS Request

example.org

DNS Request

example.org

DNS Response

2606:2800:220:1:248:1893:25c8:1946
1.1.1.1:53

ipv4only.arpa

dns

140 B
102 B
2
1

DNS Request

ipv4only.arpa

DNS Request

ipv4only.arpa

DNS Response

192.0.0.170

192.0.0.171
1.1.1.1:53

ipv4only.arpa

dns

140 B
127 B
2
1

DNS Request

ipv4only.arpa

DNS Request

ipv4only.arpa
1.1.1.1:53

www.mozilla.org

dns

144 B
122 B
2
1

DNS Request

www.mozilla.org

DNS Request

www.mozilla.org

DNS Response

143.204.72.186
1.1.1.1:53

www.mozilla.org

dns

144 B
187 B
2
1

DNS Request

www.mozilla.org

DNS Request

www.mozilla.org
1.1.1.1:53

contile.services.mozilla.com

dns

85 B
101 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
1.1.1.1:53

contile.services.mozilla.com

dns

85 B
166 B
1
1

DNS Request

contile.services.mozilla.com
1.1.1.1:53

www.mozorg.moz.works

dns

77 B
158 B
1
1

DNS Request

www.mozorg.moz.works
1.1.1.1:53

firefox.settings.services.mozilla.com

dns

94 B
172 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
1.1.1.1:53

firefox.settings.services.mozilla.com

dns

94 B
246 B
1
1

DNS Request

firefox.settings.services.mozilla.com
1.1.1.1:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

105 B
198 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
1.1.1.1:53

incoming.telemetry.mozilla.org

dns

261 B
3

DNS Request

incoming.telemetry.mozilla.org

DNS Request

incoming.telemetry.mozilla.org

DNS Request

incoming.telemetry.mozilla.org
1.1.1.1:53

incoming.telemetry.mozilla.org

dns

348 B
225 B
4
1

DNS Request

incoming.telemetry.mozilla.org

DNS Request

incoming.telemetry.mozilla.org

DNS Request

incoming.telemetry.mozilla.org

DNS Request

incoming.telemetry.mozilla.org
1.1.1.1:53

accounts.firefox.com

dns

308 B
93 B
4
1

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com

DNS Response

34.110.207.168
1.1.1.1:53

accounts.firefox.com

dns

308 B
158 B
4
1

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com

DNS Request

accounts.firefox.com
1.1.1.1:53

contile-images.services.mozilla.com

dns

184 B
108 B
2
1

DNS Request

contile-images.services.mozilla.com

DNS Request

contile-images.services.mozilla.com

DNS Response

34.120.115.102
1.1.1.1:53

contile-images.services.mozilla.com

dns

184 B
173 B
2
1

DNS Request

contile-images.services.mozilla.com

DNS Request

contile-images.services.mozilla.com
1.1.1.1:53

www.amazon.co.uk

dns

73 B
175 B
1
1

DNS Request

www.amazon.co.uk

DNS Response

162.219.226.83
1.1.1.1:53

www.amazon.co.uk

dns

73 B
375 B
1
1

DNS Request

www.amazon.co.uk

DNS Response

2600:9000:26ba:ee00:15:c9dc:593:6781

2600:9000:26ba:b800:15:c9dc:593:6781

2600:9000:26ba:a000:15:c9dc:593:6781

2600:9000:26ba:1800:15:c9dc:593:6781

2600:9000:26ba:7400:15:c9dc:593:6781

2600:9000:26ba:9a00:15:c9dc:593:6781

2600:9000:26ba:3600:15:c9dc:593:6781

2600:9000:26ba:be00:15:c9dc:593:6781
1.1.1.1:53

uk.hotels.com

dns

70 B
171 B
1
1

DNS Request

uk.hotels.com

DNS Response

104.115.33.110
1.1.1.1:53

uk.hotels.com

dns

70 B
295 B
1
1

DNS Request

uk.hotels.com

DNS Response

2a02:26f0:fd00:daf::277d

2a02:26f0:fd00:dbd::277d

2a02:26f0:fd00:dbc::277d

2a02:26f0:fd00:da5::277d

2a02:26f0:fd00:dbe::277d
1.1.1.1:53

www.youtube.com

dns

72 B
266 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.46

142.250.179.238

216.58.201.110

142.250.180.14

142.250.187.206

216.58.204.78

142.250.178.14

172.217.16.238

142.250.200.14

142.250.187.238
1.1.1.1:53

www.youtube.com

dns

72 B
218 B
1
1

DNS Request

www.youtube.com

DNS Response

2a00:1450:4009:817::200e

2a00:1450:4009:819::200e

2a00:1450:4009:81d::200e

2a00:1450:4009:81e::200e
1.1.1.1:53

www.facebook.com

dns

73 B
118 B
1
1

DNS Request

www.facebook.com

DNS Response

163.70.151.35
1.1.1.1:53

www.wikipedia.org

dns

74 B
119 B
1
1

DNS Request

www.wikipedia.org

DNS Response

185.15.59.224
1.1.1.1:53

www.wikipedia.org

dns

74 B
131 B
1
1

DNS Request

www.wikipedia.org

DNS Response

2a02:ec80:300:ed1a::1
1.1.1.1:53

www.facebook.com

dns

73 B
130 B
1
1

DNS Request

www.facebook.com

DNS Response

2a03:2880:f189:80:face:b00c:0:25de
1.1.1.1:53

www.reddit.com

dns

71 B
170 B
1
1

DNS Request

www.reddit.com

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
1.1.1.1:53

www.reddit.com

dns

71 B
164 B
1
1

DNS Request

www.reddit.com
1.1.1.1:53

shavar.services.mozilla.com

dns

84 B
168 B
1
1

DNS Request

shavar.services.mozilla.com

DNS Response

52.25.97.240

44.230.91.85

52.13.152.141
1.1.1.1:53

reddit.map.fastly.net

dns

78 B
139 B
1
1

DNS Request

reddit.map.fastly.net
1.1.1.1:53

twitter.com

dns

68 B
84 B
1
1

DNS Request

twitter.com

DNS Response

104.244.42.129
1.1.1.1:53

shavar.services.mozilla.com

dns

84 B
202 B
1
1

DNS Request

shavar.services.mozilla.com
1.1.1.1:53

twitter.com

dns

68 B
133 B
1
1

DNS Request

twitter.com
1.1.1.1:53

shavar.prod.mozaws.net

dns

79 B
164 B
1
1

DNS Request

shavar.prod.mozaws.net
1.1.1.1:53

content-signature-2.cdn.mozilla.net

dns

276 B
246 B
3
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Request

content-signature-2.cdn.mozilla.net

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
1.1.1.1:53

content-signature-2.cdn.mozilla.net

dns

276 B
258 B
3
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Request

content-signature-2.cdn.mozilla.net

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

2600:1901:0:92a9::
1.1.1.1:53

push.services.mozilla.com

dns

82 B
136 B
1
1

DNS Request

push.services.mozilla.com

DNS Response

34.107.243.93
1.1.1.1:53

push.services.mozilla.com

dns

82 B
202 B
1
1

DNS Request

push.services.mozilla.com
1.1.1.1:53

autopush.prod.mozaws.net

dns

81 B
166 B
1
1

DNS Request

autopush.prod.mozaws.net
1.1.1.1:53

telemetry-incoming.r53-2.services.mozilla.com

dns

102 B
184 B
1
1

DNS Request

telemetry-incoming.r53-2.services.mozilla.com
34.107.243.93:443

push.services.mozilla.com

https

1.8kB
4.2kB
5
6
1.1.1.1:53

normandy.cdn.mozilla.net

dns

81 B
144 B
1
1

DNS Request

normandy.cdn.mozilla.net

DNS Response

35.201.103.21
1.1.1.1:53

normandy.cdn.mozilla.net

dns

81 B
206 B
1
1

DNS Request

normandy.cdn.mozilla.net
1.1.1.1:53

normandy-cdn.services.mozilla.com

dns

90 B
171 B
1
1

DNS Request

normandy-cdn.services.mozilla.com
1.1.1.1:53

a1887.dscq.akamai.net

dns

78 B
110 B
1
1

DNS Request

a1887.dscq.akamai.net

DNS Response

104.86.110.200

104.86.110.232
1.1.1.1:53

telemetry-incoming.r53-2.services.mozilla.com

dns

102 B
118 B
1
1

DNS Request

telemetry-incoming.r53-2.services.mozilla.com

DNS Response

34.120.208.123
1.1.1.1:53

a1887.dscq.akamai.net

dns

78 B
134 B
1
1

DNS Request

a1887.dscq.akamai.net

DNS Response

2a02:26f0:da::5c7b:8c61

2a02:26f0:da::5c7b:8c70
1.1.1.1:53

fp2e7a.wpc.phicdn.net

dns

156 B
134 B
2
1

DNS Request

fp2e7a.wpc.phicdn.net

DNS Request

fp2e7a.wpc.phicdn.net
1.1.1.1:53

classify-client.services.mozilla.com

dns

93 B
176 B
1
1

DNS Request

classify-client.services.mozilla.com

DNS Response

34.98.75.36
1.1.1.1:53

classify-client.services.mozilla.com

dns

93 B
250 B
1
1

DNS Request

classify-client.services.mozilla.com
1.1.1.1:53

prod-classifyclient.normandy.prod.cloudops.mozgcp.net

dns

110 B
203 B
1
1

DNS Request

prod-classifyclient.normandy.prod.cloudops.mozgcp.net
1.1.1.1:53

tracking-protection.cdn.mozilla.net

dns

92 B
154 B
1
1

DNS Request

tracking-protection.cdn.mozilla.net

DNS Response

34.120.158.37
1.1.1.1:53

tracking-protection.cdn.mozilla.net

dns

92 B
223 B
1
1

DNS Request

tracking-protection.cdn.mozilla.net
1.1.1.1:53

tracking-protection.prod.mozaws.net

dns

92 B
177 B
1
1

DNS Request

tracking-protection.prod.mozaws.net
1.1.1.1:53

firefox-settings-attachments.cdn.mozilla.net

dns

303 B
188 B
3
1

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Response

34.117.121.53
1.1.1.1:53

firefox-settings-attachments.cdn.mozilla.net

dns

303 B
265 B
3
1

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Request

firefox-settings-attachments.cdn.mozilla.net

DNS Request

firefox-settings-attachments.cdn.mozilla.net
34.110.207.168:443

accounts.firefox.com

https

1.7kB
4.8kB
5
6
1.1.1.1:53

attachments.prod.remote-settings.prod.webservices.mozgcp.net

dns

117 B
210 B
1
1

DNS Request

attachments.prod.remote-settings.prod.webservices.mozgcp.net
1.1.1.1:53

aus5.mozilla.org

dns

73 B
191 B
1
1

DNS Request

aus5.mozilla.org

DNS Response

35.244.181.201
1.1.1.1:53

aus5.mozilla.org

dns

73 B
265 B
1
1

DNS Request

aus5.mozilla.org
1.1.1.1:53

prod.balrog.prod.cloudops.mozgcp.net

dns

93 B
186 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
1.1.1.1:53

archive.mozilla.org

dns

152 B
92 B
2
1

DNS Request

archive.mozilla.org

DNS Request

archive.mozilla.org

DNS Response

34.117.35.28
1.1.1.1:53

archive.mozilla.org

dns

152 B
104 B
2
1

DNS Request

archive.mozilla.org

DNS Request

archive.mozilla.org

DNS Response

2600:1901:0:b9fd::
1.1.1.1:53

ciscobinary.openh264.org

dns

81 B
297 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

2.18.121.73

2.18.121.79
1.1.1.1:53

ciscobinary.openh264.org

dns

81 B
321 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

2a02:26f0:1180:4::212:7949

2a02:26f0:1180:4::212:794f
34.117.35.28:443

archive.mozilla.org

https

1.5kB
176 B
2
2
1.1.1.1:53

star-mini.c10r.facebook.com

dns

84 B
112 B
1
1

DNS Request

star-mini.c10r.facebook.com

DNS Response

2a03:2880:f189:80:face:b00c:0:25de
1.1.1.1:53

dyna.wikimedia.org

dns

75 B
103 B
1
1

DNS Request

dyna.wikimedia.org

DNS Response

2a02:ec80:300:ed1a::1
1.1.1.1:53

reddit.map.fastly.net

dns

78 B
139 B
1
1

DNS Request

reddit.map.fastly.net
1.1.1.1:53

safebrowsing.googleapis.com

dns

84 B
100 B
1
1

DNS Request

safebrowsing.googleapis.com

DNS Response

142.250.180.10
1.1.1.1:53

safebrowsing.googleapis.com

dns

84 B
112 B
1
1

DNS Request

safebrowsing.googleapis.com

DNS Response

2a00:1450:4009:820::200a
142.250.180.10:443

safebrowsing.googleapis.com

https

3.4kB
7.9kB
27
17

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response