Analysis Overview
SHA256
d0edb846b44e046fee8fea55dba1160e988ccfc947cf51fbb2803ded90268d19
Threat Level: Known bad
The file Roblox_Player.exe was found to be: Known bad.
Malicious Activity Summary
Discord RAT
Discordrat family
Downloads MZ/PE file
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Unsigned PE
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Modifies registry class
Checks processor information in registry
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-26 02:04
Signatures
Discordrat family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-26 02:04
Reported
2024-05-26 02:07
Platform
win7-20240221-en
Max time kernel
121s
Max time network
122s
Command Line
Signatures
Discord RAT
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1132 wrote to memory of 552 | N/A | C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe | C:\Windows\system32\WerFault.exe |
| PID 1132 wrote to memory of 552 | N/A | C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe | C:\Windows\system32\WerFault.exe |
| PID 1132 wrote to memory of 552 | N/A | C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe | C:\Windows\system32\WerFault.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe
"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 1132 -s 596
Network
Files
memory/1132-0-0x000007FEF6233000-0x000007FEF6234000-memory.dmp
memory/1132-1-0x000000013FE70000-0x000000013FE88000-memory.dmp
memory/1132-2-0x000007FEF6230000-0x000007FEF6C1C000-memory.dmp
memory/1132-3-0x000007FEF6233000-0x000007FEF6234000-memory.dmp
memory/1132-4-0x000007FEF6230000-0x000007FEF6C1C000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-26 02:04
Reported
2024-05-26 02:07
Platform
win10v2004-20240226-en
Max time kernel
152s
Max time network
158s
Command Line
Signatures
Discord RAT
Downloads MZ/PE file
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe
"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.0.1405386525\949665800" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14675cc1-b707-40c2-9778-0891c1b9f743} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 1972 2bad8a08158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.1.799099091\1079540725" -parentBuildID 20221007134813 -prefsHandle 2316 -prefMapHandle 2312 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b70ed00-fca2-42fa-b7b6-6b2a91b69e9f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 2344 2bad7545858 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.2.1284863639\1121990144" -childID 1 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0da86e12-f474-40d7-b6a1-3eb07a2f37c6} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3116 2badb995658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.3.1856488554\1118102147" -childID 2 -isForBrowser -prefsHandle 3564 -prefMapHandle 3544 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f30ff155-dc61-43a2-8aa4-999084016227} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 2316 2bada1de858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.4.2135807297\138680115" -childID 3 -isForBrowser -prefsHandle 3608 -prefMapHandle 3604 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d5b2264-4fb9-4d86-82f4-3131d6cefc10} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3620 2bac3d5b258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.5.1197804460\546944117" -childID 4 -isForBrowser -prefsHandle 5004 -prefMapHandle 4956 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {733358ad-01f6-41b8-ada1-f125472c0a4b} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 4964 2baddcd2858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.6.574375922\314467356" -childID 5 -isForBrowser -prefsHandle 5016 -prefMapHandle 5012 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {669ff3ea-4263-46cc-89f6-7088aca1db1f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5028 2baddccf558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.7.652936528\167008958" -childID 6 -isForBrowser -prefsHandle 5176 -prefMapHandle 5028 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33e543dc-d16b-48fa-a271-c0566b82fd8f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5164 2baddcd0158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.8.1792668156\1042064995" -childID 7 -isForBrowser -prefsHandle 5884 -prefMapHandle 5736 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af224b6a-c1d0-4f68-a370-61dfbbdf4d6d} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5892 2baddc62758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.9.1182298143\548455456" -childID 8 -isForBrowser -prefsHandle 5416 -prefMapHandle 4968 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9e0f3f3-7a2a-46aa-a3b2-a209faf9df87} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5296 2badb90c858 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4480 --field-trial-handle=1928,i,13242902252791919845,10377620236057253993,262144 --variations-seed-version /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.10.2104330775\1209583857" -childID 9 -isForBrowser -prefsHandle 5388 -prefMapHandle 5608 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ec225d6-ebb8-4bf2-8fd0-cc1fd7534946} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3676 2bade820158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.11.592402046\594021814" -childID 10 -isForBrowser -prefsHandle 4548 -prefMapHandle 5172 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6cccd998-f79a-4fa4-bd38-eb57bcda3c2b} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5252 2bad91d3258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.12.842866883\1948926298" -parentBuildID 20221007134813 -prefsHandle 3640 -prefMapHandle 4980 -prefsLen 26646 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25c78588-6754-44ce-b5ae-6f9490d18e66} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5092 2badfe47858 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.13.1691606301\467324740" -childID 11 -isForBrowser -prefsHandle 6288 -prefMapHandle 6192 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48d0c833-abe0-474a-a26e-0dc1dc3ac9d7} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 6276 2badfedae58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.14.671481484\326014630" -childID 12 -isForBrowser -prefsHandle 6036 -prefMapHandle 5888 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53fb88a6-7105-47c4-9092-6890de3e5cf3} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5028 2badf8bba58 tab
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4b8 0x4e4
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.15.575230555\749062158" -childID 13 -isForBrowser -prefsHandle 10444 -prefMapHandle 10448 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec2f84b9-76d3-4072-b226-578bf5729e6c} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10436 2bade822858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.16.986323902\459035742" -childID 14 -isForBrowser -prefsHandle 10156 -prefMapHandle 5644 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {63ff50c5-75b3-4a4a-8df7-c17589ad6a74} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10144 2badf95f658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.17.1001994635\812604781" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 10156 -prefMapHandle 5644 -prefsLen 26725 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {625256d7-3b6e-4ad2-973c-16bee874ebc1} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10420 2badf89fd58 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.18.343130661\1080302595" -childID 15 -isForBrowser -prefsHandle 9844 -prefMapHandle 9828 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f288a4c-ae71-47db-9988-45cab963c64e} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9824 2bad7545b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.19.1059199574\330563122" -childID 16 -isForBrowser -prefsHandle 9624 -prefMapHandle 9596 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ac2bdd3-cf38-4817-88d9-5cd199081d12} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9632 2bac3d60158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.20.913112202\920942426" -childID 17 -isForBrowser -prefsHandle 9240 -prefMapHandle 9236 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1c5ec22-40e6-4f06-a45a-190ffa23f4b4} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9248 2bae0060558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.21.1053123557\760449134" -childID 18 -isForBrowser -prefsHandle 8992 -prefMapHandle 8948 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44bb62d8-0915-4e4a-8367-8a6678dd94a6} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9060 2bae0849a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.22.1368414253\1964509878" -childID 19 -isForBrowser -prefsHandle 8992 -prefMapHandle 8948 -prefsLen 27204 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {360f819e-246e-413b-8da4-6e51e1a9fea0} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8792 2bae1c7ee58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.23.858815724\239018504" -childID 20 -isForBrowser -prefsHandle 5428 -prefMapHandle 5444 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {599597a0-1aeb-4dac-92be-4d4101080788} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5508 2bae35b5358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.24.828243925\1778771845" -childID 21 -isForBrowser -prefsHandle 8476 -prefMapHandle 8472 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a6c03eb-c53d-40f5-b292-27154e90f372} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8484 2bae386f658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.25.1448503874\1764489037" -childID 22 -isForBrowser -prefsHandle 8212 -prefMapHandle 8216 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aabe538e-bfbb-4945-8c30-6194f144b6f0} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8300 2bae3870e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.26.2147475180\839766700" -childID 23 -isForBrowser -prefsHandle 8332 -prefMapHandle 8852 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0667c7d-78a0-4003-8491-8ce16fd4c899} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8052 2bae1eadc58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.27.1844734657\82987674" -childID 24 -isForBrowser -prefsHandle 10408 -prefMapHandle 8300 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d30aa5cd-183b-46eb-9c25-04a417779441} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8044 2badc7ba658 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49816 | tcp | |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.135.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 44.237.65.238:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:49824 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 238.65.237.44.in-addr.arpa | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation-db.com | udp |
| DE | 159.89.102.253:443 | geolocation-db.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 253.102.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.204.67:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.204.67:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.187.238:443 | youtube-ui.l.google.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | www.se7ensins.com | udp |
| US | 104.27.206.87:443 | www.se7ensins.com | tcp |
| US | 8.8.8.8:53 | www.se7ensins.com | udp |
| US | 8.8.8.8:53 | www.se7ensins.com | udp |
| US | 8.8.8.8:53 | 87.206.27.104.in-addr.arpa | udp |
| US | 104.27.206.87:443 | www.se7ensins.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 172.217.16.234:443 | ajax.googleapis.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| GB | 172.217.16.234:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 104.18.20.206:443 | a.pub.network | tcp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 104.18.20.206:443 | a.pub.network | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | global.px.quantserve.com | udp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| US | 3.162.140.119:443 | cmp.quantcast.com | tcp |
| DE | 91.228.74.244:443 | global.px.quantserve.com | tcp |
| US | 34.160.152.31:443 | d.pub.network | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 31.152.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| IE | 18.66.171.123:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | d2fashanjl7d9f.cloudfront.net | udp |
| IE | 18.66.171.20:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.152.111.34.in-addr.arpa | udp |
| DE | 3.120.230.251:443 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| US | 34.111.152.239:443 | optimise.net | udp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 251.230.120.3.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 34.160.128.112:443 | api.floors.dev | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 112.128.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 3.162.140.91:443 | sb.scorecardresearch.com | tcp |
| DE | 91.228.74.159:443 | pixel.quantserve.com | tcp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | freestar-io.videoplayerhub.com | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | freestar-io.videoplayerhub.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | freestar-io.videoplayerhub.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | tcp |
| US | 104.26.9.50:443 | freestar-io.videoplayerhub.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 91.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 3.162.142.187:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | idx.liadm.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | idx.cph.liveintent.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | idx.cph.liveintent.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | c.pub.network | udp |
| US | 8.8.8.8:53 | c.pub.network | udp |
| US | 8.8.8.8:53 | c.pub.network | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 187.142.162.3.in-addr.arpa | udp |
| US | 172.67.23.234:443 | a.ad.gt.cdn.cloudflare.net | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| DE | 3.75.62.37:443 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | tcp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 44.197.96.190:443 | idx.cph.liveintent.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | 190.96.197.44.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 34.160.152.31:443 | c.pub.network | tcp |
| US | 34.160.152.31:443 | c.pub.network | tcp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 34.160.152.31:443 | c.pub.network | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | ids.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ids.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | pug-ams-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pug-ams-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 3.162.148.221:443 | d1jvc9b8z3vcjs.cloudfront.net | tcp |
| US | 3.162.148.221:443 | d1jvc9b8z3vcjs.cloudfront.net | tcp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.148.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 8.8.8.8:53 | livepixel-production.bln.liveintent.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | livepixel-production.bln.liveintent.com | udp |
| IE | 18.66.171.125:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.5.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 104.22.5.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 104.22.5.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 104.22.4.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | 125.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| NL | 185.89.210.82:443 | ib.anycast.adnxs.com | tcp |
| NL | 198.47.127.205:443 | pug-ams-bc.pubmnet.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.net.akadns.net | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| IE | 52.48.62.133:443 | euw-ice.360yield.com | tcp |
| US | 69.166.1.66:443 | iad-2-sync.go.sonobi.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 3.233.179.64:443 | livepixel-production.bln.liveintent.com | tcp |
| GB | 23.53.174.156:443 | e4536.g.akamaiedge.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.62.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.179.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 7c1705369e9085d43a904f2dc1b7756e.safeframe.googlesyndication.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 172.217.169.65:443 | pagead-googlehosted.l.google.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| GB | 172.217.169.65:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s2s.t13.io | udp |
| US | 8.8.8.8:53 | s2s.t13.io | udp |
| US | 8.8.8.8:53 | s2s.t13.io | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.107.140.113:443 | s2s.t13.io | tcp |
| US | 34.107.140.113:443 | s2s.t13.io | tcp |
| US | 34.107.140.113:443 | s2s.t13.io | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | 113.140.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| US | 8.8.8.8:53 | cdn.browsiprod.com | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| US | 8.8.8.8:53 | cdn.browsiprod.com | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| US | 8.8.8.8:53 | cdn.browsiprod.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| US | 3.162.140.5:443 | cdn.browsiprod.com | tcp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| US | 8.8.8.8:53 | yield-manager.browsiprod.com | udp |
| US | 8.8.8.8:53 | 5.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.42.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| US | 8.8.8.8:53 | yield-manager.browsiprod.com | udp |
| US | 8.8.8.8:53 | yield-manager.browsiprod.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 52.89.16.229:443 | events.browsiprod.com | tcp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 216.58.201.106:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.16.89.52.in-addr.arpa | udp |
| US | 3.162.140.33:443 | yield-manager.browsiprod.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 3.162.140.5:443 | cdn.browsiprod.com | tcp |
| US | 8.8.8.8:53 | 33.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | rt3013.infolinks.com | udp |
| US | 8.8.8.8:53 | rt3013.infolinks.com | udp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | tcp |
| US | 8.8.8.8:53 | rt3013.infolinks.com | udp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn-content.ampproject.org | udp |
| US | 172.66.42.247:443 | rt3013.infolinks.com | tcp |
| GB | 2.21.189.145:443 | e10883.g.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | events.browsiprod.com | udp |
| US | 8.8.8.8:53 | ai.browsiprod.com | udp |
| US | 8.8.8.8:53 | demand-engine.browsiprod.com | udp |
| US | 8.8.8.8:53 | ai.browsiprod.com | udp |
| US | 8.8.8.8:53 | ai.browsiprod.com | udp |
| US | 8.8.8.8:53 | demand-engine.browsiprod.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 8.8.8.8:53 | demand-engine.browsiprod.com | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| NL | 2.18.121.197:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 197.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| GB | 142.250.187.206:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| GB | 173.194.183.166:443 | r1---sn-aigl6ney.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | e15144.d.akamaiedge.net | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | e15144.d.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.183.194.173.in-addr.arpa | udp |
| IE | 18.66.171.93:443 | ai.browsiprod.com | tcp |
| US | 3.162.140.75:443 | demand-engine.browsiprod.com | tcp |
| GB | 2.21.189.145:443 | widget-pixels.outbrain.com | tcp |
| GB | 2.21.190.8:443 | e15144.d.akamaiedge.net | tcp |
| US | 172.66.42.247:443 | rt3013.infolinks.com | tcp |
| US | 8.8.8.8:53 | 93.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.190.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 8.8.8.8:53 | pbs-cs.yellowblue.io | udp |
| GB | 146.75.74.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | outbrain.map.fastly.net | udp |
| US | 8.8.8.8:53 | pbs-cs.yellowblue.io | udp |
| IE | 54.170.105.17:443 | pbs-cs.yellowblue.io | tcp |
| US | 8.8.8.8:53 | outbrain.map.fastly.net | udp |
| US | 8.8.8.8:53 | pbs-cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | 132.74.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.105.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.springserve.com | udp |
| US | 8.8.8.8:53 | cdn.springserve.com | udp |
| US | 8.8.8.8:53 | cdn.springserve.com | udp |
| US | 3.162.140.120:443 | cdn.springserve.com | tcp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | 120.140.162.3.in-addr.arpa | udp |
| NL | 35.214.244.63:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | imgsync-amsfpairbc.pubmnet.com | udp |
| IE | 52.48.211.135:443 | ap.lijit.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | imgsync-amsfpairbc.pubmnet.com | udp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| DE | 3.67.74.124:443 | match-eu-central-1-ecs.sharethrough.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| NL | 81.17.55.109:443 | ssbsync-euw1.smartadserver.com | tcp |
| NL | 198.47.127.18:443 | imgsync-amsfpairbc.pubmnet.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| IE | 52.18.156.159:443 | cs.yellowblue.io | tcp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| BE | 23.55.96.24:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 63.244.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.211.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.74.67.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.156.18.52.in-addr.arpa | udp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| DE | 18.197.7.178:443 | elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com | tcp |
| US | 74.121.140.211:443 | pixel-origin.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.net.akadns.net | tcp |
| NL | 82.145.213.8:443 | outspot2-ams.adx.opera.com | tcp |
| NL | 81.17.55.170:443 | ssbsync-global.smartadserver.com | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.7.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | vid-io.springserve.com | udp |
| US | 8.8.8.8:53 | vid-io.springserve.com | udp |
| US | 8.8.8.8:53 | vid-io.springserve.com | udp |
| US | 64.74.236.223:443 | mcdp-chidc2.outbrain.com | tcp |
| IE | 34.240.147.182:443 | vid-io.springserve.com | tcp |
| US | 8.8.8.8:53 | 223.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.147.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.resetdigital.co | udp |
| US | 143.244.220.80:443 | sync.resetdigital.co | tcp |
| US | 8.8.8.8:53 | sync.resetdigital.co | udp |
| US | 8.8.8.8:53 | sync.resetdigital.co | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 144.224.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.220.244.143.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 172.67.23.234:443 | pixels.ad.gt | tcp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| US | 172.67.23.234:443 | pixels.ad.gt | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| GB | 2.21.190.8:443 | images.outbrainimg.com | tcp |
| GB | 2.21.190.8:443 | images.outbrainimg.com | tcp |
| GB | 2.21.190.8:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | e15144.d.akamaiedge.net | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 64.74.236.159:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | chidc2.outbrain.org | udp |
| US | 8.8.8.8:53 | 159.236.74.64.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc2.nl3.eu.criteo.com | udp |
| NL | 185.235.87.225:443 | gbc8.nl3.eu.criteo.com | tcp |
| NL | 185.235.87.70:443 | gbc2.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | 70.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.173.189.20.in-addr.arpa | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 34.160.152.31:443 | c.pub.network | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| BE | 23.55.96.24:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
Files
memory/4492-0-0x00007FF9EA703000-0x00007FF9EA705000-memory.dmp
memory/4492-1-0x000002000C510000-0x000002000C528000-memory.dmp
memory/4492-2-0x0000020026B50000-0x0000020026D12000-memory.dmp
memory/4492-10-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\pending_pings\88efa495-54b4-4fc6-975f-e3e97f8ddf2f
| MD5 | 6173107bea453f471b7b3c073533fd1d |
| SHA1 | 000f1156fcdfd3e86a77c361c796f153a943fdf1 |
| SHA256 | 41136043bcf2a6bd5691304586a317820906e76f07875223b3ca373e0ca0b51a |
| SHA512 | a4cf298fd5ac4fc0061bc6516fed80c685eaadb3d395d165d4bcf50a460442a4cc552bcda76ee108cd7e47977c1ddfd4b8649bd6501caee70202896464001dc0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\db\data.safe.bin
| MD5 | a938566e5df133660ea432d368efd838 |
| SHA1 | 86c5b66111a785abe6c116d3f66995e6dd51d8e1 |
| SHA256 | e614cba43ef081ca407018282c59842acb7e94944a9e4985b36d8a4b9e6661d4 |
| SHA512 | 82c27f6e0034b98ea5a87a5389296fc489efdf74955c5874d31b8a6b70468cebcfa773abec707780f56234f9edd0678802c1c093024ff2e04410594d77aa10a9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | b01efd0877d8bb4a5d754d6d5a5922cf |
| SHA1 | 6dfaecd4219afbb206185171c64c777e9c73ae21 |
| SHA256 | ef1ebedd446ce18b79317f09953ff8a6069f92749188b45945567c315388aa90 |
| SHA512 | 6f5fce89b6dc7e6979fdb01493c0811bcd55cb945d7665cd9a23e93419a5aa28207b3f614461103f04b0406741e8020c35252fda5529e41e3e918e42fd89c086 |
memory/4492-81-0x0000020027350000-0x0000020027878000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 76ae42d2c0fa0921eee10202fd59d94f |
| SHA1 | efa275d9ec2d7d50bf1f4a15ec931c26d825f324 |
| SHA256 | 3ca3669c662a447edd8820c06bba9b9e2ae276efa123a132997311d5e463e0c3 |
| SHA512 | 7281031fc978493d726541497e10edb0ba91e160513f632adb313db546043f91eb6ff60a688eda7ed0c7b139256263176fe56dd358ab42183304890dc80da78d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
| MD5 | f65fc5a2e58f51454591c663266862c7 |
| SHA1 | cbad8d8348797529a0dc8883694f759d4592cd01 |
| SHA256 | 2b06ba93717cb6067795b0da8c2af4d7b19697c7dbb9374017932f6dd3144940 |
| SHA512 | e4e409e7b13e12169ca93484bd89a025eb7872fab9bb17cd5011cf9adc718d89998b2337559b490dd607d23912bba17b4a8b4b33d2a4e54a8a3a27165045a5f8 |
memory/4492-160-0x00007FF9EA703000-0x00007FF9EA705000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 106fbcc9fca59ab2cd1decf61fd44dae |
| SHA1 | 3c689aede9bc226a3bcfbaae032535772c9be9c3 |
| SHA256 | 5569b98be74ddbc998236c6642ff9f8b073bf02ba622f39554dddfa431c33c3f |
| SHA512 | 5ef69cd16980e0af3751d09a6257807ec715d27208731bdd75a6c2ee57fff4f87095a3881460e28359e63d676a8ed053055c883c224da16fa565522287a06ec9 |
memory/4492-170-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
| MD5 | 966c39d4c97706becf6aa4fede166fb4 |
| SHA1 | 01c9dd7d74550e16ff30fe8ef620e8fa8f6c15c3 |
| SHA256 | 1a719d8e08dfcd6f58441a9c3483133a006ff68837217dd6eefa5cf311335ad4 |
| SHA512 | aff78b6954363c837fabc26a8da79d6fc3cd024b7c6681483f4a4488b996183b599d1264592720db89d2adbe8cd2a62a6aeda58aa3cf7c97c11d27e6ec2e0fac |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\1520
| MD5 | f0db58696a272567f6cdc3fc9991be6a |
| SHA1 | 8b991b522dfbf2e442490a883aa28f06c6bf1d39 |
| SHA256 | 9dcbbcbb2b6f27e4f10592ab3a38df676f279613ea7ec13d12a26b1d0710947f |
| SHA512 | 1a0401cdbed11373ad3e8734e519c1d2864961971635f2ddfc45b5c0e7acd0f70958619be0ff2f0c29043bf190ca011e1d402149815899c098d81047c4228bef |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e812b364a7d6f24fd1b99bf0aa6323b7 |
| SHA1 | a11f5f22d8ae703c5c96cc05975bb7c0a9dd257a |
| SHA256 | 215da1e7946f4a8956be46ff052e2bc9c0314bc6732be35e0b5b48d05999656e |
| SHA512 | 31c840a3378ef99d36dc8531ae48c99736275490b68298abeca46e8b7e8159432ed157193cd040a7d4a2ffb93eefac7b3b6f5312f1d2ced9ec554014b7bb8036 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\2702
| MD5 | 4174a4ae66416f04365c6d02bf14bb4e |
| SHA1 | d0c11290036998536e4a3fc4c8ff7747993dc8cf |
| SHA256 | 147c8cd1c7ef7e6e3776b7c44ff7fe8f214f859ad160fe6db8034eb936e830db |
| SHA512 | bc80028284599b53aa9e4d4b31b35257be67ee011c234b80b2b5b5595e2534e9b7d8967e39beccd8669792514d3d614f37e5ef7e4463a20584bdfca404bf0115 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\27816
| MD5 | a993206c209d63e26790b54237a69d38 |
| SHA1 | 2e7fbc9eef6778b5c029ccf82b60d79945830bd8 |
| SHA256 | 35183cc757029bb8cf08c1386ee915f6c6fcd99b00b091e62ec4e6d081d4765e |
| SHA512 | 54a162b42aeb604fa1db2073874e422853c5444e5da9ca15e61df9a99fc25729d466f64c0b0bf88b999d99fa6f2bdb0bd31576befe2964c9d1c66aa219ea460c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5305
| MD5 | 6c652df14a14b60802553a8d5eb852d5 |
| SHA1 | 0d7fb19cdf3cad887025c77cd78109cd3c0409b7 |
| SHA256 | 8ecd8a482dc6793f0e2837d363c568d79837b83b6cabfc36b01742f7ce261ec8 |
| SHA512 | 5191a05833240914d7e4e5aa6e21abab8c37ed394faf713d54412afc867c208acad52fb865a00e26a24a751ebd0d4b639cbf20e961a06de537bb63573bb67e53 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\24675
| MD5 | 60d59f0686ce34de8b9730a0aa075c30 |
| SHA1 | c63a4d6d83d55f35d23c17076e1817ce407244ff |
| SHA256 | 70ede2fbf7aa8999d25928e764abe814d4756dbf25ad5615094a450dac74780d |
| SHA512 | 0009084795be1eb9720c87960c3b0f69ee7d357c12037e5453761039fd19e809d4b2cb4da2b7025f71ec93d93bd7fe278f3d432539d8fd172839f08a6ebdaf8e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5418
| MD5 | 46adcc88006bcb79908cfa190f41a2c4 |
| SHA1 | f8bfe576266d5efe667fff87a4db2d77d4522b2c |
| SHA256 | 599c110a741fbd215f8c40ac561bb9d21acc17e0c9dd628319fd010e4b26a071 |
| SHA512 | 6dbb5c25fb5ea8d56524db152c7a36a507813a93cd864e4ed50696d593d996a169d53ef648e431ffd8d9744b4d4106057b4b36498fdfb86d38161c9e3ef600f2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\4802
| MD5 | 786faf3bc9891bf8c01c52ea6e73a8e1 |
| SHA1 | d10794d52f086af4c4cca38e62edb8fad362c1a4 |
| SHA256 | 9421cf26e10ff6885c225079c20f688ff26c08721cda163d2df9a1798d78bb37 |
| SHA512 | df819980b96569a2c7dd032f5b358ff55477baba039f0b1e26f1ec60d609bff69f9d1730d5e8778ca1093b7a5f3ef040c4f692f2147ad5577e490dae1bf08af6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\2659
| MD5 | 01f5c55538dbb2a0f272e4ca688765fe |
| SHA1 | c5bf4351592c364f0b35047edb0f92489bd0b2c5 |
| SHA256 | 77305298b9653c01c45b598420c8099a698d71528607f4bfe9b667f710093dfa |
| SHA512 | 150d08973b760e305da11bf35fc4bf352779f50c237c788dc6583dc019793bc8840ef9d33229fefb7422052cdba0a21c670b3563808c79d9adbb81e80245bf5b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\28683
| MD5 | 331f58c2d4ac19bc6bba87c185c0673a |
| SHA1 | c11852b5cbd06504bb69ed96e476715f9ed16db1 |
| SHA256 | 4208383e653ac107f3d4d55263bab1907b3c3f28b1ca4f3a2e75afa765ad1f87 |
| SHA512 | 1f09f8f9625feef4cb6098391bf71c30099b19c25047f504cc4adec9e75a57d01c9e67883e2421f3f9b811b045e16f772eb9425f1259eed2498e9f350f7118f7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\16812
| MD5 | 80be7b63f7a8d0450d823b47edb984ef |
| SHA1 | b418a1284fb5f2806c2ae47edb39f55850c14b5c |
| SHA256 | ea6af26cbd7f97fc4eb20db1f069da20ffa86f2610f87a36f4aa0b9806496018 |
| SHA512 | 08e315d2d4b618e07d6b91ce8dec26537da34eefb1d900c106ba439e4681cb6d26b00e4e717038c167f74aa569d2668b560418d038e08fe5fa49319bc9d87158 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\23231
| MD5 | 77ed478a680356b936b7644b2af101e5 |
| SHA1 | d50ad088bdcc4715acef2e1ede2229afb234dda5 |
| SHA256 | 1288d5572d43479cebbc3d9368eecf1329157f1733719e3e39a18214998eef9b |
| SHA512 | 4348238d93bbef01fe048e039f0a953dd3a28cc32e5b17d25b4592a701abe13c89249527921370898e691f8c7ec02e928fb562106f99f860454cfbbbf3de4147 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\6566
| MD5 | 0ed45635572b9a661dfc64f5743625ef |
| SHA1 | 6d6f466c0be6a7d486e5818325df2cecc278e703 |
| SHA256 | e47e2f9770ef7c830ddbe5ef9ff602b5c5452e3529d12def610ca6b1fce27ee6 |
| SHA512 | db0b76e8bb7de26535cba910bda43b20b2feeb5d2127815398a1300911cffd22582896a0389bc81cdec30b46961bd894307dda0483fcda6403a32112c4d54f06 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\19741
| MD5 | f8d2dcd3e6e8962f5832007a401d50a5 |
| SHA1 | f32115dfe4e86166174ff742c112e6ffcb0d37a1 |
| SHA256 | 4415cfb9e9d79a626be770f5e3bec0f393d8d3ca2b39332a77f12d2a21847bf7 |
| SHA512 | 8b2746eeee25e71cdf07004af5bcdf2383e67f2ef4c37d8f3a58881b33a3e0f958dd982c5b5a9747cf8540a34de02e9d1c3ba5712636116d22b6ac25ab5a1ec4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2b8e841e325e7dbd400a4d164064982c |
| SHA1 | f29c8c10c39e4203ba6ef559956f7990e7550963 |
| SHA256 | 06f828d08c2ed60636113ccd2e07b47bd09d34883d09d704eeafe4441fc1c3d1 |
| SHA512 | 5389c73e0a74ebdd508aafb9db752e9b3d3094b32e7d3949a0eccbeda8bdd77cf57a345318ff094e88d5d878af6099bf925da43e6c407af9d1ae30a89795ae4d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\AE001A6BFF3D85EA310E93A0AF3C440D134ADF82
| MD5 | 61dc0c642055cca999ce4ab96faf59a1 |
| SHA1 | ee980a127a247631dcd666e8f609639813b07ff7 |
| SHA256 | 306a157730f37d6294d5fdefa68812fbb554ef882befc0464609d9e817e32de7 |
| SHA512 | 2ce13a6c185aa9ed01c70e5b628a031b2366b5664f91433f6348d55b2c21123beee40af68229b7bfa20eacdf16937b261e81493211335a229784842f2f003deb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\default\https+++www.se7ensins.com\cache\morgue\98\{176f5c1c-f9e6-49fd-8e37-d6231b5af962}.final
| MD5 | 81c542f8823ebd1002b023a3abf06fdc |
| SHA1 | c9014514e5f46ab23daf73f11b02141715d056cc |
| SHA256 | 9a8a674170fbf6af1939cb9f75b6432b45e196fe48ca171a76ee1217515fff17 |
| SHA512 | 9bb97eccf14dae0cbaadf46a6a6e7171b316982be029f8c5c8f9b6e5986c9930ea04dc66424b50f2c05dd3842ac880d8efcc1723a8eb7776e395929f92d8cf65 |
memory/4492-545-0x0000020027CC0000-0x0000020027D6A000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\serviceworker.txt
| MD5 | 77b271983144d593909ddc4b5c679bf5 |
| SHA1 | 044d3335a4a44a3c7ba626325eae933c1ad431ce |
| SHA256 | bbb6981dc2fd4e46e7d2d2ed5662dc4d38c8d317b1f3139b5adf32109e347159 |
| SHA512 | d61ca122c48b341d14b08471e96ef370810ac99098f577b520f94fa9164882b188f1f0b6b60e240669573d8d52bb79a7fdb18d231d8f5d45bd6c133aa1815c47 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\serviceworker-1.txt
| MD5 | f239b63acd5ecce1ea1eadfee8233a92 |
| SHA1 | 7181285956c781d40771c8bde63b5efc44e96a29 |
| SHA256 | b8e6b0cc9d37061c63e50890a0c2b240e2944c2908faa3283f57f8d15022a0e1 |
| SHA512 | 11508c4646239887f5c4c07acbc50bc2be079ed841342f379831d0569ecba3d944d98392c592cb6cd0eea28a8c6d617065da082b6074227ac188260c168c7411 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\16495
| MD5 | 3b19115c794815634cfc38d3b5b16352 |
| SHA1 | 628781d1d48f9c4f1382c224963839c5e879f64e |
| SHA256 | de38f9243b6e492db893d5a93668d44492d302eb1c96b32ae80a280a1508307f |
| SHA512 | be7035be8461506460537b36f7d429a4b58d79a3822634005c47e9778f8b4ddd006e789bb4e886a1705eecf72bb36c16e6bd361e3fa842f534401a0967222604 |
memory/4492-582-0x0000020026E20000-0x00000200270EA000-memory.dmp
memory/4492-588-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2cfd21cf4903ed8b23506da7f986967d |
| SHA1 | fc6d8866f451a8d2cc70ea834aaf7079c72b1823 |
| SHA256 | 5d032153151d092b4ebbcf833dbad2833188f27365d2dcf618205425306cd102 |
| SHA512 | 09a0ba54085c4eaff911aa1041ee11e95410bb7e9758b0fd0fd9c307b689756b2ca71063c7e9ef2d08c2fcf8d996a67f52442114a422e6c5d6cf1705ba125067 |
memory/4492-651-0x0000020026B40000-0x0000020026B4E000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | c83db706f1d6dea9b4bbe0fea314a980 |
| SHA1 | 79bf7f5a1330b612acf881b6a9543a1a5c86d70b |
| SHA256 | 946df81d4cbd2d74234118f216e866ab5010ebbff54ec96d5fc7aae2d3544193 |
| SHA512 | 948181ee99ac1a9c1e6e7d9331c6d8adf1cc1ea6c1807bd58941df6fbedc7908ef90f2f8ffc728ccc326de84e68031f2550268e88c2955ce11e1acacb8f83871 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6466809da61fad625f9adb04fa457572 |
| SHA1 | 5e8cec115ce71ed409c7704862c352737bef03fb |
| SHA256 | f6eb84aef30d775596700cf213d7623d1226ed0b677b3fc2ee327497f72998e7 |
| SHA512 | 04c8138182ae7223ee84720a959466f45d3a30d8fe7df117e63c957933d51712b07475999883a08dcdcb6515f0e1b466abfc5296a5b232e983f8df8f44bb97be |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\21858
| MD5 | 9334f4eade7fb43147b1dd0c8baf06a8 |
| SHA1 | e1461dba58a9711d2812e21a411c7afd0ad9b95a |
| SHA256 | 2254fa58965418f15418056e8ce8fb69be6e4505f7c7574ea0a4968b5630127f |
| SHA512 | 5c7c54cd03676a3640cbf115cdd2d620c2c402af6d6044862e028ed319e01503a874680080641aa71bfdc4adb151059a78f35bb02bc3d57f2cea03647080cae9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\10223
| MD5 | e327b7f4d7363fc19155d8edd08c8295 |
| SHA1 | 3c86beed71507393509940722b9cb1ef5acde85d |
| SHA256 | 4a5429e6aa40f47ee9d1ea1e307ea4d49e45b762e303380470d5142416da527e |
| SHA512 | 92cf170ab9a98db2259c0728940f07e37d0b22c735c8a5993fe85c2dba5b2594f9ca6b5f91c892c23d1c7a320b931759d8bcbae6c0698c6c217989d0816f831e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\25205
| MD5 | de13f0614bde249299ffb30b0096f0a1 |
| SHA1 | 36d732a2fc439166f8947eefb4eeab28cf93cda4 |
| SHA256 | 5f5d135562fc68a19a627e2e72968c3a45877f89d0dda4ad7b16c170601e946e |
| SHA512 | 8db03da97c08763dc00c3ecde465413bf62448ba045914bee014699cd0b4c9563f36ff6b5a29d47403c82a333159feb0e04e780b40623fedd6786bcb20db4f15 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\30211
| MD5 | ea2c8934262c1a541aff6750a0f792e0 |
| SHA1 | 0c88b06a6bbf89741d13b93ea7be628c767103d8 |
| SHA256 | 80dbae08dbd4713605d8ff7305d68f13463fe1215778eaaeecb5bf6798da415b |
| SHA512 | ea517bcc390ad717ec804c30d413ec7d61daae9275c5a42e76eaffdf71a253625a28526a448b4fb3ed82ef50f08d7c6bf25fabf5edddd498cf23d05ed58f9fb6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\20000
| MD5 | 62ac05ed75140781eaa2acc57745e3f5 |
| SHA1 | 059c403d7f613793592b4c1659e5a03feb08f107 |
| SHA256 | 408afd9dd6d1697debd0bc342ff662cf97e95658d220c76d53dcfe60cd8359a1 |
| SHA512 | 8e4dbf4da68273ced20a29dc9c9ebc2d105e4d7193c2986a54357676927ac09289ae2f67744d5e7d99db64692eaee699be0b2aade67d35831d97751b081c73be |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\15613
| MD5 | 9fb1d751ce9998ea0c633724e48430c0 |
| SHA1 | 752a2e5c75c2bba34f89a6dd5dbc29cf3fc113f2 |
| SHA256 | e2077ba8ee3abc6f7c86cdfb1638cf16eeeaf3746f08748021a079a1f63f7a60 |
| SHA512 | 08d60a8d9efa50fe4e2f21a08bedcd620748482204366a591ce988d06dae52657f9d587b5cddf5b5381da35fd9c1384671b69e2158c33f315058c19275285762 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\531
| MD5 | cfa179b0304234849a340ba79a5a5e71 |
| SHA1 | 3ee161280720a77e81bbd0af725d1d0796a92ed1 |
| SHA256 | b72cdb7c8ff9f806628645d25ff8a9897a8001c612115b1af6ffb165aaeffddf |
| SHA512 | 02c21a1177d1876438aba82f6f2f7841e1b75c6337317a0b850a0743a2f2a4d86643428190f9c04507898694e14bb249e36d9bbdc923d79defd49adb01fe11bf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\10126
| MD5 | 8e2790df1689c0c7dabddd0c12342d29 |
| SHA1 | 2475ccf6b1040fe7cde1962bbc3d5722a6cbc015 |
| SHA256 | b4dfe23285f951e1268a8ba171f8649657108a38eda1bd699a289e917f6d059f |
| SHA512 | 41f876269220a440e32afbc4dfd29d51dcc94d9daf732910e671804198ed36623de374bf0c5646e6fe093bdc66dbfbb566e5af189698ade15931ebe494ab8959 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\C312F2B0D66A25FD8E03470F585EC35B2B34704A
| MD5 | 271d6219150090f0a6b22ab52311933a |
| SHA1 | b52b1a7f2ee84413342bcd35d8bf27fbe2819368 |
| SHA256 | f376a2e3819c3a070bcd5b4f531f980c789b4ce36aa249781946854203d1fc8a |
| SHA512 | d5c38555f30560eaf2aac8a779c52750200439eabb2df8a1ace3952dbac8946767cc8113ce731452c0e0b83bb5218da83672fa1e122cd6f0d0c91a4f21fc54f1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\9801
| MD5 | a503a20590166e52ecb2782651af9431 |
| SHA1 | 59e3fdf3df3da55f189315cebaab363034c25850 |
| SHA256 | dca592ea356f5c5633c677ea0f75a49343f9dc4b0c9ca7c6d9cc0cfe5da4aa67 |
| SHA512 | ac89b363e30e5d95044fe01c6a3b1522fc28604569a06e498341e51209aaf5660cc612054ab856ba608b44088387644a9f512d95255f16db8b108322cd28bbe9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e2f996b0eab50cca26abb27087bd4c9e |
| SHA1 | 10a8bbe7e6165a98c184f7107c96fd6894b6cf2e |
| SHA256 | 9c7ceb76d99f4cf4f63dafe6a5b0f2bdb2cc0c5840ab5fc5e89e03fedaaf62a6 |
| SHA512 | 7ea1dedde90192a211bad6e4797caa3a587694dfe45dee390fc59b2df306e274acb86c07c71111e98d70685b0e3c0adca04f5a46ba947da59092753256a6e9f6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2171031483YattIedMb.sqlite
| MD5 | 203b77107c44528b058f73812db9099b |
| SHA1 | 43cf8f0576cb7fcf9307d0bd9321853f1e3d440f |
| SHA256 | 27bf66bba0e34f6efe770528c3c62f74eb20a5997e9fc366f7ea9824a82bcdfa |
| SHA512 | 3cae8c58f4d1ae5511be82bee6f7d30aae006f3846de5c154c2d844e3a2eef0205cb152cf82050395998fb8afce8fb074cfe16289389abb0a7818702667f3112 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js
| MD5 | 905d4384adee42efa81fa67f1a6ad91d |
| SHA1 | 9ac69d610d3fa59836519451416872f0a2de0884 |
| SHA256 | 602a54d8696142abe73fa7b42614ef62594196259797ccd73ad587e97ea6e273 |
| SHA512 | 1167c1f69678f7633aadaa882ee58ea7c31c5c5d5fc235f5ce53f087ef4afcf08c231bdaeb571bb90258fac5a3aabe4e9bccb1f9c0622b21184b24b3ad3d74a3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
memory/4492-1078-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Speech\Files\UserLexicons\SP_DC3A09C9CFDD4813A4BD9D1E726D9912.dat
| MD5 | ab97cf9f1f816f306b1e491be67d434e |
| SHA1 | d371a83664ae7785de50d035c29726d9adb3637c |
| SHA256 | 264255babc1de5288d15b74a671c856f3bd3162baff78ddb2fa11888ab4d7bf4 |
| SHA512 | 04a90abbc0a17878d0cee18c9fce3c198890437dd0a49a97c3410e38b8f7bf02cc053912c4762329236b1e5611cdd0df704050300ee8140d5984856aa1632a06 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f2ea346dae65cfbc72d6e32c0bf9285b |
| SHA1 | 813bf721622757370a037e3de183cd42e55fa316 |
| SHA256 | c0f83a282d6f273991dfee584692127ec53e586078876c7c32fb7a63db511668 |
| SHA512 | 15c9b0a2a875d98bbe4f5a678e7c1e3ce10005e3e5fd0b4c74917cfb660d1c517523ae1c6dc6fdf07a6b6161640dbdb722dd41c81ccf74c88a6c23f40bd25397 |
memory/4492-1265-0x0000020027A80000-0x0000020027AF6000-memory.dmp
memory/4492-1266-0x0000020027150000-0x0000020027162000-memory.dmp
memory/4492-1276-0x0000020027180000-0x000002002719E000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5112
| MD5 | 7901442e6accfc3bbfbe6b109793f90f |
| SHA1 | c780c64b6ba30cad24b62813ef071a4ec11af11d |
| SHA256 | 3508d437d4a1cf92c1d93a21dda5bb05df53829ac74867ab2f056d138fbf4b8c |
| SHA512 | 085e5116b217202c23572de58785a66c11948a53095794dcbc9c75641d6abb65d7cde1d65fc3c599e536d1a2758fe36961809ffad1abe7b1f04d7b6666c02ceb |