Malware Analysis Report

2024-09-11 09:25

Sample ID 240526-chpfaaba21
Target Roblox_Player.exe
SHA256 d0edb846b44e046fee8fea55dba1160e988ccfc947cf51fbb2803ded90268d19
Tags
discordrat persistence rat rootkit stealer spyware
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

d0edb846b44e046fee8fea55dba1160e988ccfc947cf51fbb2803ded90268d19

Threat Level: Known bad

The file Roblox_Player.exe was found to be: Known bad.

Malicious Activity Summary

discordrat persistence rat rootkit stealer spyware

Discord RAT

Discordrat family

Downloads MZ/PE file

Reads user/profile data of web browsers

Legitimate hosting services abused for malware hosting/C2

Unsigned PE

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies registry class

Checks processor information in registry

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Unsecured Credentials
T1552
Credentials In Files
T1552.001
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Data from Local System
T1005
Exfiltration
TA0010
Command and Control
TA0011
Web Service
T1102
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-05-26 02:04

Signatures

Discordrat family

discordrat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-26 02:04

Reported

2024-05-26 02:07

Platform

win7-20240221-en

Max time kernel

121s

Max time network

122s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1132 wrote to memory of 552 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe C:\Windows\system32\WerFault.exe
PID 1132 wrote to memory of 552 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe C:\Windows\system32\WerFault.exe
PID 1132 wrote to memory of 552 N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe C:\Windows\system32\WerFault.exe

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 1132 -s 596

Network

N/A

Files

memory/1132-0-0x000007FEF6233000-0x000007FEF6234000-memory.dmp

memory/1132-1-0x000000013FE70000-0x000000013FE88000-memory.dmp

memory/1132-2-0x000007FEF6230000-0x000007FEF6C1C000-memory.dmp

memory/1132-3-0x000007FEF6233000-0x000007FEF6234000-memory.dmp

memory/1132-4-0x000007FEF6230000-0x000007FEF6C1C000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-26 02:04

Reported

2024-05-26 02:07

Platform

win10v2004-20240226-en

Max time kernel

152s

Max time network

158s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Downloads MZ/PE file

Reads user/profile data of web browsers

spyware stealer

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A discord.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5008 wrote to memory of 2688 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2688 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 1228 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 5008 wrote to memory of 2500 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe

"C:\Users\Admin\AppData\Local\Temp\RobloxPlayer.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.0.1405386525\949665800" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1844 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {14675cc1-b707-40c2-9778-0891c1b9f743} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 1972 2bad8a08158 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.1.799099091\1079540725" -parentBuildID 20221007134813 -prefsHandle 2316 -prefMapHandle 2312 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b70ed00-fca2-42fa-b7b6-6b2a91b69e9f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 2344 2bad7545858 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.2.1284863639\1121990144" -childID 1 -isForBrowser -prefsHandle 3104 -prefMapHandle 3100 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0da86e12-f474-40d7-b6a1-3eb07a2f37c6} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3116 2badb995658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.3.1856488554\1118102147" -childID 2 -isForBrowser -prefsHandle 3564 -prefMapHandle 3544 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f30ff155-dc61-43a2-8aa4-999084016227} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 2316 2bada1de858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.4.2135807297\138680115" -childID 3 -isForBrowser -prefsHandle 3608 -prefMapHandle 3604 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5d5b2264-4fb9-4d86-82f4-3131d6cefc10} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3620 2bac3d5b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.5.1197804460\546944117" -childID 4 -isForBrowser -prefsHandle 5004 -prefMapHandle 4956 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {733358ad-01f6-41b8-ada1-f125472c0a4b} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 4964 2baddcd2858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.6.574375922\314467356" -childID 5 -isForBrowser -prefsHandle 5016 -prefMapHandle 5012 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {669ff3ea-4263-46cc-89f6-7088aca1db1f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5028 2baddccf558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.7.652936528\167008958" -childID 6 -isForBrowser -prefsHandle 5176 -prefMapHandle 5028 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {33e543dc-d16b-48fa-a271-c0566b82fd8f} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5164 2baddcd0158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.8.1792668156\1042064995" -childID 7 -isForBrowser -prefsHandle 5884 -prefMapHandle 5736 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af224b6a-c1d0-4f68-a370-61dfbbdf4d6d} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5892 2baddc62758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.9.1182298143\548455456" -childID 8 -isForBrowser -prefsHandle 5416 -prefMapHandle 4968 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9e0f3f3-7a2a-46aa-a3b2-a209faf9df87} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5296 2badb90c858 tab

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4480 --field-trial-handle=1928,i,13242902252791919845,10377620236057253993,262144 --variations-seed-version /prefetch:8

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.10.2104330775\1209583857" -childID 9 -isForBrowser -prefsHandle 5388 -prefMapHandle 5608 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ec225d6-ebb8-4bf2-8fd0-cc1fd7534946} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 3676 2bade820158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.11.592402046\594021814" -childID 10 -isForBrowser -prefsHandle 4548 -prefMapHandle 5172 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6cccd998-f79a-4fa4-bd38-eb57bcda3c2b} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5252 2bad91d3258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.12.842866883\1948926298" -parentBuildID 20221007134813 -prefsHandle 3640 -prefMapHandle 4980 -prefsLen 26646 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25c78588-6754-44ce-b5ae-6f9490d18e66} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5092 2badfe47858 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.13.1691606301\467324740" -childID 11 -isForBrowser -prefsHandle 6288 -prefMapHandle 6192 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48d0c833-abe0-474a-a26e-0dc1dc3ac9d7} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 6276 2badfedae58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.14.671481484\326014630" -childID 12 -isForBrowser -prefsHandle 6036 -prefMapHandle 5888 -prefsLen 26646 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53fb88a6-7105-47c4-9092-6890de3e5cf3} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5028 2badf8bba58 tab

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4b8 0x4e4

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.15.575230555\749062158" -childID 13 -isForBrowser -prefsHandle 10444 -prefMapHandle 10448 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec2f84b9-76d3-4072-b226-578bf5729e6c} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10436 2bade822858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.16.986323902\459035742" -childID 14 -isForBrowser -prefsHandle 10156 -prefMapHandle 5644 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {63ff50c5-75b3-4a4a-8df7-c17589ad6a74} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10144 2badf95f658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.17.1001994635\812604781" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 10156 -prefMapHandle 5644 -prefsLen 26725 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {625256d7-3b6e-4ad2-973c-16bee874ebc1} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 10420 2badf89fd58 utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.18.343130661\1080302595" -childID 15 -isForBrowser -prefsHandle 9844 -prefMapHandle 9828 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f288a4c-ae71-47db-9988-45cab963c64e} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9824 2bad7545b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.19.1059199574\330563122" -childID 16 -isForBrowser -prefsHandle 9624 -prefMapHandle 9596 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ac2bdd3-cf38-4817-88d9-5cd199081d12} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9632 2bac3d60158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.20.913112202\920942426" -childID 17 -isForBrowser -prefsHandle 9240 -prefMapHandle 9236 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1c5ec22-40e6-4f06-a45a-190ffa23f4b4} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9248 2bae0060558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.21.1053123557\760449134" -childID 18 -isForBrowser -prefsHandle 8992 -prefMapHandle 8948 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {44bb62d8-0915-4e4a-8367-8a6678dd94a6} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 9060 2bae0849a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.22.1368414253\1964509878" -childID 19 -isForBrowser -prefsHandle 8992 -prefMapHandle 8948 -prefsLen 27204 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {360f819e-246e-413b-8da4-6e51e1a9fea0} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8792 2bae1c7ee58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.23.858815724\239018504" -childID 20 -isForBrowser -prefsHandle 5428 -prefMapHandle 5444 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {599597a0-1aeb-4dac-92be-4d4101080788} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 5508 2bae35b5358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.24.828243925\1778771845" -childID 21 -isForBrowser -prefsHandle 8476 -prefMapHandle 8472 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a6c03eb-c53d-40f5-b292-27154e90f372} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8484 2bae386f658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.25.1448503874\1764489037" -childID 22 -isForBrowser -prefsHandle 8212 -prefMapHandle 8216 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aabe538e-bfbb-4945-8c30-6194f144b6f0} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8300 2bae3870e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.26.2147475180\839766700" -childID 23 -isForBrowser -prefsHandle 8332 -prefMapHandle 8852 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0667c7d-78a0-4003-8491-8ce16fd4c899} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8052 2bae1eadc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="5008.27.1844734657\82987674" -childID 24 -isForBrowser -prefsHandle 10408 -prefMapHandle 8300 -prefsLen 27416 -prefMapSize 233444 -jsInitHandle 1416 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d30aa5cd-183b-46eb-9c25-04a417779441} 5008 "\\.\pipe\gecko-crash-server-pipe.5008" 8044 2badc7ba658 tab

Network

Country Destination Domain Proto
N/A 127.0.0.1:49816 tcp
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.135.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 234.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 166.188.117.34.in-addr.arpa udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 44.237.65.238:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:49824 tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 238.65.237.44.in-addr.arpa udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 discord.com udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 232.137.159.162.in-addr.arpa udp
US 8.8.8.8:53 geolocation-db.com udp
DE 159.89.102.253:443 geolocation-db.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 253.102.89.159.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.67:443 id.google.com tcp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.67:443 id.google.com udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.246:443 i.ytimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.212.246:443 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 246.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.reddit.com udp
US 151.101.1.140:443 www.reddit.com tcp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com tcp
US 8.8.8.8:53 youtube-ui.l.google.com udp
US 8.8.8.8:53 youtube-ui.l.google.com udp
GB 142.250.187.238:443 youtube-ui.l.google.com udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 www.se7ensins.com udp
US 104.27.206.87:443 www.se7ensins.com tcp
US 8.8.8.8:53 www.se7ensins.com udp
US 8.8.8.8:53 www.se7ensins.com udp
US 8.8.8.8:53 87.206.27.104.in-addr.arpa udp
US 104.27.206.87:443 www.se7ensins.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.16.234:443 ajax.googleapis.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
GB 172.217.16.234:443 ajax.googleapis.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 a.pub.network udp
US 104.18.20.206:443 a.pub.network tcp
US 8.8.8.8:53 a.pub.network udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 cmp.quantcast.com udp
US 8.8.8.8:53 a.pub.network udp
US 8.8.8.8:53 cmp.quantcast.com udp
US 8.8.8.8:53 cmp.quantcast.com udp
US 104.18.20.206:443 a.pub.network udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 206.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 global.px.quantserve.com udp
US 8.8.8.8:53 d.pub.network udp
US 34.160.152.31:443 d.pub.network tcp
US 8.8.8.8:53 d.pub.network udp
US 8.8.8.8:53 d.pub.network udp
US 3.162.140.119:443 cmp.quantcast.com tcp
DE 91.228.74.244:443 global.px.quantserve.com tcp
US 34.160.152.31:443 d.pub.network udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 31.152.160.34.in-addr.arpa udp
US 8.8.8.8:53 119.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 rules.quantcount.com udp
IE 18.66.171.123:443 rules.quantcount.com tcp
US 8.8.8.8:53 d2fashanjl7d9f.cloudfront.net udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 d2fashanjl7d9f.cloudfront.net udp
IE 18.66.171.20:443 cmp.inmobi.com tcp
US 8.8.8.8:53 d23sp3kzv1t6m5.cloudfront.net udp
US 8.8.8.8:53 d23sp3kzv1t6m5.cloudfront.net udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 123.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 20.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 optimise.net udp
US 8.8.8.8:53 optimise.net udp
US 8.8.8.8:53 optimise.net udp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com udp
US 34.111.152.239:443 optimise.net tcp
US 8.8.8.8:53 choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 239.152.111.34.in-addr.arpa udp
DE 3.120.230.251:443 choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com tcp
US 162.159.137.232:443 discord.com tcp
US 34.111.152.239:443 optimise.net tcp
US 34.111.152.239:443 optimise.net udp
US 8.8.8.8:53 api.floors.dev udp
US 8.8.8.8:53 api.floors.dev udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 api.floors.dev udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 34.160.128.112:443 api.floors.dev tcp
US 34.160.128.112:443 api.floors.dev tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 251.230.120.3.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 34.160.128.112:443 api.floors.dev udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 112.128.160.34.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 3.162.140.91:443 sb.scorecardresearch.com tcp
DE 91.228.74.159:443 pixel.quantserve.com tcp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 freestar-io.videoplayerhub.com udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 freestar-io.videoplayerhub.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 freestar-io.videoplayerhub.com udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 104.18.43.90:443 cdn.confiant-integrations.net tcp
US 104.26.9.50:443 freestar-io.videoplayerhub.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.18.43.90:443 cdn.confiant-integrations.net udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 btloader.com udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 104.22.5.69:443 id.hadron.ad.gt.cdn.cloudflare.net tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 91.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 90.43.18.104.in-addr.arpa udp
US 8.8.8.8:53 50.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 3.162.142.187:443 d1ykf07e75w7ss.cloudfront.net tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 idx.liadm.com udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 idx.cph.liveintent.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 idx.cph.liveintent.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 a.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 a.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 c.pub.network udp
US 8.8.8.8:53 c.pub.network udp
US 8.8.8.8:53 c.pub.network udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 187.142.162.3.in-addr.arpa udp
US 172.67.23.234:443 a.ad.gt.cdn.cloudflare.net tcp
US 104.22.75.216:443 btloader.com tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
DE 3.75.62.37:443 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud tcp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 44.197.96.190:443 idx.cph.liveintent.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 162.159.137.232:443 discord.com tcp
US 34.120.133.55:443 api.rlcdn.com udp
US 8.8.8.8:53 190.96.197.44.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com udp
US 34.160.152.31:443 c.pub.network tcp
US 34.160.152.31:443 c.pub.network tcp
US 8.8.8.8:53 ids.ad.gt udp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 ids.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 ids.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 pug-ams-bc.pubmnet.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 pug-ams-bc.pubmnet.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
US 3.162.148.221:443 d1jvc9b8z3vcjs.cloudfront.net tcp
US 3.162.148.221:443 d1jvc9b8z3vcjs.cloudfront.net tcp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 221.148.162.3.in-addr.arpa udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 rp.liadm.com udp
US 8.8.8.8:53 livepixel-production.bln.liveintent.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 livepixel-production.bln.liveintent.com udp
IE 18.66.171.125:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.5.69:443 p.ad.gt.cdn.cloudflare.net tcp
US 104.22.5.69:443 p.ad.gt.cdn.cloudflare.net tcp
US 104.22.5.69:443 p.ad.gt.cdn.cloudflare.net tcp
US 104.22.4.69:443 p.ad.gt.cdn.cloudflare.net tcp
US 8.8.8.8:53 125.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
NL 185.89.210.82:443 ib.anycast.adnxs.com tcp
NL 198.47.127.205:443 pug-ams-bc.pubmnet.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.net.akadns.net tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
IE 52.48.62.133:443 euw-ice.360yield.com tcp
US 69.166.1.66:443 iad-2-sync.go.sonobi.com tcp
US 35.244.159.8:443 u.openx.net tcp
FR 178.250.7.13:443 dnacdn.net tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
US 35.244.159.8:443 u.openx.net udp
US 3.233.179.64:443 livepixel-production.bln.liveintent.com tcp
GB 23.53.174.156:443 e4536.g.akamaiedge.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 82.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 133.62.48.52.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 66.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 156.174.53.23.in-addr.arpa udp
US 8.8.8.8:53 64.179.233.3.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 7c1705369e9085d43a904f2dc1b7756e.safeframe.googlesyndication.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
GB 172.217.169.65:443 pagead-googlehosted.l.google.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
GB 172.217.169.65:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 s2s.t13.io udp
US 8.8.8.8:53 s2s.t13.io udp
US 8.8.8.8:53 s2s.t13.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.107.140.113:443 s2s.t13.io udp
US 34.120.63.153:443 prebid.media.net tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
NL 178.250.1.8:443 bidder.nl3.vip.prod.criteo.com tcp
US 8.8.8.8:53 113.140.107.34.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 90.210.89.185.in-addr.arpa udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 34.120.63.153:443 prebid.media.net udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 resources.infolinks.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 resources.infolinks.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 resources.infolinks.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
GB 142.250.187.196:443 www.google.com udp
US 172.66.42.247:443 resources.infolinks.com tcp
US 3.162.140.5:443 cdn.browsiprod.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 5.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 247.42.66.172.in-addr.arpa udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 52.89.16.229:443 events.browsiprod.com tcp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 216.58.201.106:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 229.16.89.52.in-addr.arpa udp
US 3.162.140.33:443 yield-manager.browsiprod.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 3.162.140.5:443 cdn.browsiprod.com tcp
US 8.8.8.8:53 33.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 router.infolinks.com udp
US 172.66.42.247:443 router.infolinks.com tcp
US 8.8.8.8:53 router.infolinks.com udp
US 8.8.8.8:53 router.infolinks.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 widgets.outbrain.com udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 e10883.g.akamaiedge.net udp
US 8.8.8.8:53 e10883.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 eb2.3lift.com udp
US 162.159.137.232:443 discord.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 rt3013.infolinks.com udp
US 8.8.8.8:53 rt3013.infolinks.com udp
GB 142.250.187.225:443 cdn-content.ampproject.org tcp
US 8.8.8.8:53 rt3013.infolinks.com udp
GB 142.250.187.225:443 cdn-content.ampproject.org tcp
GB 142.250.187.225:443 cdn-content.ampproject.org tcp
GB 142.250.187.225:443 cdn-content.ampproject.org tcp
GB 142.250.187.225:443 cdn-content.ampproject.org tcp
GB 142.250.187.225:443 cdn-content.ampproject.org udp
US 172.66.42.247:443 rt3013.infolinks.com tcp
GB 2.21.189.145:443 e10883.g.akamaiedge.net tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 145.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 ai.browsiprod.com udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
US 8.8.8.8:53 aus5.mozilla.org udp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
NL 2.18.121.197:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 142.250.187.206:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 197.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
GB 142.250.187.206:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 e10883.g.akamaiedge.net udp
GB 173.194.183.166:443 r1---sn-aigl6ney.gvt1.com tcp
US 8.8.8.8:53 r1.sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 tcheck.outbrainimg.com udp
US 8.8.8.8:53 r1.sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 e15144.d.akamaiedge.net udp
GB 173.194.183.166:443 r1.sn-aigl6ney.gvt1.com udp
US 8.8.8.8:53 e15144.d.akamaiedge.net udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.183.194.173.in-addr.arpa udp
IE 18.66.171.93:443 ai.browsiprod.com tcp
US 3.162.140.75:443 demand-engine.browsiprod.com tcp
GB 2.21.189.145:443 widget-pixels.outbrain.com tcp
GB 2.21.190.8:443 e15144.d.akamaiedge.net tcp
US 172.66.42.247:443 rt3013.infolinks.com tcp
US 8.8.8.8:53 93.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 75.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 8.190.21.2.in-addr.arpa udp
US 8.8.8.8:53 mv.outbrain.com udp
US 8.8.8.8:53 pbs-cs.yellowblue.io udp
GB 146.75.74.132:443 mv.outbrain.com tcp
US 8.8.8.8:53 outbrain.map.fastly.net udp
US 8.8.8.8:53 pbs-cs.yellowblue.io udp
IE 54.170.105.17:443 pbs-cs.yellowblue.io tcp
US 8.8.8.8:53 outbrain.map.fastly.net udp
US 8.8.8.8:53 pbs-cs.yellowblue.io udp
US 8.8.8.8:53 132.74.75.146.in-addr.arpa udp
US 8.8.8.8:53 17.105.170.54.in-addr.arpa udp
US 8.8.8.8:53 cdn.springserve.com udp
US 8.8.8.8:53 cdn.springserve.com udp
US 8.8.8.8:53 cdn.springserve.com udp
US 3.162.140.120:443 cdn.springserve.com tcp
US 8.8.8.8:53 chidc2.outbrain.org udp
US 8.8.8.8:53 cm.adform.net udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 chidc2.outbrain.org udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 8.8.8.8:53 120.140.162.3.in-addr.arpa udp
NL 35.214.244.63:443 csync.loopme.me tcp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
US 8.8.8.8:53 imgsync-amsfpairbc.pubmnet.com udp
IE 52.48.211.135:443 ap.lijit.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 imgsync-amsfpairbc.pubmnet.com udp
DK 37.157.5.84:443 cm.adform.net tcp
NL 185.89.210.82:443 ib.adnxs.com tcp
DE 3.67.74.124:443 match-eu-central-1-ecs.sharethrough.com tcp
BE 23.55.96.24:443 contextual.media.net tcp
NL 81.17.55.109:443 ssbsync-euw1.smartadserver.com tcp
NL 198.47.127.18:443 imgsync-amsfpairbc.pubmnet.com tcp
US 35.244.159.8:443 us-u.openx.net tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
US 35.244.159.8:443 us-u.openx.net udp
US 8.8.8.8:53 cs.yellowblue.io udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
IE 52.18.156.159:443 cs.yellowblue.io tcp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 cs.yellowblue.io udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 cs.yellowblue.io udp
DE 51.89.9.251:443 onetag-sys.com udp
BE 23.55.96.24:443 contextual.media.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 63.244.214.35.in-addr.arpa udp
US 8.8.8.8:53 135.211.48.52.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 109.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 24.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 84.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 124.74.67.3.in-addr.arpa udp
US 8.8.8.8:53 159.156.18.52.in-addr.arpa udp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
DE 18.197.7.178:443 elb-aws-fr-dorpat-283474803.eu-central-1.elb.amazonaws.com tcp
US 74.121.140.211:443 pixel-origin.mathtag.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.net.akadns.net tcp
NL 82.145.213.8:443 outspot2-ams.adx.opera.com tcp
NL 81.17.55.170:443 ssbsync-global.smartadserver.com tcp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 169.98.55.23.in-addr.arpa udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 178.7.197.18.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 170.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 161.182.54.209.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 vid-io.springserve.com udp
US 8.8.8.8:53 vid-io.springserve.com udp
US 8.8.8.8:53 vid-io.springserve.com udp
US 64.74.236.223:443 mcdp-chidc2.outbrain.com tcp
IE 34.240.147.182:443 vid-io.springserve.com tcp
US 8.8.8.8:53 223.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 182.147.240.34.in-addr.arpa udp
US 8.8.8.8:53 sync.resetdigital.co udp
US 143.244.220.80:443 sync.resetdigital.co tcp
US 8.8.8.8:53 sync.resetdigital.co udp
US 8.8.8.8:53 sync.resetdigital.co udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.224.144:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 144.224.220.67.in-addr.arpa udp
US 8.8.8.8:53 80.220.244.143.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 172.67.23.234:443 pixels.ad.gt tcp
US 104.22.4.69:443 pixels.ad.gt tcp
US 104.22.4.69:443 pixels.ad.gt tcp
US 172.67.23.234:443 pixels.ad.gt tcp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 2.21.190.8:443 images.outbrainimg.com tcp
GB 2.21.190.8:443 images.outbrainimg.com tcp
GB 2.21.190.8:443 images.outbrainimg.com tcp
US 8.8.8.8:53 e15144.d.akamaiedge.net udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 log.outbrainimg.com udp
US 64.74.236.159:443 log.outbrainimg.com tcp
US 8.8.8.8:53 chidc2.outbrain.org udp
US 8.8.8.8:53 159.236.74.64.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 8.8.8.8:53 static.criteo.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
NL 178.250.1.11:443 gum.nl3.vip.prod.criteo.com tcp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 gbc8.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc2.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc8.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc2.nl3.eu.criteo.com udp
NL 185.235.87.225:443 gbc8.nl3.eu.criteo.com tcp
NL 185.235.87.70:443 gbc2.nl3.eu.criteo.com tcp
US 8.8.8.8:53 70.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 225.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 16.173.189.20.in-addr.arpa udp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 162.159.137.232:443 discord.com tcp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 contextual.media.net udp
BE 23.55.96.24:443 contextual.media.net udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
BE 23.55.96.24:443 contextual.media.net tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 contextual.media.net udp

Files

memory/4492-0-0x00007FF9EA703000-0x00007FF9EA705000-memory.dmp

memory/4492-1-0x000002000C510000-0x000002000C528000-memory.dmp

memory/4492-2-0x0000020026B50000-0x0000020026D12000-memory.dmp

memory/4492-10-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\pending_pings\88efa495-54b4-4fc6-975f-e3e97f8ddf2f

MD5 6173107bea453f471b7b3c073533fd1d
SHA1 000f1156fcdfd3e86a77c361c796f153a943fdf1
SHA256 41136043bcf2a6bd5691304586a317820906e76f07875223b3ca373e0ca0b51a
SHA512 a4cf298fd5ac4fc0061bc6516fed80c685eaadb3d395d165d4bcf50a460442a4cc552bcda76ee108cd7e47977c1ddfd4b8649bd6501caee70202896464001dc0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\datareporting\glean\db\data.safe.bin

MD5 a938566e5df133660ea432d368efd838
SHA1 86c5b66111a785abe6c116d3f66995e6dd51d8e1
SHA256 e614cba43ef081ca407018282c59842acb7e94944a9e4985b36d8a4b9e6661d4
SHA512 82c27f6e0034b98ea5a87a5389296fc489efdf74955c5874d31b8a6b70468cebcfa773abec707780f56234f9edd0678802c1c093024ff2e04410594d77aa10a9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 b01efd0877d8bb4a5d754d6d5a5922cf
SHA1 6dfaecd4219afbb206185171c64c777e9c73ae21
SHA256 ef1ebedd446ce18b79317f09953ff8a6069f92749188b45945567c315388aa90
SHA512 6f5fce89b6dc7e6979fdb01493c0811bcd55cb945d7665cd9a23e93419a5aa28207b3f614461103f04b0406741e8020c35252fda5529e41e3e918e42fd89c086

memory/4492-81-0x0000020027350000-0x0000020027878000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 76ae42d2c0fa0921eee10202fd59d94f
SHA1 efa275d9ec2d7d50bf1f4a15ec931c26d825f324
SHA256 3ca3669c662a447edd8820c06bba9b9e2ae276efa123a132997311d5e463e0c3
SHA512 7281031fc978493d726541497e10edb0ba91e160513f632adb313db546043f91eb6ff60a688eda7ed0c7b139256263176fe56dd358ab42183304890dc80da78d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js

MD5 f65fc5a2e58f51454591c663266862c7
SHA1 cbad8d8348797529a0dc8883694f759d4592cd01
SHA256 2b06ba93717cb6067795b0da8c2af4d7b19697c7dbb9374017932f6dd3144940
SHA512 e4e409e7b13e12169ca93484bd89a025eb7872fab9bb17cd5011cf9adc718d89998b2337559b490dd607d23912bba17b4a8b4b33d2a4e54a8a3a27165045a5f8

memory/4492-160-0x00007FF9EA703000-0x00007FF9EA705000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 106fbcc9fca59ab2cd1decf61fd44dae
SHA1 3c689aede9bc226a3bcfbaae032535772c9be9c3
SHA256 5569b98be74ddbc998236c6642ff9f8b073bf02ba622f39554dddfa431c33c3f
SHA512 5ef69cd16980e0af3751d09a6257807ec715d27208731bdd75a6c2ee57fff4f87095a3881460e28359e63d676a8ed053055c883c224da16fa565522287a06ec9

memory/4492-170-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js

MD5 966c39d4c97706becf6aa4fede166fb4
SHA1 01c9dd7d74550e16ff30fe8ef620e8fa8f6c15c3
SHA256 1a719d8e08dfcd6f58441a9c3483133a006ff68837217dd6eefa5cf311335ad4
SHA512 aff78b6954363c837fabc26a8da79d6fc3cd024b7c6681483f4a4488b996183b599d1264592720db89d2adbe8cd2a62a6aeda58aa3cf7c97c11d27e6ec2e0fac

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\1520

MD5 f0db58696a272567f6cdc3fc9991be6a
SHA1 8b991b522dfbf2e442490a883aa28f06c6bf1d39
SHA256 9dcbbcbb2b6f27e4f10592ab3a38df676f279613ea7ec13d12a26b1d0710947f
SHA512 1a0401cdbed11373ad3e8734e519c1d2864961971635f2ddfc45b5c0e7acd0f70958619be0ff2f0c29043bf190ca011e1d402149815899c098d81047c4228bef

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e812b364a7d6f24fd1b99bf0aa6323b7
SHA1 a11f5f22d8ae703c5c96cc05975bb7c0a9dd257a
SHA256 215da1e7946f4a8956be46ff052e2bc9c0314bc6732be35e0b5b48d05999656e
SHA512 31c840a3378ef99d36dc8531ae48c99736275490b68298abeca46e8b7e8159432ed157193cd040a7d4a2ffb93eefac7b3b6f5312f1d2ced9ec554014b7bb8036

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\2702

MD5 4174a4ae66416f04365c6d02bf14bb4e
SHA1 d0c11290036998536e4a3fc4c8ff7747993dc8cf
SHA256 147c8cd1c7ef7e6e3776b7c44ff7fe8f214f859ad160fe6db8034eb936e830db
SHA512 bc80028284599b53aa9e4d4b31b35257be67ee011c234b80b2b5b5595e2534e9b7d8967e39beccd8669792514d3d614f37e5ef7e4463a20584bdfca404bf0115

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\27816

MD5 a993206c209d63e26790b54237a69d38
SHA1 2e7fbc9eef6778b5c029ccf82b60d79945830bd8
SHA256 35183cc757029bb8cf08c1386ee915f6c6fcd99b00b091e62ec4e6d081d4765e
SHA512 54a162b42aeb604fa1db2073874e422853c5444e5da9ca15e61df9a99fc25729d466f64c0b0bf88b999d99fa6f2bdb0bd31576befe2964c9d1c66aa219ea460c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5305

MD5 6c652df14a14b60802553a8d5eb852d5
SHA1 0d7fb19cdf3cad887025c77cd78109cd3c0409b7
SHA256 8ecd8a482dc6793f0e2837d363c568d79837b83b6cabfc36b01742f7ce261ec8
SHA512 5191a05833240914d7e4e5aa6e21abab8c37ed394faf713d54412afc867c208acad52fb865a00e26a24a751ebd0d4b639cbf20e961a06de537bb63573bb67e53

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\24675

MD5 60d59f0686ce34de8b9730a0aa075c30
SHA1 c63a4d6d83d55f35d23c17076e1817ce407244ff
SHA256 70ede2fbf7aa8999d25928e764abe814d4756dbf25ad5615094a450dac74780d
SHA512 0009084795be1eb9720c87960c3b0f69ee7d357c12037e5453761039fd19e809d4b2cb4da2b7025f71ec93d93bd7fe278f3d432539d8fd172839f08a6ebdaf8e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5418

MD5 46adcc88006bcb79908cfa190f41a2c4
SHA1 f8bfe576266d5efe667fff87a4db2d77d4522b2c
SHA256 599c110a741fbd215f8c40ac561bb9d21acc17e0c9dd628319fd010e4b26a071
SHA512 6dbb5c25fb5ea8d56524db152c7a36a507813a93cd864e4ed50696d593d996a169d53ef648e431ffd8d9744b4d4106057b4b36498fdfb86d38161c9e3ef600f2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\4802

MD5 786faf3bc9891bf8c01c52ea6e73a8e1
SHA1 d10794d52f086af4c4cca38e62edb8fad362c1a4
SHA256 9421cf26e10ff6885c225079c20f688ff26c08721cda163d2df9a1798d78bb37
SHA512 df819980b96569a2c7dd032f5b358ff55477baba039f0b1e26f1ec60d609bff69f9d1730d5e8778ca1093b7a5f3ef040c4f692f2147ad5577e490dae1bf08af6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\2659

MD5 01f5c55538dbb2a0f272e4ca688765fe
SHA1 c5bf4351592c364f0b35047edb0f92489bd0b2c5
SHA256 77305298b9653c01c45b598420c8099a698d71528607f4bfe9b667f710093dfa
SHA512 150d08973b760e305da11bf35fc4bf352779f50c237c788dc6583dc019793bc8840ef9d33229fefb7422052cdba0a21c670b3563808c79d9adbb81e80245bf5b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\28683

MD5 331f58c2d4ac19bc6bba87c185c0673a
SHA1 c11852b5cbd06504bb69ed96e476715f9ed16db1
SHA256 4208383e653ac107f3d4d55263bab1907b3c3f28b1ca4f3a2e75afa765ad1f87
SHA512 1f09f8f9625feef4cb6098391bf71c30099b19c25047f504cc4adec9e75a57d01c9e67883e2421f3f9b811b045e16f772eb9425f1259eed2498e9f350f7118f7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\16812

MD5 80be7b63f7a8d0450d823b47edb984ef
SHA1 b418a1284fb5f2806c2ae47edb39f55850c14b5c
SHA256 ea6af26cbd7f97fc4eb20db1f069da20ffa86f2610f87a36f4aa0b9806496018
SHA512 08e315d2d4b618e07d6b91ce8dec26537da34eefb1d900c106ba439e4681cb6d26b00e4e717038c167f74aa569d2668b560418d038e08fe5fa49319bc9d87158

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\23231

MD5 77ed478a680356b936b7644b2af101e5
SHA1 d50ad088bdcc4715acef2e1ede2229afb234dda5
SHA256 1288d5572d43479cebbc3d9368eecf1329157f1733719e3e39a18214998eef9b
SHA512 4348238d93bbef01fe048e039f0a953dd3a28cc32e5b17d25b4592a701abe13c89249527921370898e691f8c7ec02e928fb562106f99f860454cfbbbf3de4147

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\6566

MD5 0ed45635572b9a661dfc64f5743625ef
SHA1 6d6f466c0be6a7d486e5818325df2cecc278e703
SHA256 e47e2f9770ef7c830ddbe5ef9ff602b5c5452e3529d12def610ca6b1fce27ee6
SHA512 db0b76e8bb7de26535cba910bda43b20b2feeb5d2127815398a1300911cffd22582896a0389bc81cdec30b46961bd894307dda0483fcda6403a32112c4d54f06

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\19741

MD5 f8d2dcd3e6e8962f5832007a401d50a5
SHA1 f32115dfe4e86166174ff742c112e6ffcb0d37a1
SHA256 4415cfb9e9d79a626be770f5e3bec0f393d8d3ca2b39332a77f12d2a21847bf7
SHA512 8b2746eeee25e71cdf07004af5bcdf2383e67f2ef4c37d8f3a58881b33a3e0f958dd982c5b5a9747cf8540a34de02e9d1c3ba5712636116d22b6ac25ab5a1ec4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2b8e841e325e7dbd400a4d164064982c
SHA1 f29c8c10c39e4203ba6ef559956f7990e7550963
SHA256 06f828d08c2ed60636113ccd2e07b47bd09d34883d09d704eeafe4441fc1c3d1
SHA512 5389c73e0a74ebdd508aafb9db752e9b3d3094b32e7d3949a0eccbeda8bdd77cf57a345318ff094e88d5d878af6099bf925da43e6c407af9d1ae30a89795ae4d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\AE001A6BFF3D85EA310E93A0AF3C440D134ADF82

MD5 61dc0c642055cca999ce4ab96faf59a1
SHA1 ee980a127a247631dcd666e8f609639813b07ff7
SHA256 306a157730f37d6294d5fdefa68812fbb554ef882befc0464609d9e817e32de7
SHA512 2ce13a6c185aa9ed01c70e5b628a031b2366b5664f91433f6348d55b2c21123beee40af68229b7bfa20eacdf16937b261e81493211335a229784842f2f003deb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\default\https+++www.se7ensins.com\cache\morgue\98\{176f5c1c-f9e6-49fd-8e37-d6231b5af962}.final

MD5 81c542f8823ebd1002b023a3abf06fdc
SHA1 c9014514e5f46ab23daf73f11b02141715d056cc
SHA256 9a8a674170fbf6af1939cb9f75b6432b45e196fe48ca171a76ee1217515fff17
SHA512 9bb97eccf14dae0cbaadf46a6a6e7171b316982be029f8c5c8f9b6e5986c9930ea04dc66424b50f2c05dd3842ac880d8efcc1723a8eb7776e395929f92d8cf65

memory/4492-545-0x0000020027CC0000-0x0000020027D6A000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\serviceworker.txt

MD5 77b271983144d593909ddc4b5c679bf5
SHA1 044d3335a4a44a3c7ba626325eae933c1ad431ce
SHA256 bbb6981dc2fd4e46e7d2d2ed5662dc4d38c8d317b1f3139b5adf32109e347159
SHA512 d61ca122c48b341d14b08471e96ef370810ac99098f577b520f94fa9164882b188f1f0b6b60e240669573d8d52bb79a7fdb18d231d8f5d45bd6c133aa1815c47

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\serviceworker-1.txt

MD5 f239b63acd5ecce1ea1eadfee8233a92
SHA1 7181285956c781d40771c8bde63b5efc44e96a29
SHA256 b8e6b0cc9d37061c63e50890a0c2b240e2944c2908faa3283f57f8d15022a0e1
SHA512 11508c4646239887f5c4c07acbc50bc2be079ed841342f379831d0569ecba3d944d98392c592cb6cd0eea28a8c6d617065da082b6074227ac188260c168c7411

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\16495

MD5 3b19115c794815634cfc38d3b5b16352
SHA1 628781d1d48f9c4f1382c224963839c5e879f64e
SHA256 de38f9243b6e492db893d5a93668d44492d302eb1c96b32ae80a280a1508307f
SHA512 be7035be8461506460537b36f7d429a4b58d79a3822634005c47e9778f8b4ddd006e789bb4e886a1705eecf72bb36c16e6bd361e3fa842f534401a0967222604

memory/4492-582-0x0000020026E20000-0x00000200270EA000-memory.dmp

memory/4492-588-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 2cfd21cf4903ed8b23506da7f986967d
SHA1 fc6d8866f451a8d2cc70ea834aaf7079c72b1823
SHA256 5d032153151d092b4ebbcf833dbad2833188f27365d2dcf618205425306cd102
SHA512 09a0ba54085c4eaff911aa1041ee11e95410bb7e9758b0fd0fd9c307b689756b2ca71063c7e9ef2d08c2fcf8d996a67f52442114a422e6c5d6cf1705ba125067

memory/4492-651-0x0000020026B40000-0x0000020026B4E000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD

MD5 c83db706f1d6dea9b4bbe0fea314a980
SHA1 79bf7f5a1330b612acf881b6a9543a1a5c86d70b
SHA256 946df81d4cbd2d74234118f216e866ab5010ebbff54ec96d5fc7aae2d3544193
SHA512 948181ee99ac1a9c1e6e7d9331c6d8adf1cc1ea6c1807bd58941df6fbedc7908ef90f2f8ffc728ccc326de84e68031f2550268e88c2955ce11e1acacb8f83871

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6466809da61fad625f9adb04fa457572
SHA1 5e8cec115ce71ed409c7704862c352737bef03fb
SHA256 f6eb84aef30d775596700cf213d7623d1226ed0b677b3fc2ee327497f72998e7
SHA512 04c8138182ae7223ee84720a959466f45d3a30d8fe7df117e63c957933d51712b07475999883a08dcdcb6515f0e1b466abfc5296a5b232e983f8df8f44bb97be

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\21858

MD5 9334f4eade7fb43147b1dd0c8baf06a8
SHA1 e1461dba58a9711d2812e21a411c7afd0ad9b95a
SHA256 2254fa58965418f15418056e8ce8fb69be6e4505f7c7574ea0a4968b5630127f
SHA512 5c7c54cd03676a3640cbf115cdd2d620c2c402af6d6044862e028ed319e01503a874680080641aa71bfdc4adb151059a78f35bb02bc3d57f2cea03647080cae9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\10223

MD5 e327b7f4d7363fc19155d8edd08c8295
SHA1 3c86beed71507393509940722b9cb1ef5acde85d
SHA256 4a5429e6aa40f47ee9d1ea1e307ea4d49e45b762e303380470d5142416da527e
SHA512 92cf170ab9a98db2259c0728940f07e37d0b22c735c8a5993fe85c2dba5b2594f9ca6b5f91c892c23d1c7a320b931759d8bcbae6c0698c6c217989d0816f831e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\25205

MD5 de13f0614bde249299ffb30b0096f0a1
SHA1 36d732a2fc439166f8947eefb4eeab28cf93cda4
SHA256 5f5d135562fc68a19a627e2e72968c3a45877f89d0dda4ad7b16c170601e946e
SHA512 8db03da97c08763dc00c3ecde465413bf62448ba045914bee014699cd0b4c9563f36ff6b5a29d47403c82a333159feb0e04e780b40623fedd6786bcb20db4f15

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\30211

MD5 ea2c8934262c1a541aff6750a0f792e0
SHA1 0c88b06a6bbf89741d13b93ea7be628c767103d8
SHA256 80dbae08dbd4713605d8ff7305d68f13463fe1215778eaaeecb5bf6798da415b
SHA512 ea517bcc390ad717ec804c30d413ec7d61daae9275c5a42e76eaffdf71a253625a28526a448b4fb3ed82ef50f08d7c6bf25fabf5edddd498cf23d05ed58f9fb6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\20000

MD5 62ac05ed75140781eaa2acc57745e3f5
SHA1 059c403d7f613793592b4c1659e5a03feb08f107
SHA256 408afd9dd6d1697debd0bc342ff662cf97e95658d220c76d53dcfe60cd8359a1
SHA512 8e4dbf4da68273ced20a29dc9c9ebc2d105e4d7193c2986a54357676927ac09289ae2f67744d5e7d99db64692eaee699be0b2aade67d35831d97751b081c73be

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\15613

MD5 9fb1d751ce9998ea0c633724e48430c0
SHA1 752a2e5c75c2bba34f89a6dd5dbc29cf3fc113f2
SHA256 e2077ba8ee3abc6f7c86cdfb1638cf16eeeaf3746f08748021a079a1f63f7a60
SHA512 08d60a8d9efa50fe4e2f21a08bedcd620748482204366a591ce988d06dae52657f9d587b5cddf5b5381da35fd9c1384671b69e2158c33f315058c19275285762

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\531

MD5 cfa179b0304234849a340ba79a5a5e71
SHA1 3ee161280720a77e81bbd0af725d1d0796a92ed1
SHA256 b72cdb7c8ff9f806628645d25ff8a9897a8001c612115b1af6ffb165aaeffddf
SHA512 02c21a1177d1876438aba82f6f2f7841e1b75c6337317a0b850a0743a2f2a4d86643428190f9c04507898694e14bb249e36d9bbdc923d79defd49adb01fe11bf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\10126

MD5 8e2790df1689c0c7dabddd0c12342d29
SHA1 2475ccf6b1040fe7cde1962bbc3d5722a6cbc015
SHA256 b4dfe23285f951e1268a8ba171f8649657108a38eda1bd699a289e917f6d059f
SHA512 41f876269220a440e32afbc4dfd29d51dcc94d9daf732910e671804198ed36623de374bf0c5646e6fe093bdc66dbfbb566e5af189698ade15931ebe494ab8959

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\entries\C312F2B0D66A25FD8E03470F585EC35B2B34704A

MD5 271d6219150090f0a6b22ab52311933a
SHA1 b52b1a7f2ee84413342bcd35d8bf27fbe2819368
SHA256 f376a2e3819c3a070bcd5b4f531f980c789b4ce36aa249781946854203d1fc8a
SHA512 d5c38555f30560eaf2aac8a779c52750200439eabb2df8a1ace3952dbac8946767cc8113ce731452c0e0b83bb5218da83672fa1e122cd6f0d0c91a4f21fc54f1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\9801

MD5 a503a20590166e52ecb2782651af9431
SHA1 59e3fdf3df3da55f189315cebaab363034c25850
SHA256 dca592ea356f5c5633c677ea0f75a49343f9dc4b0c9ca7c6d9cc0cfe5da4aa67
SHA512 ac89b363e30e5d95044fe01c6a3b1522fc28604569a06e498341e51209aaf5660cc612054ab856ba608b44088387644a9f512d95255f16db8b108322cd28bbe9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 e2f996b0eab50cca26abb27087bd4c9e
SHA1 10a8bbe7e6165a98c184f7107c96fd6894b6cf2e
SHA256 9c7ceb76d99f4cf4f63dafe6a5b0f2bdb2cc0c5840ab5fc5e89e03fedaaf62a6
SHA512 7ea1dedde90192a211bad6e4797caa3a587694dfe45dee390fc59b2df306e274acb86c07c71111e98d70685b0e3c0adca04f5a46ba947da59092753256a6e9f6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2171031483YattIedMb.sqlite

MD5 203b77107c44528b058f73812db9099b
SHA1 43cf8f0576cb7fcf9307d0bd9321853f1e3d440f
SHA256 27bf66bba0e34f6efe770528c3c62f74eb20a5997e9fc366f7ea9824a82bcdfa
SHA512 3cae8c58f4d1ae5511be82bee6f7d30aae006f3846de5c154c2d844e3a2eef0205cb152cf82050395998fb8afce8fb074cfe16289389abb0a7818702667f3112

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\prefs-1.js

MD5 905d4384adee42efa81fa67f1a6ad91d
SHA1 9ac69d610d3fa59836519451416872f0a2de0884
SHA256 602a54d8696142abe73fa7b42614ef62594196259797ccd73ad587e97ea6e273
SHA512 1167c1f69678f7633aadaa882ee58ea7c31c5c5d5fc235f5ce53f087ef4afcf08c231bdaeb571bb90258fac5a3aabe4e9bccb1f9c0622b21184b24b3ad3d74a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

memory/4492-1078-0x00007FF9EA700000-0x00007FF9EB1C1000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Microsoft\Speech\Files\UserLexicons\SP_DC3A09C9CFDD4813A4BD9D1E726D9912.dat

MD5 ab97cf9f1f816f306b1e491be67d434e
SHA1 d371a83664ae7785de50d035c29726d9adb3637c
SHA256 264255babc1de5288d15b74a671c856f3bd3162baff78ddb2fa11888ab4d7bf4
SHA512 04a90abbc0a17878d0cee18c9fce3c198890437dd0a49a97c3410e38b8f7bf02cc053912c4762329236b1e5611cdd0df704050300ee8140d5984856aa1632a06

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4s2odj76.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f2ea346dae65cfbc72d6e32c0bf9285b
SHA1 813bf721622757370a037e3de183cd42e55fa316
SHA256 c0f83a282d6f273991dfee584692127ec53e586078876c7c32fb7a63db511668
SHA512 15c9b0a2a875d98bbe4f5a678e7c1e3ce10005e3e5fd0b4c74917cfb660d1c517523ae1c6dc6fdf07a6b6161640dbdb722dd41c81ccf74c88a6c23f40bd25397

memory/4492-1265-0x0000020027A80000-0x0000020027AF6000-memory.dmp

memory/4492-1266-0x0000020027150000-0x0000020027162000-memory.dmp

memory/4492-1276-0x0000020027180000-0x000002002719E000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4s2odj76.default-release\cache2\doomed\5112

MD5 7901442e6accfc3bbfbe6b109793f90f
SHA1 c780c64b6ba30cad24b62813ef071a4ec11af11d
SHA256 3508d437d4a1cf92c1d93a21dda5bb05df53829ac74867ab2f056d138fbf4b8c
SHA512 085e5116b217202c23572de58785a66c11948a53095794dcbc9c75641d6abb65d7cde1d65fc3c599e536d1a2758fe36961809ffad1abe7b1f04d7b6666c02ceb