Malware Analysis Report

2024-11-15 05:08

Sample ID 240606-tdll9sgb8y
Target http://discord.com
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file http://discord.com was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-06 15:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 15:56

Reported

2024-06-06 16:27

Platform

win10v2004-20240508-en

Max time kernel

1799s

Max time network

1685s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://discord.com

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133621630413798564" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3580 wrote to memory of 3176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 3176 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3580 wrote to memory of 2016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://discord.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5eb1ab58,0x7ffd5eb1ab68,0x7ffd5eb1ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2296 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4152 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4032 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2ec 0x498

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4764 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4048 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4004 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4656 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 discord.com udp
US 162.159.135.232:80 discord.com tcp
US 162.159.135.232:80 discord.com tcp
US 162.159.135.232:443 discord.com tcp
US 8.8.8.8:53 cdn.prod.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 global.localizecdn.com udp
US 162.159.135.232:443 discord.com udp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.4.175:443 global.localizecdn.com tcp
GB 172.217.16.234:443 ajax.googleapis.com tcp
GB 172.217.16.234:443 ajax.googleapis.com tcp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
US 104.18.34.227:443 cdn.prod.website-files.com udp
DE 52.222.232.39:443 d3e54v103j8qbb.cloudfront.net tcp
US 8.8.8.8:53 assets.website-files.com udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 232.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 13.33.187.60:443 assets.website-files.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 227.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 175.4.18.104.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 39.232.222.52.in-addr.arpa udp
US 13.33.187.60:443 assets.website-files.com tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 60.187.33.13.in-addr.arpa udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.34.227:443 cdn.prod.website-files.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 233.134.159.162.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
NL 23.62.61.115:443 www.bing.com tcp
US 8.8.8.8:53 115.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 35.166.122.92.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8c18692f1baa385ecc7ef1470e4eb71d
SHA1 ddf0d07ef9c82d2f130fcab77e919d4d854dadcd
SHA256 d72046fda1122bec22a5f1722435ddb818a2e4bd856150e6e6fec10b460e89b9
SHA512 2516a05899e7e2b72e99d1bd27fd89172065b44a9a2fd3ccf8c79b82cb3b347d66cba4174188e761b0d0ab23da875cfe859433a7d8a49291b96e6da90f2459da

\??\pipe\crashpad_3580_VMLTOMFWRIPKUXHA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4396649dc084423ec7e9561c179c3edc
SHA1 baa28f6ff46a41884c57655eecaadf2e0f4246a4
SHA256 0e804a73b95ebfc76088035d282cd6819c12fa2ce62ace3cc4c05d27b8b672cf
SHA512 7398a59bb14ca58c9b3d1799b85ca38032a10c698f4a5913fe0f35048895818c12c84a71eba1319e778354f075cfa9448a5a27f392da6cc15df8acc3d4ad93c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f0849ce21deb866a4af6ee73e119d50
SHA1 9a5ec2c8b5520c28d5cece263a8f0b2d15b0d2eb
SHA256 5ae5103c0328e49d603b3e9e7d905ee7e8ef7b07f617dd5ac8244e0071ffef4f
SHA512 484fe40e43c58fc377dba1a32e36d0bf8aec9e8b9aef4e5eb9598478bb97240071352bf3130ed0a3b5f47b9a9c607ee2a3c4a3f7f0ab899817ab07e04ef966cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f70010da8767be40c572e6064949101c
SHA1 d9528dce20722bc3db96f14b5d5e3464ddb5538d
SHA256 bc877ec06f1326a072375d09659702fe054eeef5da1da979a7efa7b8a8aec709
SHA512 71f90aaaa7a0e718c8f69ae43ddd10337b0e21a9e1bbc6e2b8e9760228f30595075c1b435dc9dac5b63f9746de6cf96d8223eca19cb05c65c0df394c64ff4f02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0b9f18359932ac476dfd034a3e833804
SHA1 2e0bacb17a34d493ebaa81266654e381d00584cf
SHA256 a725dcd522335d826d8338a3623c2e6dab6563a72e5df3da44661273f72735ae
SHA512 147e8245c5b73043acc8e762986d7e82a68af616789ddca31d7da4eeffc7fe8e46a56e0a52d6ed8933579def0aa175dead060702673360363e095be0282f3162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d45925c43260fedac7bbf6865d021260
SHA1 b718caa7bab35e11841af9ea1a535cce869d7c12
SHA256 c9183701b2d4a74c38c6225631cc0e9d860e8d3a5da58b8f400a8e6bf34d5340
SHA512 ad559eb943729ee5aa234622d64e6b73e84d722816783acc450b217bfbb45df1b4678ff030f25f05fa6560bbc58aaba2b3e34c33d6ac7a2d568303a9b5f8c5fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57dec7.TMP

MD5 d296ed60e0a5a4d311a54558f49df32c
SHA1 c0b8d24f3279be3f5cc43161821da9fe9e239e55
SHA256 fba027e8c0a9491b78f07d8ecd199472cd94306a7371ded0cfc2e9c4cebacd45
SHA512 6d8228bf034d567b08bd7069722542517416606040674586cc326299a7fbaa144d478c346c299c0a262357797c56fe8a51b83576672ba6810b7539a0d26f1ae9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 22802828b8890b4669a2ef6d888262cc
SHA1 6ff2588b0525c04b8e2c2fd8d0aaed49bdb1555f
SHA256 861b723d3671ff4d32770c8984a543cd806e86d9e7aeff2e46e383c5d24ede78
SHA512 161d8a1e8104419394afd0986be0335fa6153c38cd7b2d1695aa7c07d5fe2646fe280b9e4e3b3ced12dfac4399bb95df7c45664b8046b850e16aff00904bf853

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d473987c9f3e5ae7b89b1de21875c4ee
SHA1 5b144ae9e897f093654a30286f0b510b88e7a753
SHA256 db9d1cd3139482d056f4f042c6e1d4191c50f506c66e594530885ad318689980
SHA512 17d9fc1f003fecb3f71d642fda67b7b697c0e0988c4101b45b3c968059e6ba1cec595ddfb0a730cd4fe9938d2fa7a217b8b8772673cd959853df1a5e4d59b3fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e20b36a6c1302a54770f4d3ec0d30d0b
SHA1 579594e05e160c4c14ba30b427999343ae674eed
SHA256 34154afa2549b85b784bdf58dec6618767be9e0e4439fa62447a35dceedc99b8
SHA512 b3bc3c9ac3526e650c67d16ae5dc341c0488c023e8fe8c4cbab0d9c05756513f9b96f6603c34c9c878ccacfafdc64f4dc8b2068a49af2ba74c336d4335d39e0a

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 15:56

Reported

2024-06-06 16:28

Platform

ubuntu2404-amd64-20240523-en

Max time network

1838s

Command Line

N/A

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 locprod2-elb-us-west-2.prod.mozaws.net udp
US 52.11.19.139:443 location.services.mozilla.com tcp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 162.159.136.232:443 discord.com tcp
US 8.8.8.8:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozorg.moz.works udp
DE 13.32.119.185:443 www.mozilla.org tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 discord.com udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 162.159.135.232:443 discord.com tcp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 162.159.135.232:443 discord.com udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 cdn.prod.website-files.com udp
US 8.8.8.8:53 cdn.prod.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 global.localizecdn.com udp
US 8.8.8.8:53 global.localizecdn.com udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 104.18.5.175:443 global.localizecdn.com tcp
DE 52.222.232.39:443 d3e54v103j8qbb.cloudfront.net tcp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 104.18.34.227:443 cdn.prod.website-files.com udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 104.18.5.175:443 global.localizecdn.com udp
GB 142.250.187.234:443 ajax.googleapis.com udp
US 8.8.8.8:53 assets.website-files.com udp
US 8.8.8.8:53 assets.website-files.com udp
US 13.33.187.46:443 assets.website-files.com tcp
US 13.33.187.46:443 assets.website-files.com tcp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 www.womenshealthmag.com udp
US 8.8.8.8:53 www.womenshealthmag.com udp
US 8.8.8.8:53 www.theguardian.com udp
US 8.8.8.8:53 www.theguardian.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com tcp
US 162.159.134.233:443 cdn.discordapp.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 44.232.194.163:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 104.18.5.175:443 global.localizecdn.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
DE 52.222.232.99:443 d3e54v103j8qbb.cloudfront.net tcp
US 8.8.8.8:53 www.timeout.com udp
US 8.8.8.8:53 www.timeout.com udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.vodafone.co.uk udp
US 8.8.8.8:53 www.vodafone.co.uk udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 edition.cnn.com udp
US 8.8.8.8:53 edition.cnn.com udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net tcp
US 104.18.34.227:443 cdn.prod.website-files.com udp
US 162.159.135.232:443 discord.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 8.8.8.8:53 incoming.telemetry.mozilla.org udp
US 8.8.8.8:53 incoming.telemetry.mozilla.org udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 8.8.8.8:53 fp2e7a.wpc.phicdn.net udp
US 34.107.243.93:443 push.services.mozilla.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 e15314.dsca.akamaiedge.net udp
US 8.8.8.8:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 www.hellofresh.co.uk udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 www.hellofresh.co.uk udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 162.159.134.234:443 remote-auth-gateway.discord.gg tcp
US 162.159.134.234:443 remote-auth-gateway.discord.gg tcp
US 8.8.8.8:53 discord.com udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.timeout.com udp
US 1.1.1.1:53 www.timeout.com udp
US 1.1.1.1:53 edition.cnn.com udp
US 1.1.1.1:53 edition.cnn.com udp
US 1.1.1.1:53 www.businessinsider.com udp
US 1.1.1.1:53 www.businessinsider.com udp
US 1.1.1.1:53 f.shared.global.fastly.net udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 h2.condenast.map.fastly.net udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.theatlantic.com udp
US 1.1.1.1:53 www.theatlantic.com udp
US 1.1.1.1:53 na-eu.atlanticmedia.map.fastly.net udp
US 1.1.1.1:53 theconversation.com udp
US 1.1.1.1:53 theconversation.com udp
US 1.1.1.1:53 www.cntraveller.com udp
US 1.1.1.1:53 www.cntraveller.com udp
US 1.1.1.1:53 www.cnet.com udp
US 1.1.1.1:53 www.cnet.com udp
US 1.1.1.1:53 www.theverge.com udp
US 1.1.1.1:53 www.theverge.com udp
US 1.1.1.1:53 n.sni.global.fastly.net udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 e10653.e12.akamaiedge.net udp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
GB 18.245.162.100:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 versioncheck-bg.addons.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 versioncheck-bg.addons.mozilla.org udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 1.1.1.1:53 fp2e7a.wpc.phicdn.net udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 1.1.1.1:53 addons.mozilla.org udp
US 1.1.1.1:53 addons.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
GB 13.224.132.3:443 addons.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 www.houseandgarden.co.uk udp
US 1.1.1.1:53 www.houseandgarden.co.uk udp
US 1.1.1.1:53 m.sni.global.fastly.net udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 162.159.135.232:443 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 js.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 js.hcaptcha.com udp
US 104.19.230.21:443 js.hcaptcha.com tcp
US 104.19.230.21:443 js.hcaptcha.com udp
US 1.1.1.1:53 newassets.hcaptcha.com udp
US 1.1.1.1:53 newassets.hcaptcha.com udp
US 104.19.230.21:443 newassets.hcaptcha.com tcp
US 104.19.230.21:443 newassets.hcaptcha.com tcp
US 104.19.230.21:443 newassets.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com tcp
US 104.19.230.21:443 api.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 imgs.hcaptcha.com udp
US 1.1.1.1:53 imgs.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 104.19.229.21:443 imgs.hcaptcha.com tcp
US 104.19.229.21:443 imgs.hcaptcha.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 1.1.1.1:53 detectportal.firefox.com udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 imgs3.hcaptcha.com udp
US 1.1.1.1:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 newassets.hcaptcha.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com tcp
US 104.19.230.21:443 imgs3.hcaptcha.com tcp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api2.hcaptcha.com udp
US 1.1.1.1:53 api2.hcaptcha.com udp
US 104.19.229.21:443 api2.hcaptcha.com tcp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api2.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 newassets.hcaptcha.com udp
US 104.19.230.21:443 api2.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api2.hcaptcha.com udp
US 1.1.1.1:53 api2.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 imgs3.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 api.hcaptcha.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 cdn.discordapp.com udp
US 1.1.1.1:53 cdn.discordapp.com udp
US 162.159.134.233:443 cdn.discordapp.com udp
US 1.1.1.1:53 discord.com udp
US 162.159.135.232:443 discord.com udp
US 1.1.1.1:53 gateway.discord.gg udp
US 1.1.1.1:53 gateway.discord.gg udp
US 1.1.1.1:53 gateway.discord.gg udp
US 162.159.134.234:443 gateway.discord.gg tcp
US 162.159.134.234:443 gateway.discord.gg tcp
US 1.1.1.1:53 status.discord.com udp
US 1.1.1.1:53 status.discord.com udp
US 1.1.1.1:53 discord.com udp
US 162.159.138.232:443 status.discord.com tcp
US 1.1.1.1:53 discord.com udp
US 162.159.138.232:443 status.discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 media.discordapp.net udp
US 1.1.1.1:53 media.discordapp.net udp
US 1.1.1.1:53 discord.com udp
US 162.159.134.232:443 media.discordapp.net tcp
US 162.159.134.232:443 media.discordapp.net tcp
US 162.159.134.232:443 media.discordapp.net udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 verify.doublecounter.gg udp
US 1.1.1.1:53 verify.doublecounter.gg udp
US 172.67.69.4:443 verify.doublecounter.gg tcp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 pki-goog.l.google.com udp
US 1.1.1.1:53 analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 analytics-alv.google.com udp
US 216.239.38.181:443 analytics.google.com tcp
US 216.239.38.181:443 analytics.google.com udp
BE 66.102.1.156:443 stats.g.doubleclick.net tcp
BE 66.102.1.156:443 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.201.100:443 www.google.com udp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 discord.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 discord.com udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 1.1.1.1:53 incoming.telemetry.mozilla.org udp
US 34.120.208.123:443 incoming.telemetry.mozilla.org tcp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.amazon.co.uk udp
US 1.1.1.1:53 www.vodafone.co.uk udp
US 1.1.1.1:53 www.vodafone.co.uk udp
US 1.1.1.1:53 www.youtube.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.reddit.com udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.bbc.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 www.ebay.co.uk udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 1.1.1.1:53 youtube-ui.l.google.com udp
US 1.1.1.1:53 reddit.map.fastly.net udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 e11847.a.akamaiedge.net udp
US 1.1.1.1:53 www.womenshealthmag.com udp
US 1.1.1.1:53 www.womenshealthmag.com udp
US 1.1.1.1:53 www.hellofresh.co.uk udp
US 1.1.1.1:53 www.hellofresh.co.uk udp
US 1.1.1.1:53 gtm-uk.www.bbc.co.uk.pri.bbc.co.uk udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.theguardian.com udp
US 1.1.1.1:53 www.timeout.com udp
US 1.1.1.1:53 d7ul7sko65u1c.cloudfront.net udp
US 1.1.1.1:53 edition.cnn.com udp
US 1.1.1.1:53 www.businessinsider.com udp
US 1.1.1.1:53 www.businessinsider.com udp
US 1.1.1.1:53 f.shared.global.fastly.net udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 time.com udp
US 1.1.1.1:53 h2.condenast.map.fastly.net udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.independent.co.uk udp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.inverse.com udp
US 1.1.1.1:53 www.theatlantic.com udp
US 1.1.1.1:53 www.theatlantic.com udp
US 1.1.1.1:53 na-eu.atlanticmedia.map.fastly.net udp
US 1.1.1.1:53 www.cntraveller.com udp
US 1.1.1.1:53 www.cntraveller.com udp
US 1.1.1.1:53 theconversation.com udp
US 1.1.1.1:53 www.cnet.com udp
US 1.1.1.1:53 www.cnet.com udp
US 1.1.1.1:53 www.theverge.com udp
US 1.1.1.1:53 www.theverge.com udp
US 1.1.1.1:53 n.sni.global.fastly.net udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 news.sky.com udp
US 1.1.1.1:53 e10653.e12.akamaiedge.net udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 www.forbes.com udp
US 1.1.1.1:53 www.houseandgarden.co.uk udp
US 1.1.1.1:53 www.houseandgarden.co.uk udp
US 1.1.1.1:53 m.sni.global.fastly.net udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
US 104.26.6.148:443 verify.doublecounter.gg tcp
US 1.1.1.1:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 uk.hotels.com udp
US 1.1.1.1:53 analytics.google.com udp
US 1.1.1.1:53 analytics.google.com udp
GB 142.250.179.238:443 analytics.google.com tcp
GB 142.250.179.238:443 analytics.google.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 1.1.1.1:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 1.1.1.1:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 1.1.1.1:53 se.archive.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 91.189.91.82:80 security.ubuntu.com tcp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 detectportal.firefox.com udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.128.233:443 discord.com udp
US 162.159.133.233:443 cdn.discordapp.com udp
US 162.159.128.233:443 discord.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 discord.com udp
US 162.159.128.233:443 discord.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp

Files

N/A