Analysis Overview
Threat Level: Shows suspicious behavior
The file http://discord.com was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-06 15:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 15:56
Reported
2024-06-06 16:27
Platform
win10v2004-20240508-en
Max time kernel
1799s
Max time network
1685s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133621630413798564" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://discord.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5eb1ab58,0x7ffd5eb1ab68,0x7ffd5eb1ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2296 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4152 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4032 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec 0x498
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4764 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4048 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4004 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4656 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 --field-trial-handle=1940,i,13503428688641993256,761093123188130508,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:80 | discord.com | tcp |
| US | 162.159.135.232:80 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.4.175:443 | global.localizecdn.com | tcp |
| GB | 172.217.16.234:443 | ajax.googleapis.com | tcp |
| GB | 172.217.16.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| DE | 52.222.232.39:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | assets.website-files.com | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 13.33.187.60:443 | assets.website-files.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.4.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.232.222.52.in-addr.arpa | udp |
| US | 13.33.187.60:443 | assets.website-files.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 60.187.33.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 233.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| NL | 23.62.61.115:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 115.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.166.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.117.168.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8c18692f1baa385ecc7ef1470e4eb71d |
| SHA1 | ddf0d07ef9c82d2f130fcab77e919d4d854dadcd |
| SHA256 | d72046fda1122bec22a5f1722435ddb818a2e4bd856150e6e6fec10b460e89b9 |
| SHA512 | 2516a05899e7e2b72e99d1bd27fd89172065b44a9a2fd3ccf8c79b82cb3b347d66cba4174188e761b0d0ab23da875cfe859433a7d8a49291b96e6da90f2459da |
\??\pipe\crashpad_3580_VMLTOMFWRIPKUXHA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4396649dc084423ec7e9561c179c3edc |
| SHA1 | baa28f6ff46a41884c57655eecaadf2e0f4246a4 |
| SHA256 | 0e804a73b95ebfc76088035d282cd6819c12fa2ce62ace3cc4c05d27b8b672cf |
| SHA512 | 7398a59bb14ca58c9b3d1799b85ca38032a10c698f4a5913fe0f35048895818c12c84a71eba1319e778354f075cfa9448a5a27f392da6cc15df8acc3d4ad93c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5f0849ce21deb866a4af6ee73e119d50 |
| SHA1 | 9a5ec2c8b5520c28d5cece263a8f0b2d15b0d2eb |
| SHA256 | 5ae5103c0328e49d603b3e9e7d905ee7e8ef7b07f617dd5ac8244e0071ffef4f |
| SHA512 | 484fe40e43c58fc377dba1a32e36d0bf8aec9e8b9aef4e5eb9598478bb97240071352bf3130ed0a3b5f47b9a9c607ee2a3c4a3f7f0ab899817ab07e04ef966cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f70010da8767be40c572e6064949101c |
| SHA1 | d9528dce20722bc3db96f14b5d5e3464ddb5538d |
| SHA256 | bc877ec06f1326a072375d09659702fe054eeef5da1da979a7efa7b8a8aec709 |
| SHA512 | 71f90aaaa7a0e718c8f69ae43ddd10337b0e21a9e1bbc6e2b8e9760228f30595075c1b435dc9dac5b63f9746de6cf96d8223eca19cb05c65c0df394c64ff4f02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b9f18359932ac476dfd034a3e833804 |
| SHA1 | 2e0bacb17a34d493ebaa81266654e381d00584cf |
| SHA256 | a725dcd522335d826d8338a3623c2e6dab6563a72e5df3da44661273f72735ae |
| SHA512 | 147e8245c5b73043acc8e762986d7e82a68af616789ddca31d7da4eeffc7fe8e46a56e0a52d6ed8933579def0aa175dead060702673360363e095be0282f3162 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d45925c43260fedac7bbf6865d021260 |
| SHA1 | b718caa7bab35e11841af9ea1a535cce869d7c12 |
| SHA256 | c9183701b2d4a74c38c6225631cc0e9d860e8d3a5da58b8f400a8e6bf34d5340 |
| SHA512 | ad559eb943729ee5aa234622d64e6b73e84d722816783acc450b217bfbb45df1b4678ff030f25f05fa6560bbc58aaba2b3e34c33d6ac7a2d568303a9b5f8c5fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57dec7.TMP
| MD5 | d296ed60e0a5a4d311a54558f49df32c |
| SHA1 | c0b8d24f3279be3f5cc43161821da9fe9e239e55 |
| SHA256 | fba027e8c0a9491b78f07d8ecd199472cd94306a7371ded0cfc2e9c4cebacd45 |
| SHA512 | 6d8228bf034d567b08bd7069722542517416606040674586cc326299a7fbaa144d478c346c299c0a262357797c56fe8a51b83576672ba6810b7539a0d26f1ae9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 22802828b8890b4669a2ef6d888262cc |
| SHA1 | 6ff2588b0525c04b8e2c2fd8d0aaed49bdb1555f |
| SHA256 | 861b723d3671ff4d32770c8984a543cd806e86d9e7aeff2e46e383c5d24ede78 |
| SHA512 | 161d8a1e8104419394afd0986be0335fa6153c38cd7b2d1695aa7c07d5fe2646fe280b9e4e3b3ced12dfac4399bb95df7c45664b8046b850e16aff00904bf853 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d473987c9f3e5ae7b89b1de21875c4ee |
| SHA1 | 5b144ae9e897f093654a30286f0b510b88e7a753 |
| SHA256 | db9d1cd3139482d056f4f042c6e1d4191c50f506c66e594530885ad318689980 |
| SHA512 | 17d9fc1f003fecb3f71d642fda67b7b697c0e0988c4101b45b3c968059e6ba1cec595ddfb0a730cd4fe9938d2fa7a217b8b8772673cd959853df1a5e4d59b3fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e20b36a6c1302a54770f4d3ec0d30d0b |
| SHA1 | 579594e05e160c4c14ba30b427999343ae674eed |
| SHA256 | 34154afa2549b85b784bdf58dec6618767be9e0e4439fa62447a35dceedc99b8 |
| SHA512 | b3bc3c9ac3526e650c67d16ae5dc341c0488c023e8fe8c4cbab0d9c05756513f9b96f6603c34c9c878ccacfafdc64f4dc8b2068a49af2ba74c336d4335d39e0a |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-06 15:56
Reported
2024-06-06 16:28
Platform
ubuntu2404-amd64-20240523-en
Max time network
1838s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | locprod2-elb-us-west-2.prod.mozaws.net | udp |
| US | 52.11.19.139:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| DE | 13.32.119.185:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| US | 8.8.8.8:53 | global.localizecdn.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | tcp |
| DE | 52.222.232.39:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | udp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | assets.website-files.com | udp |
| US | 8.8.8.8:53 | assets.website-files.com | udp |
| US | 13.33.187.46:443 | assets.website-files.com | tcp |
| US | 13.33.187.46:443 | assets.website-files.com | tcp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | www.womenshealthmag.com | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | www.theguardian.com | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | hearst-hdm.map.fastly.net | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 44.232.194.163:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 104.18.5.175:443 | global.localizecdn.com | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | tcp |
| DE | 52.222.232.99:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | www.timeout.com | udp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.vodafone.co.uk | udp |
| US | 8.8.8.8:53 | www.vodafone.co.uk | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www-live.waf.digital-prod.vodafoneaws.co.uk | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | www.bbc.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | www.ebay.co.uk | udp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | e11847.a.akamaiedge.net | udp |
| US | 8.8.8.8:53 | bbc.map.fastly.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 104.18.34.227:443 | cdn.prod.website-files.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | normandy-cdn.services.mozilla.com | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 35.201.103.21:443 | normandy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 8.8.8.8:53 | classify-client.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod-classifyclient.normandy.prod.cloudops.mozgcp.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 34.98.75.36:443 | classify-client.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | incoming.telemetry.mozilla.org | udp |
| US | 8.8.8.8:53 | incoming.telemetry.mozilla.org | udp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | e15314.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | www-live.waf.digital-prod.vodafoneaws.co.uk | udp |
| US | 8.8.8.8:53 | reddit.map.fastly.net | udp |
| US | 8.8.8.8:53 | bbc.map.fastly.net | udp |
| US | 8.8.8.8:53 | e11847.a.akamaiedge.net | udp |
| US | 8.8.8.8:53 | getpocket.com | udp |
| US | 8.8.8.8:53 | www.hellofresh.co.uk | udp |
| US | 8.8.8.8:53 | www.mozorg.moz.works | udp |
| US | 8.8.8.8:53 | www.hellofresh.co.uk | udp |
| US | 8.8.8.8:53 | hearst-hdm.map.fastly.net | udp |
| US | 8.8.8.8:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 1.1.1.1:53 | tracking-protection.prod.mozaws.net | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.timeout.com | udp |
| US | 1.1.1.1:53 | www.timeout.com | udp |
| US | 1.1.1.1:53 | edition.cnn.com | udp |
| US | 1.1.1.1:53 | edition.cnn.com | udp |
| US | 1.1.1.1:53 | www.businessinsider.com | udp |
| US | 1.1.1.1:53 | www.businessinsider.com | udp |
| US | 1.1.1.1:53 | f.shared.global.fastly.net | udp |
| US | 1.1.1.1:53 | www.wired.com | udp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | h2.condenast.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.theatlantic.com | udp |
| US | 1.1.1.1:53 | www.theatlantic.com | udp |
| US | 1.1.1.1:53 | na-eu.atlanticmedia.map.fastly.net | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | www.cntraveller.com | udp |
| US | 1.1.1.1:53 | www.cntraveller.com | udp |
| US | 1.1.1.1:53 | www.cnet.com | udp |
| US | 1.1.1.1:53 | www.cnet.com | udp |
| US | 1.1.1.1:53 | www.theverge.com | udp |
| US | 1.1.1.1:53 | www.theverge.com | udp |
| US | 1.1.1.1:53 | n.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | e10653.e12.akamaiedge.net | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | services.addons.mozilla.org | udp |
| GB | 18.245.162.100:443 | services.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | versioncheck-bg.addons.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | fp2e7a.wpc.phicdn.net | udp |
| US | 34.160.90.233:443 | versioncheck-bg.addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| GB | 13.224.132.3:443 | addons.mozilla.org | tcp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | www.forbes.com | udp |
| US | 1.1.1.1:53 | www.houseandgarden.co.uk | udp |
| US | 1.1.1.1:53 | www.houseandgarden.co.uk | udp |
| US | 1.1.1.1:53 | m.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | safebrowsing.googleapis.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | js.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | js.hcaptcha.com | udp |
| US | 1.1.1.1:53 | newassets.hcaptcha.com | udp |
| US | 1.1.1.1:53 | newassets.hcaptcha.com | udp |
| US | 104.19.230.21:443 | newassets.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | newassets.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | newassets.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 104.19.230.21:443 | api.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | imgs.hcaptcha.com | udp |
| US | 1.1.1.1:53 | imgs.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 104.19.229.21:443 | imgs.hcaptcha.com | tcp |
| US | 104.19.229.21:443 | imgs.hcaptcha.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 1.1.1.1:53 | detectportal.firefox.com | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 1.1.1.1:53 | ipv4only.arpa | udp |
| US | 1.1.1.1:53 | imgs3.hcaptcha.com | udp |
| US | 1.1.1.1:53 | imgs3.hcaptcha.com | udp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | newassets.hcaptcha.com | udp |
| US | 104.19.230.21:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | imgs3.hcaptcha.com | tcp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api2.hcaptcha.com | udp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | tcp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | aus5.mozilla.org | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | newassets.hcaptcha.com | udp |
| US | 104.19.230.21:443 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api2.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | imgs3.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | api.hcaptcha.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | cdn.discordapp.com | udp |
| US | 1.1.1.1:53 | cdn.discordapp.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 1.1.1.1:53 | gateway.discord.gg | udp |
| US | 1.1.1.1:53 | gateway.discord.gg | udp |
| US | 1.1.1.1:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 1.1.1.1:53 | status.discord.com | udp |
| US | 1.1.1.1:53 | status.discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 162.159.138.232:443 | status.discord.com | tcp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 162.159.138.232:443 | status.discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | media.discordapp.net | udp |
| US | 1.1.1.1:53 | media.discordapp.net | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 162.159.134.232:443 | media.discordapp.net | tcp |
| US | 162.159.134.232:443 | media.discordapp.net | tcp |
| US | 162.159.134.232:443 | media.discordapp.net | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | verify.doublecounter.gg | udp |
| US | 1.1.1.1:53 | verify.doublecounter.gg | udp |
| US | 172.67.69.4:443 | verify.doublecounter.gg | tcp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | pki-goog.l.google.com | udp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | analytics-alv.google.com | udp |
| US | 216.239.38.181:443 | analytics.google.com | tcp |
| US | 216.239.38.181:443 | analytics.google.com | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | discord.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | discord.com | udp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 1.1.1.1:53 | incoming.telemetry.mozilla.org | udp |
| US | 34.120.208.123:443 | incoming.telemetry.mozilla.org | tcp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 1.1.1.1:53 | telemetry-incoming.r53-2.services.mozilla.com | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | img-getpocket.cdn.mozilla.net | udp |
| US | 34.120.237.76:443 | img-getpocket.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.amazon.co.uk | udp |
| US | 1.1.1.1:53 | www.vodafone.co.uk | udp |
| US | 1.1.1.1:53 | www.vodafone.co.uk | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.reddit.com | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | www.bbc.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | www.ebay.co.uk | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | getpocket.com | udp |
| US | 1.1.1.1:53 | www-live.waf.digital-prod.vodafoneaws.co.uk | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | reddit.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | www.mozilla.org | udp |
| US | 1.1.1.1:53 | e11847.a.akamaiedge.net | udp |
| US | 1.1.1.1:53 | www.womenshealthmag.com | udp |
| US | 1.1.1.1:53 | www.womenshealthmag.com | udp |
| US | 1.1.1.1:53 | www.hellofresh.co.uk | udp |
| US | 1.1.1.1:53 | www.hellofresh.co.uk | udp |
| US | 1.1.1.1:53 | gtm-uk.www.bbc.co.uk.pri.bbc.co.uk | udp |
| US | 1.1.1.1:53 | www.mozorg.moz.works | udp |
| US | 1.1.1.1:53 | hearst-hdm.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.theguardian.com | udp |
| US | 1.1.1.1:53 | www.timeout.com | udp |
| US | 1.1.1.1:53 | d7ul7sko65u1c.cloudfront.net | udp |
| US | 1.1.1.1:53 | edition.cnn.com | udp |
| US | 1.1.1.1:53 | www.businessinsider.com | udp |
| US | 1.1.1.1:53 | www.businessinsider.com | udp |
| US | 1.1.1.1:53 | f.shared.global.fastly.net | udp |
| US | 1.1.1.1:53 | www.wired.com | udp |
| US | 1.1.1.1:53 | www.wired.com | udp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | time.com | udp |
| US | 1.1.1.1:53 | h2.condenast.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 1.1.1.1:53 | www.independent.co.uk | udp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.inverse.com | udp |
| US | 1.1.1.1:53 | www.theatlantic.com | udp |
| US | 1.1.1.1:53 | www.theatlantic.com | udp |
| US | 1.1.1.1:53 | na-eu.atlanticmedia.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.cntraveller.com | udp |
| US | 1.1.1.1:53 | www.cntraveller.com | udp |
| US | 1.1.1.1:53 | theconversation.com | udp |
| US | 1.1.1.1:53 | www.cnet.com | udp |
| US | 1.1.1.1:53 | www.cnet.com | udp |
| US | 1.1.1.1:53 | www.theverge.com | udp |
| US | 1.1.1.1:53 | www.theverge.com | udp |
| US | 1.1.1.1:53 | n.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | news.sky.com | udp |
| US | 1.1.1.1:53 | e10653.e12.akamaiedge.net | udp |
| US | 1.1.1.1:53 | www.forbes.com | udp |
| US | 1.1.1.1:53 | www.forbes.com | udp |
| US | 1.1.1.1:53 | www.houseandgarden.co.uk | udp |
| US | 1.1.1.1:53 | www.houseandgarden.co.uk | udp |
| US | 1.1.1.1:53 | m.sni.global.fastly.net | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 1.1.1.1:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 104.26.6.148:443 | verify.doublecounter.gg | tcp |
| US | 1.1.1.1:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.36.165.17:443 | tiles-cdn.prod.ads.prod.webservices.mozgcp.net | tcp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| US | 1.1.1.1:53 | uk.hotels.com | udp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| US | 1.1.1.1:53 | analytics.google.com | udp |
| GB | 142.250.179.238:443 | analytics.google.com | tcp |
| GB | 142.250.179.238:443 | analytics.google.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | firefox.settings.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.54:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.59:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | canonical-bos01.cdn.snapcraftcontent.com | udp |
| US | 91.189.91.43:443 | canonical-bos01.cdn.snapcraftcontent.com | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.55:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | api.snapcraft.io | udp |
| GB | 185.125.188.58:443 | api.snapcraft.io | tcp |
| US | 1.1.1.1:53 | _http._tcp.security.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | se.archive.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 1.1.1.1:53 | security.ubuntu.com | udp |
| US | 91.189.91.82:80 | security.ubuntu.com | tcp |
| SE | 194.71.11.163:80 | se.archive.ubuntu.com | tcp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | example.org | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 8.8.8.8:53 | detectportal.firefox.com | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 34.107.221.82:80 | detectportal.firefox.com | tcp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | ipv4only.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |