Analysis Overview
Threat Level: Likely benign
The file http://X.com was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-16 15:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 15:36
Reported
2024-06-16 15:42
Platform
win10-20240611-en
Max time kernel
233s
Max time network
239s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://X.com"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://X.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.0.888810603\755537925" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20845 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56e53c86-265a-48b3-a1a2-04fbb3cc4955} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 1792 161c03e5458 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.1.929513155\2006508127" -parentBuildID 20221007134813 -prefsHandle 2156 -prefMapHandle 2152 -prefsLen 21706 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {408c1f22-0f3e-4cf3-aabf-3e574cdc89c6} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 2168 161adc72b58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.2.778020287\802399076" -childID 1 -isForBrowser -prefsHandle 3052 -prefMapHandle 3048 -prefsLen 21809 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4dde2a97-8a9f-4237-8c8a-5ab2d7db9789} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 2908 161c0360758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.3.1175774989\405461529" -childID 2 -isForBrowser -prefsHandle 3548 -prefMapHandle 3544 -prefsLen 26214 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f488f9a-7fff-4d35-9dd9-00cf358dbab8} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 3556 161c5073058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.4.766039210\1715695850" -childID 3 -isForBrowser -prefsHandle 4368 -prefMapHandle 4352 -prefsLen 26349 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62110767-1612-49dd-8d8a-dfc3c6e8a434} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4380 161c619fb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.5.571226323\296975011" -childID 4 -isForBrowser -prefsHandle 4624 -prefMapHandle 4608 -prefsLen 26349 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aaad7f2d-9bf3-491c-95d9-6216923f1198} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4516 161c62a3858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.6.1828156375\1831094250" -childID 5 -isForBrowser -prefsHandle 4800 -prefMapHandle 4804 -prefsLen 26349 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0237015e-77ed-485f-9f64-090da34554e3} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4792 161c62a6b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.7.572330305\2082517433" -childID 6 -isForBrowser -prefsHandle 5084 -prefMapHandle 5068 -prefsLen 26354 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a6f60e3c-dd8e-4137-b7f2-ae550d562f3a} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 5056 161c68a8b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.8.1094248588\896167993" -childID 7 -isForBrowser -prefsHandle 5460 -prefMapHandle 5456 -prefsLen 26529 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {688a9d6c-d0fb-47a4-9c28-1b478695da70} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 5468 161c3d99158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.9.187769623\1061734493" -childID 8 -isForBrowser -prefsHandle 5564 -prefMapHandle 5568 -prefsLen 26529 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3dd76ef7-cbfe-4814-9fee-e6bd24e140f9} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 5552 161c6defd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.10.1154222398\178505308" -childID 9 -isForBrowser -prefsHandle 5604 -prefMapHandle 5600 -prefsLen 26529 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a609890-3026-4a25-84b6-cc2a8f26664f} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 2952 161c663c858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.11.534711730\1711623779" -childID 10 -isForBrowser -prefsHandle 5412 -prefMapHandle 2588 -prefsLen 26529 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c4ab48c-5e2d-4dfd-aece-2fadb363d359} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4248 161c6a09058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.12.802823678\785530577" -childID 11 -isForBrowser -prefsHandle 4696 -prefMapHandle 4692 -prefsLen 26873 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9fdb9c94-1e96-49a8-8128-9b158478de9c} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4120 161c3d98858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.13.198285003\1054316131" -childID 12 -isForBrowser -prefsHandle 5876 -prefMapHandle 3484 -prefsLen 26873 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f72af91-7780-4224-b74d-1d3e0a41c519} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 5768 161c81c7758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.14.854398610\425287813" -parentBuildID 20221007134813 -prefsHandle 9904 -prefMapHandle 9908 -prefsLen 26873 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d507bab8-54ae-4f56-a05a-0995b5fea0da} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 9932 161c9043b58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.15.1802552628\621204126" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 8260 -prefMapHandle 8252 -prefsLen 26873 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b2f5f62-321b-4d55-8868-cfe57adebbf4} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 8264 161c9045058 utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.16.544549253\199766138" -childID 13 -isForBrowser -prefsHandle 7872 -prefMapHandle 7840 -prefsLen 26873 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {adc53e9a-669a-4fd3-bcaa-4e5b3a999814} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 3972 161ca2d8758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.17.736152500\2009740057" -childID 14 -isForBrowser -prefsHandle 7728 -prefMapHandle 7724 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c698c4f-115c-4948-9a81-f615e0e1a59e} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 2924 161c62a3858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.18.559731541\1681194308" -childID 15 -isForBrowser -prefsHandle 2672 -prefMapHandle 7620 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7471fe3b-1340-448e-94b1-710c5ebd8839} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 7968 161c4286b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.19.1634612292\536156423" -childID 16 -isForBrowser -prefsHandle 9732 -prefMapHandle 9736 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8559f7b8-8144-4142-9745-a006697beefe} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 9744 161ca2d8158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.20.792481362\621885705" -childID 17 -isForBrowser -prefsHandle 5184 -prefMapHandle 5192 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a453c318-8eb6-467a-9c43-6d7154c0a9c1} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 4240 161c47c4e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.21.320715060\1398509951" -childID 18 -isForBrowser -prefsHandle 3492 -prefMapHandle 3500 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d76face5-084f-40d5-9465-4fb8d1478492} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 7572 161c7058a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.22.718947717\1120174582" -childID 19 -isForBrowser -prefsHandle 5256 -prefMapHandle 4856 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e98178f8-1ef5-4d68-85c4-79fd0f7f13e6} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 3888 161ca1a8c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2996.23.265625346\766155465" -childID 20 -isForBrowser -prefsHandle 3528 -prefMapHandle 7520 -prefsLen 26882 -prefMapSize 233444 -jsInitHandle 1172 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed4a991b-a559-4b5f-b19f-0d48f2a4dbea} 2996 "\\.\pipe\gecko-crash-server-pipe.2996" 7924 161c951e158 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | x.com | udp |
| US | 104.244.42.1:80 | x.com | tcp |
| US | 8.8.8.8:53 | x.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | x.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:49789 | tcp | |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.117.188.166:443 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 52.42.69.239:443 | shavar.prod.mozaws.net | tcp |
| US | 104.244.42.1:443 | x.com | tcp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | 1.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | cs510.wpc.edgecastcdn.net | udp |
| US | 8.8.8.8:53 | cs510.wpc.edgecastcdn.net | udp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs-0.twimg.com | udp |
| US | 8.8.8.8:53 | abs-zero.twimg.com | udp |
| US | 8.8.8.8:53 | abs-zero.twimg.com | udp |
| US | 104.244.43.131:443 | abs-zero.twimg.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| US | 104.244.42.194:443 | tpop-api.x.com | tcp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| US | 8.8.8.8:53 | 131.43.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 23.52.176.139:443 | appleid.cdn-apple.com | tcp |
| US | 8.8.8.8:53 | e2885.e9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e2885.e9.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 139.176.52.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.181.250.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:49798 | tcp | |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| GB | 199.232.56.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| US | 8.8.8.8:53 | platform.twitter.map.fastly.net | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.x.com | udp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| PL | 93.184.221.165:443 | t.co | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| PL | 93.184.221.165:443 | t.co | tcp |
| US | 104.244.42.67:443 | analytics.x.com | tcp |
| US | 104.244.42.67:443 | analytics.x.com | tcp |
| US | 8.8.8.8:53 | wr.x.com | udp |
| US | 8.8.8.8:53 | wr.x.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.56.232.199.in-addr.arpa | udp |
| DE | 142.250.186.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.186.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 165.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.186.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 110.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| DE | 142.250.186.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 142.250.185.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 68.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| DE | 142.250.185.142:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| DE | 142.250.185.142:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 142.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| DE | 142.250.185.174:443 | plus.l.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| DE | 142.250.185.174:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | 195.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.185.250.142.in-addr.arpa | udp |
| DE | 142.250.186.110:443 | play.google.com | tcp |
| DE | 142.250.186.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | tcp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | tcp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | tcp |
| DE | 216.58.206.46:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 46.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| DE | 142.250.185.97:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| DE | 142.250.185.97:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 97.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| DE | 142.250.186.131:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| DE | 142.250.186.131:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 131.186.250.142.in-addr.arpa | udp |
| DE | 142.250.185.174:443 | plus.l.google.com | udp |
| DE | 142.250.186.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| DE | 142.250.185.97:443 | lh3.googleusercontent.com | tcp |
| DE | 142.250.185.97:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | adservice.google.co.uk | udp |
| US | 8.8.8.8:53 | 66.185.250.142.in-addr.arpa | udp |
| NL | 216.58.206.66:443 | adservice.google.co.uk | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| DE | 216.58.206.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 34.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.206.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| DE | 142.250.186.78:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| DE | 142.250.186.78:443 | encrypted-tbn1.gstatic.com | tcp |
| DE | 142.250.186.78:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| DE | 142.250.186.78:443 | encrypted-tbn3.gstatic.com | udp |
| DE | 142.250.186.78:443 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | 78.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 142.250.185.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 142.250.185.214:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 214.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| DE | 142.250.184.238:443 | encrypted-tbn2.gstatic.com | tcp |
| DE | 142.250.184.238:443 | encrypted-tbn2.gstatic.com | tcp |
| DE | 142.250.184.238:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| DE | 142.250.184.238:443 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | 238.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| DE | 142.250.185.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| DE | 142.250.185.238:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | dyna.wikimedia.org | udp |
| US | 8.8.8.8:53 | dyna.wikimedia.org | udp |
| US | 8.8.8.8:53 | 238.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wikimedia.org | udp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| US | 8.8.8.8:53 | wikimedia.org | udp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| NL | 185.15.59.224:443 | wikimedia.org | tcp |
| US | 8.8.8.8:53 | wikimedia.org | udp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| US | 8.8.8.8:53 | 240.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.wikimedia.org | udp |
| NL | 185.15.59.224:443 | login.wikimedia.org | tcp |
| US | 8.8.8.8:53 | intake-analytics.wikimedia.org | udp |
| NL | 185.15.59.224:443 | intake-analytics.wikimedia.org | tcp |
| US | 8.8.8.8:53 | 201.64.52.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpop-api.x.com | udp |
| DE | 142.250.185.68:443 | www.google.com | udp |
| DE | 142.250.185.174:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 173.222.13.219:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | e13678.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e13678.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| DE | 142.250.186.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 219.13.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.vidyard.com | udp |
| US | 151.101.129.181:443 | play.vidyard.com | tcp |
| US | 8.8.8.8:53 | p.shared.global.fastly.net | udp |
| US | 8.8.8.8:53 | a1449.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | p.shared.global.fastly.net | udp |
| US | 8.8.8.8:53 | a1449.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | cdn-dynmedia-1.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | e81481.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| NL | 23.62.61.129:443 | e81481.dsca.akamaiedge.net | tcp |
| NL | 23.62.61.129:443 | e81481.dsca.akamaiedge.net | tcp |
| NL | 23.62.61.129:443 | e81481.dsca.akamaiedge.net | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | e81481.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 181.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.15.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | publisher.liveperson.net | udp |
| US | 151.101.1.192:443 | publisher.liveperson.net | tcp |
| US | 8.8.8.8:53 | liveperson.map.fastly.net | udp |
| US | 8.8.8.8:53 | liveperson.map.fastly.net | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | greenid-prod-pme.eastus2.cloudapp.azure.com | udp |
| US | 52.167.30.171:443 | greenid-prod-pme.eastus2.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | lpcdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | greenid-prod-pme.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 23.36.169.159:443 | c.s-microsoft.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | e13678.dscg.akamaiedge.net | udp |
| US | 34.120.154.120:443 | lpcdn.lpsnmedia.net | tcp |
| US | 8.8.8.8:53 | emea.lpcdn.lpsnmedia.livepersonk.akadns.net | udp |
| US | 8.8.8.8:53 | emea.lpcdn.lpsnmedia.livepersonk.akadns.net | udp |
| US | 8.8.8.8:53 | e13678.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 192.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.154.120.34.in-addr.arpa | udp |
| US | 34.120.154.120:443 | emea.lpcdn.lpsnmedia.livepersonk.akadns.net | udp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 23.36.168.235:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 52.182.143.208:443 | browser.events.data.microsoft.com | tcp |
| US | 52.182.143.208:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | onedscolprdcus04.centralus.cloudapp.azure.com | udp |
| US | 52.167.30.171:443 | fpt2.microsoft.com | tcp |
| US | 8.8.8.8:53 | onedscolprdcus04.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.143.182.52.in-addr.arpa | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | www.tm.ak.prd.aadg.akadns.net | udp |
| IE | 40.126.31.73:443 | www.tm.ak.prd.aadg.akadns.net | tcp |
| US | 8.8.8.8:53 | www.tm.ak.prd.aadg.akadns.net | udp |
| US | 8.8.8.8:53 | www.tm.v4.a.prd.aadg.trafficmanager.net | udp |
| US | 8.8.8.8:53 | www.tm.v4.a.prd.aadg.trafficmanager.net | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | sni1gl.wpc.alphacdn.net | udp |
| US | 8.8.8.8:53 | sni1gl.wpc.alphacdn.net | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus04.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e11290.dspg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e11290.dspg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | outlook.live.com | udp |
| GB | 52.97.133.210:443 | outlook.live.com | tcp |
| US | 8.8.8.8:53 | olc-g2.tm-4.office.com | udp |
| US | 8.8.8.8:53 | olc-g2.tm-4.office.com | udp |
| GB | 52.97.133.210:443 | outlook.live.com | udp |
| US | 152.199.21.175:443 | sni1gl.wpc.alphacdn.net | tcp |
| US | 8.8.8.8:53 | 210.133.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| IE | 20.50.80.213:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | onedscolprdneu08.northeurope.cloudapp.azure.com | udp |
| IE | 20.50.80.213:443 | onedscolprdneu08.northeurope.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | onedscolprdneu08.northeurope.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | 213.80.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus05.eastus.cloudapp.azure.com | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 687b4d688cf7e986add28629fdbc268e |
| SHA1 | 3525e02352ad18274ce8da8900c68160d11cde98 |
| SHA256 | 336276046cdde4459f1da07aeacdfcaab6440a4cd0010985718e38de092bb195 |
| SHA512 | 3123ffe001fda35ac61564a73c8e83976814692086e8213f6a9b1e33d99bf22dc9a5951b7fdcc8711d1791510fea27d879cbde84e0bb5c5791aceaabb0ef292a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\44ef33c9-f992-4f57-a65c-6dd5e0f07fc9
| MD5 | b340e3198423600aa1835b22bc5e170a |
| SHA1 | a45f637adee42ef716a716103b2a9c0fd27a874a |
| SHA256 | 9001a3d5868dbeb0de3d6d89ce1af85719300d9ba9e8fb694abb1074dbbbdb4d |
| SHA512 | b88140ab1a6d2d72152bfd145ec5dc1aab4b836dba272c17086f969d613f473f32c957daf27830016e24947eae0d0a02e521a11aa55cad46820848db5895aef4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 7395148148b2299e148661ef061548e0 |
| SHA1 | 27c2d98ab0ffa009a55d3fb2a3d4a64b12f2eb98 |
| SHA256 | 855558421a80419a6264e667e277e450a70f1b58d606b11859fbd6875091efc7 |
| SHA512 | d28596e54a7ddf1260298783f02262712b3c17d2d8e648b2bcff51c5d0de0d59fe33ac459c3faa6cfc4160c6537a296f297e6059c3b1cb3d8f8dd8e616bfe096 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\e95542fe-4976-42cc-97ce-1a3eeed56c72
| MD5 | 92ec5a41778e9dcdcb7e95aa54360375 |
| SHA1 | 2c8aae069a0a99302243e7fc8b3261e2604f5328 |
| SHA256 | 92c009fce470585e124a7211fdec13eb53d593e0679dc4342f1ac22d2e55372f |
| SHA512 | f3890d170a21735b48e61cc264ec8dd8897fbfc8262a5e4c1ebb39c674f0030cee1a9c2095c5ac173ffc35d06457506b13a8835cf545c885c863c7dd26da2cf6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 29b225dc0e81bc9f8a25f6320acd4398 |
| SHA1 | 8b5a0c767cd0c87436e32857d5e101fa5f6a36cb |
| SHA256 | db94e1080123dd1c7be337f5e1bf2708516cd020c4cf2cbbf33bd3156db41664 |
| SHA512 | af1789152ec389cbec775430d75d446e705cda159ab813bdfd2051b902cf9920d346015f794aca5fea485f2e084f6b23a1d149152e0cdd3c00b3dae6de635335 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | c460716b62456449360b23cf5663f275 |
| SHA1 | 06573a83d88286153066bae7062cc9300e567d92 |
| SHA256 | 0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0 |
| SHA512 | 476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | 8bc2e195a2c128bccfcdc7611615067a |
| SHA1 | 6ddef1d003ce3d6978ce818901dd22a8cb0ae153 |
| SHA256 | 725021c989b88606f1656587df91b89c062f2b8c2ab3eaa6969be6ad53207bc2 |
| SHA512 | 6de21e9a9d7fa1fcdd25bfa58990b87b3b00c2dcbd2677512c30957d99d7ae14eed3415ba46cfeac05149e4cb8929fc8fc0ee0a1bb446d4dfa3a500b49d4ee59 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 42738df0be6783aaf63cc2578ce10fc3 |
| SHA1 | 95d10dc551a2acedb3aea3fb734c668c76105c0a |
| SHA256 | fea161ec0bf5d6aa66324ec04e34154f73ff2caa6b5e15bcf5be92ebbe84201b |
| SHA512 | 8934fcc43cc4cc1edb9d67496dd4860b89cdcd60f68e917c0d9218e8478e871b4068251d0df40af8522c1f00d8dc90cfd9928dd289202baeec91fb5efb8aabc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c5ef46f5d19e2f43d760a54b6673f1e8 |
| SHA1 | 301cc4619fbe7693c1cd6858825b61860733122e |
| SHA256 | c9fd438e9480ca1d71a31a984accc2525b6a26c66eb97b5274802b393d0946d0 |
| SHA512 | 0f46dfb8b5756519845f9361f5770da5c066532af9fb9220e774ef009a8ce5fb1c70c243a52075314e6835919bbdf4e158ab5a61aaec22a5f4e9443710275a7d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4de4cec0d9ee7a0f76fbb96a1232c359 |
| SHA1 | 3b70d7a909021ab36b12eda4b53a40eae6789879 |
| SHA256 | ccf0f20d345d5f03e64795a5a7dff77e5ead523910d938273a3cf6726714d072 |
| SHA512 | c432f850f3027a9ef5e0accb17952e99304a6322dc44b0131c3f1a7a00ca87c26068e30b6590c5a5d9ba4a82aeb3c46aeb36e9fe1c2e63e2b359a38060693a80 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 734b4719767b5c6374ec02c53139b88c |
| SHA1 | 278550ee85e55c3eb237f89c259322b347dbd2d8 |
| SHA256 | 4cd3c82f63a1a29ecd9ac29eeb40a1993bfcb03d09d806bf0f31a8eebf3eb9c9 |
| SHA512 | 5552be16d7e505b6aeacf406065314f1035c07049ee0263536f90bdd9c2003aef8cc64f49a4d4aefed2d5977044de93a482817bd37386694e6890842db22b0e5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f7412236008107b72e789f6fd8ece17b |
| SHA1 | 47adc2f3e63d6af6885dfbc4552b90b76a70f89c |
| SHA256 | 12409715bfe92c24c991ffc7d622bf71b98babc4677a0f844b3776853afe780f |
| SHA512 | 36ff118accb981b880a80514cacb7b3a47ea9bf81173ec9748c1e15d19938f3378373148e8f212d43ec57718fc901cc5b518b9ac4537a3f7661f6156c95842d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 3b20bddfa74653cac4f1a683e68544fb |
| SHA1 | 04621dab8432b12fc21d3851efbf3077efe9420d |
| SHA256 | 651c08ccada3819f05d26ae7e9ed65de1cdef84afcf2695b89ef2623ac1924ce |
| SHA512 | 4303603008cc57b88a92b850774cee0ab2e983af2d7c6d1ab9128453d28d1b1835e37ed5e619dd3520ef83e44a7f787fb458991ac77c68afb3e4cf0c8c4489f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 122c98aa22d81080eaa6cec77a4e0a3c |
| SHA1 | 7704eb0b5ddb58ecae5aaf0efadc20dcae3c7b60 |
| SHA256 | 1909e45af32098ec120de56ee2ece7e5060033190f912765a9e9d61d31d6a59e |
| SHA512 | 5c01481635224bb5da01700e270d2a630720ad628bb26399aec0bd8d93132492080f5bfa9f687f0e217b4705c533df0d07a00ff9b7e4a680c1b7ccbc7f125095 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 67c27ec6f609aadffdf4938247f9ca10 |
| SHA1 | 64f2e16b4bf3ac02b61fa1ee027af5b8d87c74b3 |
| SHA256 | 2ceec96527a1dda4399c1092b8aeb35d18a717ffce22c3d2a326ee964265778b |
| SHA512 | c2b35247ff25f8a42089f08a56cc6132ff4eac9438b0b327680333ca15650dc14b8d4b88e2ea180a220fcb9c2f0124dde94cefce50a2754521355d81cadae5be |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 18a042feb4ac428c4b40ba10e14a3a84 |
| SHA1 | 56b96a38e2fa2b0e3bd3f004a54ea21d92c12232 |
| SHA256 | ed5ccb7bd50e079a6b1b7e4dd010fbfa5e15ec6d80f1da627ebec96242cf32cb |
| SHA512 | 49eef7454e74211059da760a6cc97f10eccb5a3eb6cc70eadb14b7a7304b52845a472ede84b790034d7b404df17131dbb1ce190b4b7c6c134a5765417850aa0e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\5375DD0009847655391CC997544C8FA60EC621D8
| MD5 | 1e9eebea5acb56652808813f5143c308 |
| SHA1 | 35b15329e03fa91b9ad76124c6b3d0ffca1a8a9c |
| SHA256 | 2f9e9ae98552de2f3bb6f18b0e332c3bdfc1d773e5df1be4a2cf167064bfdb4a |
| SHA512 | ce082d56eb6e9699af5eec7450fc975cee57351f30b6ebf32dd7a2b0acecfb89219a97d041289499a3357a71c3942267d46e664556dba1567985c784718d45b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\5076
| MD5 | 070c20c68e4dd338582aa98cd1924092 |
| SHA1 | ec006904d38d82a1020db542a28a9e3f21d42b30 |
| SHA256 | 5fb7b7db5d786228164efbc30573b19c04eb932d78b5501cc11fa569a60d410a |
| SHA512 | e5a494f59b40f0d747eb59f333af2639ef8216230d9664e1a5d424cef9754b2feb7b56149629d0146e2add6dbb7e68f45c5a4d460a68a7a3ea73a1e7f937baea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 042c9fa8d4ee512c6a0e34f6162c4d8d |
| SHA1 | 59adda952796f5de044d1f842e7292c208253780 |
| SHA256 | 44f3d6d4db9e1f4d7ff9b55a503555d1b0437f9bf3f02936418eb21478d09122 |
| SHA512 | a5c96e351addd2c9e84857a036071af410bc1d74c8d21501538a80b2775f147d93fb8d375f04efe432fcd8834b75f87e628b2fd2a10c2ebf2dd6fd3e001cae39 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\16650
| MD5 | 460a4bd2c1613147d0d1b12bd5e102bd |
| SHA1 | 2d9d61c4ab710c64108818c1e90bba43a014144d |
| SHA256 | 1651c206e9a42c0dee9a67c26aab3b936e4c7cf6f3fd8fb45e871cdf0c2c6c60 |
| SHA512 | ad22a56b9f09025071068bdc9a0d5b4bbe3656b01e9e5242205d5837d4918d0178863d97d6b0d7b16101dd42a44fd19d12ad45c4ea449acbdcdf72f0e8d3ace7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 309d95392878a34b3cf27249588b2875 |
| SHA1 | 69f6a96518ea23e7e7c1b59b8892cb33efdf72ae |
| SHA256 | d2ab21e1934862af04fe3d5c89eb82050bb219a1f8fcef5e640d75d11219a7d1 |
| SHA512 | 96a1d43e748e6373389cae4a2e8d4f00e9a09bdb1fd9970883c3e453665629fea9b0c7e803bc68604f6fd0fbe1b401c0c97c7309cc901a3ed83deb5ccf61b291 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 2b90d3372dc783185f13f2350151d834 |
| SHA1 | 64d06285a966b22ec1b72816c9625ec373ae5432 |
| SHA256 | 35bf3a5cf14537ea1d11502575b5412f149a70dbe84e94e428a8193085105db0 |
| SHA512 | d9f0bc570c1a0b2aa9cab05c6a56e39c5aae67e8a6361dd329e917a9934a1d0ab8509f352855dd3e3af1ade7f191f00688d9a20d548ae1b883cdb7ace9384701 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | c7508c014bf8ca07da623abe9b899681 |
| SHA1 | 9baa91ca955e13b60d0a07712dd5e9896df84f6d |
| SHA256 | 1e65a2d039cfa2b85c46aa1b36bc232cfbdf186d03c4ac3f3cf71e31161a5b39 |
| SHA512 | 16314781d87d7d3bac5972c7686cddcc842488ef25218b58aa85fa4a22214eaad5c4ad9c47898ff3115a945aa7ea46a74ec17e360b09e55df5f2446fb785025d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 74496face65d52d996143fdd9c60565d |
| SHA1 | e9bc8b6e41ff2bc12060236016506db25845b30f |
| SHA256 | 2e1a48eeabb1453757032626c8c65e67c0d272b63a807cd46a43fa3ce79c1c54 |
| SHA512 | 9b43e4c6bb90d310090c2df4c103227ae84c3a7bf440de8dfdade3bd72af1d1bfc5ef39cc0ffce8a76af489845d06291a0f87cc4c12367187b2c9a279eb6dd31 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\3628DBC7780F1AD69D37367111D111F23328B22C
| MD5 | 2d2f4a4ef3725a261c985fec972d97c4 |
| SHA1 | d6490b6e033aeb9910f1211e6fa8d668fd207b6a |
| SHA256 | 622dedc92d6f51fb67ac22b6500204f53b5bf183190d7b5c01bad04d7c119c64 |
| SHA512 | 2acde121c268a8665a2029330bef26f7666a5a5e0dedea8d6500c64407a57d9ba9d1458c5676972bcd3aa5f43556296bbb702021ad413e5b301c821ae232f036 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\BAAEBF58F8B9F7B71E2DA8E70640EB1F84EACC68
| MD5 | 75efc36e9ec5d7073ab6a0725d528f70 |
| SHA1 | 0f9fcdbfabff318697f5552b173dbf59e1fae8eb |
| SHA256 | ed60f73736b1556cb3c592a6081745729725555d76662ba24e1dfe24897ed47f |
| SHA512 | ca430374c9aa7a39d0bb6ead9f8078269c5065da387c1dde9fee855f86d8eb487d3e0349cbea107322b10e210bc697dca1099d077745abd1fe083e0972933df5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\7136
| MD5 | 60ad5944ddc7ecbf4a054b446d1bca06 |
| SHA1 | 5af2c5d239edaa2796fe87d10b8fe4aa0e90094e |
| SHA256 | 3336ed5613fbf6558209ce02fa297642a86dd24563bad53a758388bb44c7ba8f |
| SHA512 | bce8172a501f03a6f04f015353d8179c974063628dd80c4ea542d9ab623250ed2264b29078fce9f23f77534c1be249d8a46412bb79f6524385b9b81c4a192038 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\1AE988AA66BEA53E8AA3F948435F1118DAB6E1DD
| MD5 | 8c55da11990c35a8a29de0a3e16c9832 |
| SHA1 | e7b1ed4bbe2c9bc5c35860da3741671b8bd4f891 |
| SHA256 | accfa5280a8f6c27c4aba755d535fa16aab739efa9b892f7c336cb4b710f18ab |
| SHA512 | 481d05fcdb14b3ef4378e91b89daadda8782620fd58e8fd1c40d61c41eede912395b21088d6ce0a718c5d3581a03ba421ea3c25186f3cd4999deea5160531c62 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\storage\default\https+++publisher.liveperson.net^partitionKey=%28https%2Cmicrosoft.com%29\idb\3037861058lBpDCtonnes.sqlite
| MD5 | b9353e121225412143a418e0d7679ad2 |
| SHA1 | 0041477fa564fbd6169a75d2966262327eee16be |
| SHA256 | 0d4fe8815f46ce9429a0e234acf67cf19625252017f3bf4897f293432d11364c |
| SHA512 | 13510c7bf576c9b443e47fe9a7963215424cd3a0ebb0c4090b0b86afecc26b3d90e0c0af13b880102004280ace46913b20821a855e9eca04794436016e7cd014 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 796586e45e9d5f646feb96d0970e8213 |
| SHA1 | b64bf9a7d65a8893da5c44720592d11cbb4d380a |
| SHA256 | 4023431a0abe0d16b930173410f799b0149514429ef6296f7f6856490edc29c4 |
| SHA512 | 39730de958fa9d978e1f385e651421e88521bff8a688ea5cbb12e6c41926ada00c720514a657f5075a8219c2f1ae76bf1a7c2d725ed412a9ab556f02335d30e5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bc8923eafe172d7d31f2b5d824710a2a |
| SHA1 | 925c889af46af9fd53eb0dd686342b7588c6ba3f |
| SHA256 | baca8c6b6e08b605246ac905f8abc859b758cc617b82de4a47f216229556d6e3 |
| SHA512 | 2519807fb754667a0b721f101dd24f410c4377088a36c32fc873c8ae2e601a87cf3e6e4edc9d29d47e2f9ac586310976ef64e7482c96c425a2fee7d88cada0c5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | bddca1179aca67361e6e088a74315049 |
| SHA1 | 418296fdc566b9ea027b7359dc9b1e52c97656aa |
| SHA256 | b71d9eca5883586e1ca3e2ff2a8fb4d587c61c571ad7355ed963c1d13054aa85 |
| SHA512 | c3ca1eda4209ab459dfaec76510b215e9ecf57ca7fa40cabacd93a42e58b79a5b17e58fe1a79807c54bf132569d96329a27095ff2146e81ff2af2f075382e475 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore.jsonlz4
| MD5 | eab84ff346bb7588e917325ba8760c6a |
| SHA1 | fb66c3b6e040b2a67d8a240f65aa9e881c6a2963 |
| SHA256 | f03406803d18028d9def2dff6e7e75ced6a58319beb8d7deef6b3cf691b03a4b |
| SHA512 | 348f2edabf57112c13973c00fc43e859f14b48c1407f93b1e59a8b40eb40bb6269d9a046db939009e1e373960b889dafb5b84cfd792e98bc6443470676c32084 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 1388eeb7286d3659a73710f9f86a8bf1 |
| SHA1 | d6d2cc71d8ae5acf346d8d23e678e695e205b44c |
| SHA256 | cecea5f5b0635f9baea560eb8e28dd2918ac17866c08df132787f5f42e7fabd1 |
| SHA512 | 77a99e46f81ad370bf24b417c4e7c608faf0de3b3b4dad471644c31050c651de0e8820bb20ca6189b0de12cbdfc80324debe8969558cc31985132a679d473176 |