Malware Analysis Report

2024-10-16 06:26

Sample ID 240621-vlxj6sybjd
Target https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D
Tags
antivm
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

Threat Level: Likely benign

The file https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D was found to be: Likely benign.

Malicious Activity Summary

antivm

Changes its process name

Checks CPU configuration

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-21 17:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-21 17:05

Reported

2024-06-21 17:36

Platform

ubuntu2004-amd64-20240611-en

Max time kernel

1799s

Max time network

1678s

Command Line

[xdg-open https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/virtio0/drm/card0 /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/virtio0/drm/renderD128 /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/self/fd/113 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1942/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1388/attr/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2065/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2337/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1550/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/106 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/124 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1728/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/1896/status /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/self/task/1941/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/122 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1951/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/84 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1839/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2338/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1561/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1575/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/mounts /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1896/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/fd/116 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/120 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1506/root /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-goa-volume-monitor N/A
File opened for reading /proc/1938/cmdline /usr/bin/dbus-daemon N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://www.googleadservices.com/pagead/aclk?sa=L&ai=C5fh6mrJ1Zo2xF5fjhcIPvO2CqQv6g8fBeOenq4_xErCQHxABIABgu6a7g9AKggEXY2EtcHViLTYyMTk4MTE3NDcwNDkzNzGgAZbJ6MspqQL8Qvyp4uyxPqgDBMgDCqoEpQNP0OpES14WF4uKxzzumcP9ibcB7Nbsgi06l_7FyeW321yBpR6jkt2Cwi2S6gyEHQD4seP9m9uwjPj9qFPc6PboktS2tLqCALR5nxUqyWAiavojX4j0in0Yi1rLGRdy_OGbcOa55MVYcgFGVNiOIzK8HmC617F5r2rpXrfGisWO_5ANhNPKMMvsDuKJFGA81DLtWDn9HowiOB9c6uIdp3DeLVI9OBG-W9xR5L0incK4Tjc5XJB0GfpG5Efu-SiD-nSEO1_FYGaT1C4DTmerYPRgsFPnClgjiRy56nCYMQUjVFEuWW8qcA0CCd_ZDx-IEbC1NWI8kcj7kfv8tjHP4-ZOL1Ge4b7L5zDbFhKKIzeB148MvCOt7CmCst987pDD66HoMb3rKqbBA64CyUyMSnuSibLUeSjLzdb1KjeZxiBN52z7W4BRaW4PpxNGIwnkma2s7jlM63tMjX1b8iyPQ7t5Nr4OBlEkP_WvnVXWt9_5cS8X2Boa8iDnb76mNqzrguHGK0krcHj18HkqKBvop6lwdBPYlHr7lwVkmnp9tweR8it4QA0qkgUKCBNoAni-_ODXBKAGboAHloG5qwSIBwGQBwKoB-u2sQKoB_mxsQKoB4C6sQKoB-edsQKoB-idsQKoB-q3sQKoB6e1sQKoB--1sQKoB_C1sQKoB4KqsQKoB4QIqAeo0huoB7YHqAex3BuoB6SasQKoB5GfsQKoB-aasQKoB_i_sQKoB7CbsQKoB66xsQKoB-a8sQKoB6aqsQKoB-a3sQKoB8q6sQKoB-zAsQKoB_2ysQKoB_e4sQKoB_i4sQKoB_SZsQKoB_i_sQKoB4HGG6gH_K-xAqgHq8UbqAfmnbECqAe3obECqAfetbECuAgB0gguCICAgJAEEAIYWjICoAQ6Do_QgICAgASAwICAgKABSNmg0jVQFFjI1ZDklu2GA_IIH2NhLXl0LWhvc3QtcHViLTU2MDgwOTAyNzE1ODMzNzOaCSRodHRwczovL3NlaWJlcnNwYWNlLm9yZy9pbnNpZGUtb3V0LTKxCf1Yzn-XGkPFyAkAyAmKApgLAaELGz8IO5ScZj-6C1UIARAFGAQgCCgBMAZAAUgAWAFgAGgAcAGIAQCYAQGiASgKGyAD2rgEFTITOhEKDygwSP_wr4OlBpgZAbggAXAB0AEBqAIFwAICqAEB2AEBgAIBiAIG0AsSmg0BEqoNAkdCuBP___________8BsBQBwBWBgIBA0BUB2BUBmBYB4hYCCAGAFwGKFxgIAxgBIAEoATABOAFAAUgBUAFYAWACcAGgFwGpF-c9WT_R9m0MuhcEKAAwAA&num=1&cid=CAESD-D2U58Q2mOJPm1V_vhIvw&sig=AOD64_25N5X5Cw7ZGKQ4qu4x4yM7QoeOvA&ms=%5BCLICK_MS%5D&adurl=https://seiberspace.org/inside-out-2%3Futm_content%3Dtarget10%26utm_device%3Ddesktop&nb=8&nx=%5BNX%5D&ny=%5BNY%5D&dim=%5BDIM%5D]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20597 -prefMapSize 234760 -appDir /usr/lib/firefox/browser {d15e337b-6be5-4624-8f54-4dcf711f8176} 1506 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20227 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {caf3e165-4552-45dc-8306-f538a91d31bc} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26696 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {73ba0840-9abe-4575-acee-fcc6eff3adb7} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 29438 -prefMapSize 234760 -appDir /usr/lib/firefox/browser {cc1b1aa4-37c3-4359-a77c-ec99cd8ea00b} 1506 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25736 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {942ec28e-4506-4091-ac20-d77f5d1d1b4e} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25736 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {405b1b30-2972-4e1b-b603-5e03de95bab8} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25736 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {875dfb36-f540-445c-849f-ca4851444519} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 25736 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7b0d5240-8449-41fe-9289-263529def6d0} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 7 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {6fbc18b4-168d-479c-a84a-33ab756db815} 1506 true tab]

/usr/bin/speech-dispatcher

[/usr/bin/speech-dispatcher --spawn --communication-method unix_socket --socket-path /root/.cache/speech-dispatcher/speechd.sock]

/bin/sh

[sh -c type espeak > /dev/null 2>&1]

/bin/sh

[sh -c type mbrola > /dev/null 2>&1]

/bin/sh

[sh -c type espeak > /dev/null 2>&1]

/bin/sh

[sh -c type espeak-ng > /dev/null 2>&1]

/bin/sh

[sh -c type mbrola > /dev/null 2>&1]

/bin/sh

[sh -c type curl > /dev/null 2>&1]

/bin/sh

[sh -c type epos-say > /dev/null 2>&1]

/bin/sh

[sh -c type say > /dev/null 2>&1]

/bin/sh

[sh -c type pico2wave > /dev/null 2>&1]

/bin/sh

[sh -c type llia_phon > /dev/null 2>&1]

/bin/sh

[sh -c type mbrola > /dev/null 2>&1]

/bin/sh

[sh -c type /opt/swift/bin/swift > /dev/null 2>&1]

/usr/lib/speech-dispatcher-modules/sd_espeak-ng

[/usr/lib/speech-dispatcher-modules/sd_espeak-ng /etc/speech-dispatcher/modules/espeak-ng.conf]

/usr/lib/speech-dispatcher-modules/sd_generic

[/usr/lib/speech-dispatcher-modules/sd_generic /etc/speech-dispatcher/modules/mary-generic.conf]

/usr/lib/speech-dispatcher-modules/sd_dummy

[/usr/lib/speech-dispatcher-modules/sd_dummy /etc/speech-dispatcher/modules/dummy.conf]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 8 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {45916866-1f66-4cd9-90be-29f5dadf91f4} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 9 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {a8bb585a-687d-414d-908d-9244d8505b64} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 10 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {1e89b76d-a970-48cb-bb9d-591d1cab7209} 1506 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 11 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {5948724a-7ccd-42a5-9289-44afd226796d} 1506 true tab]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 12 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {661109b3-df93-4606-9724-9463abe0cbe2} 1506 true tab]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 13 -isForBrowser -prefsLen 25879 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {eb77e954-d330-4e9e-9a9d-9ad32a0bb0e8} 1506 true tab]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 32999 -prefMapSize 234760 -appDir /usr/lib/firefox/browser {e93e01c7-762c-4081-bec5-76ebe8aed331} 1506 true rdd]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 14 -isForBrowser -prefsLen 28649 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {0643b36d-4862-45db-bde4-7fc198e53177} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 15 -isForBrowser -prefsLen 28649 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {f41d4d2d-6302-46eb-a250-1ff15d9432b8} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 16 -isForBrowser -prefsLen 28773 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {247cf46e-2a53-4add-888a-60202ebea512} 1506 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 17 -isForBrowser -prefsLen 28773 -prefMapSize 234760 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {a19b048a-0486-4406-ac94-b48bfe1e7b51} 1506 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 seiberspace.org udp
US 1.1.1.1:53 seiberspace.org udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 104.21.95.12:443 seiberspace.org tcp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 52.42.69.239:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 104.21.95.12:443 seiberspace.org udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
GB 142.250.178.2:443 securepubads.g.doubleclick.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 www.clarity.ms udp
US 1.1.1.1:53 www.clarity.ms udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 13.107.246.64:443 www.clarity.ms tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
GB 142.250.178.2:443 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 consent.cookiebot.com udp
US 1.1.1.1:53 consent.cookiebot.com udp
GB 92.123.143.152:443 consent.cookiebot.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 consentcdn.cookiebot.com udp
US 1.1.1.1:53 consentcdn.cookiebot.com udp
GB 23.218.75.88:443 consentcdn.cookiebot.com tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 x.clarity.ms udp
US 1.1.1.1:53 x.clarity.ms udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 x.clarity.ms tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 c.clarity.ms udp
US 1.1.1.1:53 c.clarity.ms udp
US 1.1.1.1:53 imgsct.cookiebot.com udp
US 1.1.1.1:53 imgsct.cookiebot.com udp
US 1.1.1.1:53 c-msn-com-nsatc.trafficmanager.net udp
GB 23.218.75.88:443 imgsct.cookiebot.com tcp
IE 68.219.88.97:443 c.clarity.ms tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 c.bing.com udp
US 1.1.1.1:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 1.1.1.1:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 12d8559ac0d60658620aa5672754dbff.safeframe.googlesyndication.com udp
US 1.1.1.1:53 12d8559ac0d60658620aa5672754dbff.safeframe.googlesyndication.com udp
GB 142.250.200.1:443 12d8559ac0d60658620aa5672754dbff.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
GB 142.250.200.1:443 12d8559ac0d60658620aa5672754dbff.safeframe.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 www.google.co.uk udp
US 1.1.1.1:53 www.google.co.uk udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 142.250.179.228:443 www.google.com tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 142.251.5.156:443 stats.g.doubleclick.net tcp
GB 216.58.204.67:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
BE 142.251.5.156:443 stats.g.doubleclick.net udp
GB 216.58.204.67:443 www.google.co.uk udp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
GB 142.250.178.2:443 securepubads.g.doubleclick.net tcp
US 1.1.1.1:53 s-part-0036.t-0009.t-msedge.net udp
US 1.1.1.1:53 e110990.dsca.akamaiedge.net udp
US 1.1.1.1:53 e110990.dsca.akamaiedge.net udp
US 13.107.246.64:443 s-part-0036.t-0009.t-msedge.net tcp
GB 92.123.143.130:443 e110990.dsca.akamaiedge.net tcp
US 1.1.1.1:53 0d6d4fe24c3364fa3b06258b652afde4.safeframe.googlesyndication.com udp
US 1.1.1.1:53 0d6d4fe24c3364fa3b06258b652afde4.safeframe.googlesyndication.com udp
GB 142.250.200.33:443 0d6d4fe24c3364fa3b06258b652afde4.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
GB 142.250.200.33:443 0d6d4fe24c3364fa3b06258b652afde4.safeframe.googlesyndication.com udp
US 1.1.1.1:53 cdn.ampproject.org udp
US 1.1.1.1:53 cdn.ampproject.org udp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 csi.gstatic.com udp
US 1.1.1.1:53 csi.gstatic.com udp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com tcp
US 172.217.4.35:443 csi.gstatic.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 www.disneyinternational.com udp
US 1.1.1.1:53 www.disneyinternational.com udp
US 1.1.1.1:53 disneyinternational.com udp
GB 52.84.90.31:443 www.disneyinternational.com tcp
GB 52.84.90.31:443 www.disneyinternational.com tcp
US 1.1.1.1:53 analytics.disneyinternational.com udp
US 1.1.1.1:53 analytics.disneyinternational.com udp
US 1.1.1.1:53 a2.disneyinternational.com udp
US 1.1.1.1:53 a2.disneyinternational.com udp
US 1.1.1.1:53 e96944.c.akamaiedge.net udp
GB 104.86.111.50:443 analytics.disneyinternational.com tcp
US 1.1.1.1:53 e96944.g.akamaiedge.net udp
GB 88.221.135.192:443 a2.disneyinternational.com tcp
US 1.1.1.1:53 sw88.go.com udp
US 1.1.1.1:53 sw88.go.com udp
US 1.1.1.1:53 go.com.ssl.d1.sc.omtrdc.net udp
IE 66.235.152.156:443 sw88.go.com tcp
US 1.1.1.1:53 survey.112.2o7.net udp
US 1.1.1.1:53 survey.112.2o7.net udp
IE 66.235.152.221:443 survey.112.2o7.net tcp
US 1.1.1.1:53 www.disney.co.za udp
US 1.1.1.1:53 www.disney.co.za udp
GB 104.86.110.11:80 www.disney.co.za tcp
GB 104.86.110.11:80 www.disney.co.za tcp
GB 104.86.110.11:443 www.disney.co.za tcp
US 1.1.1.1:53 static-mh.content.disney.io udp
US 1.1.1.1:53 static-mh.content.disney.io udp
US 1.1.1.1:53 lumiere-a.akamaihd.net udp
US 1.1.1.1:53 kaltura.akamaized.net udp
US 1.1.1.1:53 kaltura.akamaized.net udp
US 1.1.1.1:53 cdnapisec.kaltura.com udp
US 1.1.1.1:53 cdnapisec.kaltura.com udp
US 1.1.1.1:53 a.dilcdn.com udp
US 1.1.1.1:53 a.dilcdn.com udp
US 1.1.1.1:53 dcf.espn.com udp
US 1.1.1.1:53 dcf.espn.com udp
US 1.1.1.1:53 a.espncdn.com udp
US 1.1.1.1:53 a.espncdn.com udp
US 1.1.1.1:53 a851.w10.akamai.net udp
US 1.1.1.1:53 a147.d.akamai.net udp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 104.124.162.180:443 static-mh.content.disney.io tcp
GB 23.223.125.165:443 cdnapisec.kaltura.com tcp
US 1.1.1.1:53 edge-geo.nc0.co udp
GB 104.86.110.176:443 a.espncdn.com tcp
GB 95.101.129.33:443 kaltura.akamaized.net tcp
GB 2.19.117.76:443 lumiere-a.akamaihd.net tcp
US 2.18.190.71:443 a.dilcdn.com tcp
IE 52.51.219.145:443 dcf.espn.com tcp
IE 52.51.219.145:443 dcf.espn.com udp
US 1.1.1.1:53 cdn.cookielaw.org udp
US 1.1.1.1:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 1.1.1.1:53 tredir.go.com udp
US 1.1.1.1:53 tredir.go.com udp
US 3.218.233.241:443 tredir.go.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 1.1.1.1:53 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com udp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 disneyinternational.com udp
US 1.1.1.1:53 disneyinternational.com udp
US 34.117.188.166:443 contile.services.mozilla.com udp
GB 52.84.90.20:443 disneyinternational.com tcp
US 1.1.1.1:53 disneyinternational.com udp
US 1.1.1.1:53 e96944.c.akamaiedge.net udp
US 1.1.1.1:53 e96944.c.akamaiedge.net udp
US 1.1.1.1:53 e96944.g.akamaiedge.net udp
US 1.1.1.1:53 e96944.g.akamaiedge.net udp
GB 104.86.111.50:443 e96944.c.akamaiedge.net tcp
GB 88.221.135.192:443 e96944.g.akamaiedge.net tcp
US 1.1.1.1:53 disneyinternational.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 34.160.144.191:443 content-signature-chains.prod.autograph.services.mozaws.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 20.114.190.119:443 clarity-ingest-eus2-e-sc.eastus2.cloudapp.azure.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp

Files

/root/.cache/speech-dispatcher/pid/speech-dispatcher.pid

MD5 1dda3427e83fac7e788dd2ba20d7f0c4
SHA1 eb633b8dbdd1d81c1f2a38357995d6afa4648c7e
SHA256 d1f64cd7e77264ac50318660fee2f1dcb3024efe306c3d301be3f3c69ab55409
SHA512 9c19bf840e26729f2936da69d29be75dddb0408415c89b824eefe2560c6c3fcf48b8218203640f57c8d42bddc5eff615bbd413800523698ce647330f7a6caad3

/root/.cache/speech-dispatcher/log/speech-dispatcher.log

MD5 1950936bcfcf13afd63194bb1c67a25a
SHA1 8bebbb2fa48b76028312314c1e51a55934014808
SHA256 bead681f58799432447053c314cdbd483f146e9ea8749b0e2702696c9a73c18d
SHA512 0405a7d1284b9f4ec2ed826cdbec9b0ef4ba4cedc0e64bba6377fd38832a97ef2e119d7e81dfc7d476dec3bd18bda979a43627516349399be61f7bccb9830874

/root/.cache/speech-dispatcher/log/espeak-ng.log

MD5 ef84f4e65f11da983c74a7bb8edb00e4
SHA1 6a6b59b99ceba44216cfa42e5be6a1d641615ded
SHA256 f56bc2309418b8e3f485b18fa4cc2a641912f03a08e3555387faa6fb925ca547
SHA512 85019f18beeea67e60030755b3181fc3305eaade197200bd37a956dab9c4aea9ca0006f350c9def753c2036ddf851822733e9a050829b563624e9fec52fe784d

/root/.cache/speech-dispatcher/log/mary-generic.log

MD5 7b92a4d1d104620c17b8b007b82f4ea6
SHA1 fd86d4191806d10aa33baa3f47d2251dbacf461e
SHA256 7a0cea6035a30a623000fec0b0b03f597049663dcf103bb47af898a2e5db4966
SHA512 64620869fc6c85c667f7543c5fecc6771756bf2d429295a2c6f3397deab885e373ed2542625de8e67ce696bc506c300c43a14ccb482f628b17e869cb07f0e2d2

/root/.cache/speech-dispatcher/log/dummy.log

MD5 b2b3a649e7e18f578a7d885627764958
SHA1 9581944e1dd494b74896964a2b2db251428849be
SHA256 4d0663e7c2b22f2942d0e8eb992e7cce6350a01bde90d941a4fb1fab1e65065a
SHA512 db150cd21eeea03ae2a4e0a1325f3f5d60343d08de349cb27e1da0a51402301b6271ede58f69377dc0d337e9db1071d5921a4d26f81427b74d361959d2c823e7

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c