Analysis Overview
SHA256
3491a946bea7d927d02ae2a28b1001f40a3058f9ec98266f3dc34d472b746a17
Threat Level: Known bad
The file 30fcff7add11ea6685a233c8ce1fc30abe67044630524a6eb363573a4a9f88b8.7z was found to be: Known bad.
Malicious Activity Summary
Babuk Locker
Renames multiple (1405) files with added filename extension
Deletes shadow copies
Credentials from Password Stores: Windows Credential Manager
Drops startup file
Enumerates connected drives
Drops file in Windows directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Checks SCSI registry key(s)
Checks processor information in registry
Interacts with shadow copies
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-24 16:07
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-24 16:07
Reported
2024-07-24 16:09
Platform
win10-20240404-en
Max time kernel
127s
Max time network
125s
Command Line
Signatures
Babuk Locker
Deletes shadow copies
Renames multiple (1405) files with added filename extension
Credentials from Password Stores: Windows Credential Manager
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\How To Restore Your Files.txt | C:\Users\Admin\AppData\Local\Temp\30fcff7add11ea6685a233c8ce1fc30abe67044630524a6eb363573a4a9f88b8.exe | N/A |
Enumerates connected drives
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\30fcff7add11ea6685a233c8ce1fc30abe67044630524a6eb363573a4a9f88b8.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\vssadmin.exe | N/A |
| N/A | N/A | C:\Windows\system32\vssadmin.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Processes
C:\Users\Admin\AppData\Local\Temp\30fcff7add11ea6685a233c8ce1fc30abe67044630524a6eb363573a4a9f88b8.exe
"C:\Users\Admin\AppData\Local\Temp\30fcff7add11ea6685a233c8ce1fc30abe67044630524a6eb363573a4a9f88b8.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /c vssadmin.exe delete shadows /all /quiet
C:\Windows\system32\vssadmin.exe
vssadmin.exe delete shadows /all /quiet
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /c vssadmin.exe delete shadows /all /quiet
C:\Windows\system32\vssadmin.exe
vssadmin.exe delete shadows /all /quiet
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\How To Restore Your Files.txt
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.0.746049787\1362833406" -parentBuildID 20221007134813 -prefsHandle 1720 -prefMapHandle 1688 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6913119f-8fee-4f37-b294-97fde1192115} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 1812 20d7f6b2e58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.1.470758210\1972521684" -parentBuildID 20221007134813 -prefsHandle 2140 -prefMapHandle 2136 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {229436f0-0054-457f-bc57-d73d5c29306c} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 2168 20d7c06fb58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.2.321195702\1101448515" -childID 1 -isForBrowser -prefsHandle 2752 -prefMapHandle 2852 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e60e16db-8b81-411c-a8fd-d2f3fdfdb096} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 2856 20d0b3a0458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.3.1039188971\253746285" -childID 2 -isForBrowser -prefsHandle 3448 -prefMapHandle 3440 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8379c91-3d98-4f32-81f6-c606a2707018} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 3468 20d0b93bd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.4.13290909\1983670767" -childID 3 -isForBrowser -prefsHandle 4336 -prefMapHandle 4332 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97baed6f-c943-465f-b152-cf47268d1023} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4348 20d0d0da958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.5.168808167\2008343560" -childID 4 -isForBrowser -prefsHandle 4820 -prefMapHandle 4772 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {76c074db-b19a-4ee9-96c7-c0c5ec5f3733} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4828 20d0b99a158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.6.328168418\1123393117" -childID 5 -isForBrowser -prefsHandle 4964 -prefMapHandle 4968 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0d60b87-e0a7-4212-8596-1ab24bff1384} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4956 20d0d3c4358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.7.378015120\1058533004" -childID 6 -isForBrowser -prefsHandle 5164 -prefMapHandle 5168 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94b16aa5-c116-4614-ba49-d4f4749c0264} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 5156 20d0dc24e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.8.1977145651\673241553" -childID 7 -isForBrowser -prefsHandle 5384 -prefMapHandle 5888 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4e0ab4c2-f3ef-4b7d-a93c-6c7520b24446} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 5884 20d0f336e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.9.1523088412\622392267" -childID 8 -isForBrowser -prefsHandle 5272 -prefMapHandle 5288 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1c5964d7-c77e-42e0-9fff-c0e9bf9c3900} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 5296 20d0e79da58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.10.421249330\1093752379" -childID 9 -isForBrowser -prefsHandle 9896 -prefMapHandle 4632 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f77b4256-213a-4229-b594-86510cbb324c} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9884 20d10bdb858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.11.1932056691\951760072" -childID 10 -isForBrowser -prefsHandle 4416 -prefMapHandle 5776 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ce29438-9dce-4d7f-b2df-6f864cffa395} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 5784 20d7c062558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.12.728997056\457899186" -childID 11 -isForBrowser -prefsHandle 9564 -prefMapHandle 9560 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4df3ae03-25c7-45b5-b4c3-5398dd7134be} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9576 20d10c2fc58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.13.929297014\993567499" -childID 12 -isForBrowser -prefsHandle 4388 -prefMapHandle 9340 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc8526ae-3fb9-4bc9-97dc-973f80704493} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9312 20d10f98e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.14.493062398\2044271331" -childID 13 -isForBrowser -prefsHandle 9324 -prefMapHandle 9328 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f6376409-ec9f-4cfd-a943-508b6d580c1b} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9296 20d10fef358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.15.1627707274\1278103546" -childID 14 -isForBrowser -prefsHandle 8996 -prefMapHandle 9000 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0b7e4ed-e5b6-4c83-b3a7-c06441f95e60} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8988 20d0b742a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.16.1553801851\1252827736" -childID 15 -isForBrowser -prefsHandle 9092 -prefMapHandle 9088 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06ae4fd9-29de-4249-aa2d-456235fff8c6} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8644 20d10fef658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.17.1470311865\123982049" -childID 16 -isForBrowser -prefsHandle 9012 -prefMapHandle 9068 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dbd4cd43-dc56-4397-9ab3-abfba21044da} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9020 20d10fef058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.18.1141554141\759878182" -childID 17 -isForBrowser -prefsHandle 9028 -prefMapHandle 8856 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {743ac45e-e6dd-4662-9a5c-def23a6318d2} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8636 20d1148ce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.19.995468229\164578148" -childID 18 -isForBrowser -prefsHandle 8404 -prefMapHandle 8556 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a4fcdfd-e232-4512-9197-9bca26b3139f} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8296 20d1149c258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.20.778922031\411912964" -childID 19 -isForBrowser -prefsHandle 8184 -prefMapHandle 8196 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {243c491e-3a42-4e34-b886-fede453262a9} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8312 20d1149d758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.21.1684777640\2020994768" -childID 20 -isForBrowser -prefsHandle 7980 -prefMapHandle 7976 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {28b3d9ba-f13b-4b36-840e-89440b879453} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 7892 20d1149f858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.22.695935626\970446063" -childID 21 -isForBrowser -prefsHandle 9372 -prefMapHandle 8880 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25ffa24d-2890-4a0c-bee8-42bc721fdb24} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9176 20d0f7be958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.23.773161249\43175486" -childID 22 -isForBrowser -prefsHandle 9460 -prefMapHandle 9184 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0eda9f85-be61-4684-bbba-6480349aa6fa} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9372 20d0f58b158 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.24.284800433\16922380" -childID 23 -isForBrowser -prefsHandle 9592 -prefMapHandle 9452 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7bab43c4-35b5-438b-8730-0affa931e26e} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8700 20d0fa69658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.25.406231177\80777064" -childID 24 -isForBrowser -prefsHandle 9524 -prefMapHandle 9520 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {081beadc-21a2-4768-a978-e85842929d04} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4304 20d0faa8558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.26.119588457\2133096430" -childID 25 -isForBrowser -prefsHandle 5432 -prefMapHandle 4956 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43745e75-629f-4831-9e59-99632f958439} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9436 20d0f6fc958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.27.607438663\859102994" -childID 26 -isForBrowser -prefsHandle 2592 -prefMapHandle 9520 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f0faf045-137c-47c4-9b40-76882f126ff5} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9608 20d1022c758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.28.119478810\785610649" -childID 27 -isForBrowser -prefsHandle 8380 -prefMapHandle 9928 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6023c9f6-1e0d-4840-a73c-cb2b1ee80cfe} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4592 20d101f7658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.29.1831281102\1352074595" -childID 28 -isForBrowser -prefsHandle 9232 -prefMapHandle 9228 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {efad909d-d297-4647-bc73-02ce8d1de101} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9220 20d10e93658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.30.1294271351\645372597" -childID 29 -isForBrowser -prefsHandle 9284 -prefMapHandle 9536 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2a69c03-0aa7-47fa-b355-b91a8094992d} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 8724 20d10e92a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.31.948133073\1736276968" -childID 30 -isForBrowser -prefsHandle 9972 -prefMapHandle 4532 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab1724b9-eda3-4106-a70d-1deb90b80b2d} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 4720 20d116b8b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.32.2034756476\476240221" -childID 31 -isForBrowser -prefsHandle 9204 -prefMapHandle 5080 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {440a33db-0c4e-42a9-847c-b54bd18af419} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9508 20d0f285358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.33.1020936806\373662259" -childID 32 -isForBrowser -prefsHandle 5304 -prefMapHandle 9196 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b0713fc-45d3-4c0c-a11a-e999fd06ea00} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9828 20d0f283258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.34.1303976817\1073931949" -childID 33 -isForBrowser -prefsHandle 8760 -prefMapHandle 8416 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7820996f-9974-45eb-9c3f-880ac09fe140} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 5152 20d0f285958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4400.35.558523549\1017417595" -childID 34 -isForBrowser -prefsHandle 9812 -prefMapHandle 9828 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1316 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {03c0f53e-a1b1-4a32-a888-abdff1e7f10f} 4400 "\\.\pipe\gecko-crash-server-pipe.4400" 9796 20d1149f858 tab
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:50971 | tcp | |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.192.238.44.in-addr.arpa | udp |
| N/A | 127.0.0.1:50977 | tcp | |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | imgur.com | udp |
| US | 8.8.8.8:53 | imgur.com | udp |
| US | 199.232.192.193:443 | imgur.com | tcp |
| US | 8.8.8.8:53 | imgur.com | udp |
| US | 8.8.8.8:53 | d3c8j8snkzfr1n.cloudfront.net | udp |
| US | 8.8.8.8:53 | ced.sascdn.com | udp |
| US | 8.8.8.8:53 | js.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | s.imgur.com | udp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| US | 199.232.192.193:443 | s.imgur.com | tcp |
| US | 8.8.8.8:53 | stretchsquirrel.com | udp |
| US | 199.232.192.193:443 | s.imgur.com | tcp |
| US | 199.232.192.193:443 | s.imgur.com | tcp |
| US | 199.232.192.193:443 | s.imgur.com | tcp |
| US | 8.8.8.8:53 | a1184.b.akamai.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 151.101.64.193:443 | js.assemblyexchange.com | tcp |
| US | 8.8.8.8:53 | medialab.map.fastly.net | udp |
| GB | 18.245.206.96:443 | d3c8j8snkzfr1n.cloudfront.net | tcp |
| US | 8.8.8.8:53 | a1184.b.akamai.net | udp |
| US | 104.18.24.111:443 | stretchsquirrel.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | medialab.map.fastly.net | udp |
| US | 8.8.8.8:53 | d3c8j8snkzfr1n.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3c8j8snkzfr1n.cloudfront.net | udp |
| US | 8.8.8.8:53 | a1845.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | stretchsquirrel.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | a1845.dscb.akamai.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | stretchsquirrel.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.18.24.111:443 | stretchsquirrel.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | js.media-lab.ai | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 193.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.192.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.64.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.206.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| GB | 18.244.155.61:443 | js.media-lab.ai | tcp |
| US | 35.201.64.137:443 | ads.assemblyexchange.com | tcp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | js.media-lab.ai | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | d162h6x3rxav67.cloudfront.net | udp |
| US | 8.8.8.8:53 | o435357.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | ads.assemblyexchange.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.imgur.com | udp |
| US | 8.8.8.8:53 | js.media-lab.ai | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 34.120.195.249:443 | o435357.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | ads.assemblyexchange.com | udp |
| US | 199.232.196.193:443 | api.imgur.com | tcp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | o435357.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | o435357.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 35.201.64.137:443 | ads.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 34.120.195.249:443 | o435357.ingest.sentry.io | udp |
| GB | 2.18.190.144:443 | a1184.b.akamai.net | tcp |
| GB | 2.18.190.145:443 | a1845.dscb.akamai.net | tcp |
| GB | 52.84.90.96:443 | d162h6x3rxav67.cloudfront.net | tcp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| GB | 18.165.242.4:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | xeno-soswcrde4a-uc.a.run.app | udp |
| US | 8.8.8.8:53 | 61.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.64.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.242.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 216.239.34.53:443 | xeno-soswcrde4a-uc.a.run.app | tcp |
| US | 216.239.34.53:443 | xeno-soswcrde4a-uc.a.run.app | tcp |
| US | 8.8.8.8:53 | xeno-soswcrde4a-uc.a.run.app | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | xeno-soswcrde4a-uc.a.run.app | udp |
| US | 8.8.8.8:53 | cobaltoverture.com | udp |
| US | 8.8.8.8:53 | p.imgur.com | udp |
| US | 199.232.192.193:443 | p.imgur.com | tcp |
| US | 104.18.25.111:443 | cobaltoverture.com | tcp |
| US | 8.8.8.8:53 | cobaltoverture.com | udp |
| US | 216.239.34.53:443 | xeno-soswcrde4a-uc.a.run.app | udp |
| US | 8.8.8.8:53 | cobaltoverture.com | udp |
| US | 104.18.25.111:443 | cobaltoverture.com | udp |
| GB | 52.84.90.86:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.18.25.111:443 | cobaltoverture.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.180.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | 53.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.90.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 216.239.34.53:443 | xeno-soswcrde4a-uc.a.run.app | udp |
| GB | 142.250.180.14:443 | www3.l.google.com | udp |
| GB | 142.250.180.14:443 | www3.l.google.com | udp |
| GB | 142.250.180.14:443 | www3.l.google.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 35.201.64.137:443 | ads.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| GB | 18.154.87.148:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.154.87.148:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.154.87.148:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.154.87.148:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | openrtb-us-east-1.axonix.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 155.204.117.12:443 | openrtb-us-east-1.axonix.com | tcp |
| US | 8.8.8.8:53 | openrtb-dc11.axonix.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 20.253.0.30:443 | sync.inmobi.com | tcp |
| IE | 54.73.255.200:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| IE | 52.95.126.160:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | openrtb-dc11.axonix.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel-sync.trafficmanager.net | udp |
| US | 8.8.8.8:53 | 4f60845b27126ff51022f103eaa2d8d8.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel-sync.trafficmanager.net | udp |
| GB | 142.250.187.225:443 | 4f60845b27126ff51022f103eaa2d8d8.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| GB | 142.250.187.225:443 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 52.73.59.20:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 52.45.1.83:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| IE | 34.250.15.254:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 70.42.32.127:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| DK | 37.157.6.254:443 | c1.adform.net | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 89.149.192.196:443 | ssbsync.smartadserver.com | tcp |
| JP | 124.146.153.150:443 | tg.socdm.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.87.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.126.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.255.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.117.204.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.0.253.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | ds-pr-bh.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | m.deepintent.com | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.15.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.59.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.1.45.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.150.197.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ds-pr-bh.ybp.gysm.yahoodns.net | udp |
| US | 8.8.8.8:53 | m.deepintent.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| JP | 124.146.153.150:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | track.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | track.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | tg.dr.socdm.com | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tg.dr.socdm.com | udp |
| US | 8.8.8.8:53 | mp.imgur.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 199.232.196.193:443 | mp.imgur.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.15.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.213.1:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 100.24.231.128:443 | qvdt3feo.com | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| GB | 23.46.73.76:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| GB | 216.58.213.1:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.73.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.231.24.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 34.120.195.249:443 | o435357.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ced.sascdn.com | udp |
| US | 8.8.8.8:53 | medialab.map.fastly.net | udp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| US | 8.8.8.8:53 | a1845.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | medialab.map.fastly.net | udp |
| US | 8.8.8.8:53 | a1184.b.akamai.net | udp |
| US | 8.8.8.8:53 | a1845.dscb.akamai.net | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ads.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | js.media-lab.ai | udp |
| US | 8.8.8.8:53 | merequartz.com | udp |
| US | 8.8.8.8:53 | adserver.adtech.advertising.com | udp |
| US | 104.18.24.111:443 | merequartz.com | tcp |
| US | 8.8.8.8:53 | merequartz.com | udp |
| US | 8.8.8.8:53 | fp30c8.wpc.thetacdn.net | udp |
| US | 8.8.8.8:53 | fp30c8.wpc.thetacdn.net | udp |
| US | 152.199.19.33:443 | fp30c8.wpc.thetacdn.net | tcp |
| US | 8.8.8.8:53 | merequartz.com | udp |
| US | 104.18.24.111:443 | merequartz.com | udp |
| US | 8.8.8.8:53 | cs-rtb.minutemedia-prebid.com | udp |
| US | 8.8.8.8:53 | s.hb.selectmedia.asia | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| GB | 54.192.137.24:443 | cs-rtb.minutemedia-prebid.com | tcp |
| US | 8.8.8.8:53 | dheoaz9svaqd1.cloudfront.net | udp |
| DE | 142.132.249.187:443 | s.hb.selectmedia.asia | tcp |
| US | 8.8.8.8:53 | s-unoadsrv-com.geodns.me | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| DE | 54.93.109.96:443 | match.sharethrough.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | dheoaz9svaqd1.cloudfront.net | udp |
| US | 8.8.8.8:53 | s-unoadsrv-com.geodns.me | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 8.8.8.8:53 | 5eb07a8ec7204f870b29c6d4adf90109.safeframe.googlesyndication.com | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | 33.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.109.93.54.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | 5eb07a8ec7204f870b29c6d4adf90109.safeframe.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | 5eb07a8ec7204f870b29c6d4adf90109.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | imgsync-amsfpairbc.pubmnet.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| NL | 198.47.127.18:443 | imgsync-amsfpairbc.pubmnet.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| IE | 52.19.15.103:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | imgsync-amsfpairbc.pubmnet.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | cs.minutemedia-prebid.com | udp |
| IE | 52.16.74.63:443 | cs.minutemedia-prebid.com | tcp |
| US | 8.8.8.8:53 | cs.digbearings.com | udp |
| US | 8.8.8.8:53 | cs.digbearings.com | udp |
| IE | 52.16.74.63:443 | cs.digbearings.com | tcp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.15.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.74.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 74.125.21.120:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | 120.21.125.74.in-addr.arpa | udp |
| US | 74.125.21.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 89.149.192.196:443 | ssbsync-euw1.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 69.166.1.66:443 | iad-2-sync.go.sonobi.com | tcp |
| GB | 108.156.39.10:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | 10.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 104.18.24.111:443 | merequartz.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | ads.assemblyexchange.com | udp |
| US | 8.8.8.8:53 | js.media-lab.ai | udp |
| US | 8.8.8.8:53 | api.imgur.com | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
| US | 152.199.19.33:443 | fp30c8.wpc.thetacdn.net | tcp |
| US | 8.8.8.8:53 | e0fe9bd9793f79b88f934fa58d12e884.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | e0fe9bd9793f79b88f934fa58d12e884.safeframe.googlesyndication.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 142.250.187.225:443 | e0fe9bd9793f79b88f934fa58d12e884.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ipv4.imgur.map.fastly.net | udp |
Files
\Device\HarddiskVolume1\Boot\da-DK\How To Restore Your Files.txt
| MD5 | 4696310ca321ce5a34e879b4e8b0611a |
| SHA1 | 89082071a1e6d3379a923ef6a39903cc05dfe495 |
| SHA256 | 1f366b81cfa615b53eb24345d09abee973b2b82778f5f21f8ee31fbe13e7d92a |
| SHA512 | 94bfbe6b23e73435a30c6f1bb94970bf9eaa1d9cea0e38d654e23be28ff3802dbabb3984087784a3a99b12f6517389378f1d4c3016b15b6b05a498293480c7d5 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PRICache\4183903823\2290032291.pri
| MD5 | b8da5aac926bbaec818b15f56bb5d7f6 |
| SHA1 | 2b5bf97cd59e82c7ea96c31cf9998fbbf4884dc5 |
| SHA256 | 5be5216ae1d0aed64986299528f4d4fe629067d5f4097b8e4b9d1c6bcf4f3086 |
| SHA512 | c39a28d58fb03f4f491bf9122a86a5cbe7677ec2856cf588f6263fa1f84f9ffc1e21b9bcaa60d290356f9018fb84375db532c8b678cf95cc0a2cc6ed8da89436 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\pending_pings\b36c6b8f-d371-4dd2-9af9-df9f205323ec
| MD5 | 025ca7ea17ba65659c3522091ea2c088 |
| SHA1 | d2c7cee2b6afdcf25960b52fb803efadd83da315 |
| SHA256 | 7ea27703ead16444511cb2abd5d90acf5267bb027c6607bc27747e1c7927bc8a |
| SHA512 | ba0018ac62c697cc2e9ffd2f513a444ebb742ec7d9ebb9b89cd7e1f737c627824401aba799e53b7fd9a9fb2d7de54b8088127dfe107f182fa12a660d490eddfe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\pending_pings\3fdd84d4-10da-476d-8120-3e45246158fc
| MD5 | 86fc2f91592b8599f10832bf83a0b5df |
| SHA1 | 9615c4f6c9a83d065b3625bf5341b25fe0fc8d02 |
| SHA256 | 02fa30e289ad913af08393ce01a528eb58b1e936df7105b5600f74af5579b758 |
| SHA512 | 337eccbff0b9aa1ca14a803a90e2067809a6163b4259dc9610e9c81d5f25bfd234ab599a79f97848679e6f00549e1da719fd0d77da3e99d9a3d8ad6a1dae6d99 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\db\data.safe.bin
| MD5 | e31a969ce4ee4d6a1a0074f1b3c71e08 |
| SHA1 | 685bc4d734c448a6441cc70af1eaa8d14e9688d1 |
| SHA256 | 647ca20a5e846521697ce5ba34883b0311fee2008b8cc8362800c1e662334b5a |
| SHA512 | eb1095de67fd543912beb7408a4093b4236b385a64ffac6ec25bdae25d7a5b5d903d7a32f106c0e9ec3d4cb7a953191b882bc4cee78436f151f8717f9633ea95 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs.js
| MD5 | d36dd95191ed0fc50ec5124db7460588 |
| SHA1 | ae80052282f8598f6d53e63ffc7673198a70ccee |
| SHA256 | 57c4dcfdfd173858252d8d22279a30f42b9f7d37d6ed4bf30020c5caca59ebba |
| SHA512 | b37423cfca856fa3f24a8e368caa27aedea2e3c8a5525c9a0ed80a6dad6bfaa9e4f9805c79be7d4b92d94d40ed6693bc1488cbf7480edc22c77a4eedb0c32583 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 731c0e733fe1e3123d366af7c8e578ae |
| SHA1 | 9756304ea773dd9cd96e5996dc79de2ed6a9ae9c |
| SHA256 | 8f426b4be5e3440fa14d37480f018b7dc3d1a547b0e91c2fbfc6e31d9054a359 |
| SHA512 | d29e0f2356a3226f64692b390c122d4d70f09f677d9f5d086f2babaeba6574d670171edb24ff52f928871ec489680f57910e21fac1ca8ec08783a07d21b1f427 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs.js
| MD5 | 2d392cdfcd0cf1f62883d393a79f8b60 |
| SHA1 | 10731794dd4fcd531c786258d9b1c56795c37388 |
| SHA256 | 56f3d24f0d4a6f891d794456ce194da396a31f70c65cbf5ca0c426960cfbaf8f |
| SHA512 | e14aded4031479c36430c3affdb83855e46d7d5d9833e39b07614f424087003ae00e565b98d6ec2976676570625bd640673c7c2680ff83fcfa099484dee20d3e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\default\https+++imgur.com\idb\2926346687feisraebbaatsaed--hte.sqlite
| MD5 | 6000796965b6657d7880bf15d1cf73e5 |
| SHA1 | a119f457828d4140028671612ce8db3e59920fed |
| SHA256 | 35da9425f197bf5e71c931269cbe244832e5e29a6ee9f7d251acab5d44618eb1 |
| SHA512 | 5ef55de84fe9514044cfe390fb746e077da82bba39d051d85edb424e98fdcf17c26b71ade4d272cb468cfd99b5f8821a93047a11a21f4d8325a416dcf037268a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | dac5ee4cca19e866e4b4f5e27c584980 |
| SHA1 | 58d1660339ed2ef369402adbcd531f7fe6b65b75 |
| SHA256 | 50c1a92b2a90fd15765e9ec942542f9e0199192d50a497780882f92e82066b95 |
| SHA512 | 7ccffe3d05c894dda7c337e1c769a62ff84987ba8c05989ecd6c5f8366980a09f0e6948530f856089e4d11d9f6567cd17b918b08b208f45b1f46ff51bb9e0747 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 772e3a4355d270fc9f8adb3611c6f157 |
| SHA1 | f9eb1e64c3f85104d5a1a3abf117b824f0cc6f94 |
| SHA256 | d939e55353ac581a03352e7dfd56caae2db33ad2b67d9bec90211d7ea6f891b7 |
| SHA512 | 27da97246c379c8df1dd11ee5d79b7d10debdcef7ea3ace1d1ad743082e7f15b96ec6441ca3154b107aa115d7a86902e2cded52636f018b4ede37d2d99303e55 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\8983
| MD5 | 34043dfd1a7a043bad32f824450eb2d5 |
| SHA1 | b66594b7421cb1c7a3b1a55ddd07b94ccd9b1e67 |
| SHA256 | b3eb306083025360dd3c56475d41ada50a5f70987ddac8b1656474fcc622d31b |
| SHA512 | c4cd39383b6992b66622d2529eb00c4e5c83d74e85e5bf6f1246d4d61fbf5055baa5a115369de6db9786035f0727161707b397dcdd9bdcf1733cfc027378bd6e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\23292
| MD5 | 4106a2efc88828163d937d41db8f26a2 |
| SHA1 | 7dc441e4a960147e1ff9997d13701b3dde6df69e |
| SHA256 | baeacbb5d6d2e03bf7aeae7a98d7fd307825934c80d226e93fd799523a5c0829 |
| SHA512 | 650663116faad7cc8391982a077bf087ff999b619c44f83fd394abc39d73e0671d41e8a72a5e78f38615b49c083c28c694f01cc5e79b737d4ed8d4754fc22275 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\26108
| MD5 | 75262b6579485247a30445dcce579bbd |
| SHA1 | 1303a8811aeb910013b1ae2c0f57e862876b60b8 |
| SHA256 | 20e403a15a071c6919d78d57b6bdbd7b88c7f1c19fdf5492552637e6e3740894 |
| SHA512 | 98b2eab166f89534aebe6b423340e3243cbd492654fe285b3502a7ea9a1585d869f0031b3e5213b1f1cf893bd8e73efae93e2a67a2276b8fc4aec29d2cdb3d51 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\27130
| MD5 | 72eefdda7c9233322e51489d31759b26 |
| SHA1 | bce4644ee383459aa5a5da608292461796bc859d |
| SHA256 | 4b85951e91f7d69b07c632a946e1a05c03fce0bfdd076dd84f1b75e4b226f218 |
| SHA512 | 7ccb8dd4f9aceed6721cacc11366739c2e1b2e0affef891c9be4e31669547609f8421eac9d7ad0f4dfc977882d1a8570b5e229cbdc9ebb87c7604fe8d49a699c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\3710
| MD5 | bdd7f26c60dc56e75d68d3d17997fe4e |
| SHA1 | c719fe0e2861851456f1d8676ff9a1b321432f1d |
| SHA256 | 71fbd7059f8b195e1e3e36bf5897642d8872f2ca902ad2f95cc0f248db8df4b9 |
| SHA512 | 9d374bc0b386dd192bbbc27baeb0518524b1b2b3ea3a2135dd309ae5fde94670b06c6ec5b046b87e18f5c91462a0bb28aa7f8c0d225daa6195e29b3d05016c69 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\10612
| MD5 | 42f57b7e441426cf629a51cdef5b0a7b |
| SHA1 | 8d9d10749a9a5eeda2b3db284389092c170628f1 |
| SHA256 | d919db20b99d56effc597c583ff467cbb602552f47742a05c3c38050bba71f82 |
| SHA512 | 202cd80f454bb86d3640733ea5006e8987cc6ced7053c1fe3b8d793e42b72938793a3de60b80bf9f115f451cec2bcfe8a71dc255188f99bbadd9136bb9372b5a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\15696
| MD5 | eef34b60ba1796f3bddbebd3442e7937 |
| SHA1 | 7c52d07a2178222fdabd88d27c63a00402f4a61c |
| SHA256 | f5171b541f83bb037dbb513d82b95a067132f6ada8aac8cd3ba944f63a7360d5 |
| SHA512 | f2d067499fac80f16166445008257ef98f97f175426d6abea571301456c07048414a35b2d596d9bcf2c4d94c7d3bf7f5f15871c358de0db9c771a598b83f15b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\3017
| MD5 | a087092c904fd8f507c6687cc5b02164 |
| SHA1 | 2220594302d7f9acbe7aa7a0b17bfe50f7cb8638 |
| SHA256 | a9899b376fe8a266eb8a0e7b1942822f2297b49135fe498b729f0aac96bc908a |
| SHA512 | 1e9b3414c61e1412e4089d8e414e56375e5054f82d02405751c36be2bbbaa917f92ca53de290d3b836c0b661ad9f9dbae124b559655b64998cc336a460fbe5b1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\227BA0E44A82E8EE64366FA896C3668C8A08804B
| MD5 | 5069186b10b1ed54152ca42d20727be4 |
| SHA1 | b89b7e8b676401ac92d65d9fdff79f2c42b10b17 |
| SHA256 | 7d81d6829b11fe70433969e4f8e0e6354c80663117766bd51529c346b9fc99d9 |
| SHA512 | 37a2573c070d6ce604488b5024fa08fc723e6b5dc25e02c9dcece1a27cff49cc3bbd64144912c8c1960f49fc282b51e97975ba54ea2e339221cf6e27ccff7953 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js
| MD5 | 88efa99ee5127e6519688f81b8a475a2 |
| SHA1 | 6b18f3d4c5f4b47eea836b808ee6434e4b86e029 |
| SHA256 | 1f3fec0981458afca1e911dac17697525cc67ee4701db1e0a1300db659deef1c |
| SHA512 | 7c8e52be2542562ba9152b31719e7579b98ca1ff29b72eaf4802d0e23b1f9d1defc7ee47a8566fb095a94cc26c27adeb7b871aaa426420712c7cfe6e0b29ecb2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d491a693c52b9c1de5099cdfeb45d65c |
| SHA1 | 4dccde5157aa757a3d877a442cc9e4e726fd32f6 |
| SHA256 | 8937a33f202691e22fcbfcb7f6be9e64343fee56e1f24567595b4ee097778de8 |
| SHA512 | 6b6acd39e38cc46be4b128e49e4d153e08e3abd2b4552798ee49280ffdde7fafd113d448ba1b5da6e61f699b1cfb534e61dac980acdd4951c5f47cda42bda016 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\DFC53E7C94AE5A235CA013AE98D7B970BAE8AE83
| MD5 | f044e3af8ac95ca16e01ba1afe22311d |
| SHA1 | c9bb1d1a4d3e40a7d4b9c68d70b1660c915c8848 |
| SHA256 | 20c88efa6673f0d4116e691adffa8de477fd82162d2ba57d1a7ba48882e55f80 |
| SHA512 | 2494ef988b52e91c46f570980be931d2a3d7a22793ee9856501917e8c2ba86db9a708cfedf59c3fd7948f2d2487a68930165f87875bb8a4281a99c68a552f2dc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\25366
| MD5 | c766e82ca6a741dddae7036269959bcb |
| SHA1 | ae79bdc29144c280d44e265c4476c2b3bff51c24 |
| SHA256 | c76533c791cc44e7420d00db03ecbb5648b9bfc3d737d2c5fff5efd1b7fef070 |
| SHA512 | 004cf34b6ab612fe07f427bfb46f9712abcff0402e85dff24f3286ed8782b5ecbe0dc7d46591548dd2cbebb70ab4777bc9a723b078b32444cf66451a1b416c47 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\2642
| MD5 | 60806d9ea9e1490111de1f144a3b2fb1 |
| SHA1 | 0c181858b7bc439f46d9a2ce8d167e357741ff27 |
| SHA256 | df7307c412bd55854d160e9141aa8e59e1d2a3aab237ade7e64b0cc7dacd98fb |
| SHA512 | 4338ca9d47873074cf96a549679322631b4320742cd7f69fc73cb9eda2ad2e116802c0886e30bdc92823d1257f13b9f2e2ee555e3c477e14c1c16c0a59e29bf9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\11317
| MD5 | e259d2e88f996062185b0ad735f11d5f |
| SHA1 | 56f4663e9e49dfb4a2aae54ae676eeaabf6d1ef7 |
| SHA256 | b58fcd559fee187cf840289b7e1e69a14b8dbbea28f379bce044974962faadc5 |
| SHA512 | 1392fc42060a780b69da82e77c9c8e6750e0c8889822e84365bbba3fb56dfe28487291189014eea37b5e00b3bf2bc0a87fea32435e49530e28236f2ce1a47709 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\7749
| MD5 | 547360255733db3e39ba01f77686d602 |
| SHA1 | faca65743841d299d6e9092433470e1de6dfd9cf |
| SHA256 | 1ae8c82e645e5849eb9418651de8b36c3bc4de9930a12d485529ad59b2c6e28d |
| SHA512 | 4af5f5512798b898eb91eec1833d1441cc94994bacdb0e0e10492136570a930b52cfe44832b45acbc62db165e485c6c70e7275c3684f0487b26713140cb477c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\27366
| MD5 | 112c44c3677d107a59e908fcd007198e |
| SHA1 | 1ac78c3bac332da7f663798ab1a3b26073ce0d82 |
| SHA256 | 07069325d9ade1be11de3b529e531d0989c650fba3fa23868890898c7ec15a66 |
| SHA512 | d7459d08f32468e6f3f31737d6c66551bc5246bba894dc1747e2caf100a441072859413dd12b9d18fb0e42ceb107d523b64f17f48436edc9a70ea960384ba54d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\592E8EB9DE42B95465ED97DE22293436BB0EF5D4
| MD5 | e69c0e1d7455953f00ebb8a766950d90 |
| SHA1 | 9bde3f9da59ca0f146a0ff08f59882f39784fe4e |
| SHA256 | b481f0f1cc0b7302e596a190f9363f227413ac39bbaba2a224cdbf22097d919a |
| SHA512 | ef337a90af754aea62d8365d9b19e9cfc351553e83c416086827f2c103b8b41b66da8e4e024198228f851bb6f609e3630417ee014dac02420721e9d1d130c10b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\28E2DB8CAB39CFF3369B764B632A7AB6BED3B48A
| MD5 | 8b77ea8599ee8990aaa959821d61b7ec |
| SHA1 | 2930d9382d86f8c123577818de7faf8b192cc0be |
| SHA256 | 91bcd7c42d5af7d8be678d90ccb563ab767e3faa49de36acc5452e46d4da989d |
| SHA512 | 45f85c44451e3109ea747e249aba81b3d7c73ba3e588da2618a03bae0b6bb8b973412eb0054deb6bfdfdaa0d451b4b2ce27dca04a5c1bf0e72d80bbabfcaf38c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\51940E684772D37040AE9FEB9F8B55CF19A74512
| MD5 | 3372ccd358fd5895c30146c78868e95b |
| SHA1 | d4b6d1069c058ae7afc9c0bdfad70fa1d39a862e |
| SHA256 | 3e58073fd0a91d0681323a6e134e2df67cb5e4517c3051828e80b70a1a63c876 |
| SHA512 | cc3c16abc3d7d491d7ac2d11aac31e4232700de1a91ed2e4591bfa1fcff6e820fb620fd60da04682247532ec66b4f009bae5c052d6ca312932024283fadbf0a1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c58c4e82df5c130e0587eeda05daa1a2 |
| SHA1 | 97be645ea78aa31e167b66a8f2bd5c9e1856a84a |
| SHA256 | 368e158b70dfc0d5a80da682d36df4a2b51de0fc9b2244356ca86d403953accd |
| SHA512 | b87fa6badc33fcea28d4c82383ff32096f0e262a0ad80d1c7b258cf3d402667b18ef7dfdcbbf380785a1e3cf43141274c35d186d5d372b59c6e38e805f811b4b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore.jsonlz4
| MD5 | c324339ce0db082d0098767800fe7330 |
| SHA1 | 986f33ec33647b7f73463ba9f24fe558b6702ab4 |
| SHA256 | 678f41bd4b5d5e5ef32d9b72c6e5561c6bed150a3e756ae766afc0fcb1b79f5c |
| SHA512 | 7619fce2dfa8f208d41255afa28ae9c38fe268b429b4f8e495bb5ad6b99461cbf1588f2370d170580b6c09ede275215cd37857857159465f99e88aa78dfda8e5 |