Malware Analysis Report

2024-10-23 20:08

Sample ID 240802-q8rj8asamg
Target ftah2.ini
SHA256 4fd167e871391b6593cc83e9b735b8ecbb067afda8fbefdb2f4fd4c91f9d5a9f
Tags
darkcomet guest16 credential_access defense_evasion discovery evasion persistence rat stealer trojan upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

4fd167e871391b6593cc83e9b735b8ecbb067afda8fbefdb2f4fd4c91f9d5a9f

Threat Level: Known bad

The file ftah2.ini was found to be: Known bad.

Malicious Activity Summary

darkcomet guest16 credential_access defense_evasion discovery evasion persistence rat stealer trojan upx

Modifies WinLogon for persistence

Darkcomet

Modifies firewall policy service

Credentials from Password Stores: Credentials from Web Browsers

Disables RegEdit via registry modification

Disables Task Manager via registry modification

Downloads MZ/PE file

Sets file to hidden

Executes dropped EXE

UPX packed file

Adds Run key to start application

Enumerates processes with tasklist

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Opens file in notepad (likely ransom note)

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Suspicious behavior: GetForegroundWindowSpam

Views/modifies file attributes

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-02 13:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-02 13:56

Reported

2024-08-02 14:13

Platform

win10-20240404-en

Max time kernel

1049s

Max time network

930s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ftah2.ini

Signatures

Darkcomet

trojan rat darkcomet

Modifies WinLogon for persistence

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit = "C:\\Windows\\system32\\userinit.exe,C:\\Users\\Admin\\Documents\\MSDCSC\\msdcsc.exe" C:\Users\Admin\Downloads\compiter-exe.exe N/A

Modifies firewall policy service

evasion
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall = "0" C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DisableNotifications = "0" C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A

Credentials from Password Stores: Credentials from Web Browsers

credential_access stealer

Disables RegEdit via registry modification

evasion
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A

Disables Task Manager via registry modification

evasion

Downloads MZ/PE file

Sets file to hidden

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
N/A N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\MicroUpdate = "C:\\Users\\Admin\\Documents\\MSDCSC\\msdcsc.exe" C:\Users\Admin\Downloads\compiter-exe.exe N/A

Enumerates processes with tasklist

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\tasklist.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\642584412\1068689436.pri C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
File created C:\Windows\rescache\_merged\3060194815\1209253612.pri C:\Windows\system32\SystemSettingsAdminFlows.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File created C:\Users\Admin\Downloads\compiter-exe.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\attrib.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\attrib.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\compiter-exe.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Documents\MSDCSC\msdcsc.exe\:Zone.Identifier:$DATA C:\Users\Admin\Downloads\compiter-exe.exe N/A
File created C:\Users\Admin\Downloads\compiter-exe.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeSystemtimePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeBackupPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeRestorePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeUndockPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeImpersonatePrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: 33 N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: 34 N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: 35 N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: 36 N/A C:\Users\Admin\Downloads\compiter-exe.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeSecurityPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeSystemtimePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeBackupPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeRestorePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeUndockPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeImpersonatePrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: 33 N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: 34 N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: 35 N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: 36 N/A C:\Users\Admin\Documents\MSDCSC\msdcsc.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\tasklist.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 192 wrote to memory of 4724 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 4316 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 4316 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 1448 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 4396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 4396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4724 wrote to memory of 4396 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Views/modifies file attributes

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ftah2.ini

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.0.384087087\1288727050" -parentBuildID 20221007134813 -prefsHandle 1740 -prefMapHandle 1732 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {099b3258-d043-434d-8d58-7c79e2e83076} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 1828 2235f4d8458 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.1.632074488\2011915710" -parentBuildID 20221007134813 -prefsHandle 2172 -prefMapHandle 2168 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {65fa47c8-2832-47f3-983c-f0b51013e9d0} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 2184 223544de758 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.2.2086363052\1768514108" -childID 1 -isForBrowser -prefsHandle 2876 -prefMapHandle 2872 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c000cac-b1d3-4154-92c6-08fd620b6c5a} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 2888 2236369b658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.3.758631740\1856561325" -childID 2 -isForBrowser -prefsHandle 3408 -prefMapHandle 3392 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d5c2532c-ffa0-4a6f-8f6a-0bff84efc20e} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 3460 22361c75158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.4.303336043\334538388" -childID 3 -isForBrowser -prefsHandle 3932 -prefMapHandle 3928 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3b911834-917c-438b-8225-4f94476273f7} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 3924 22364d73058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.5.765473305\787451003" -childID 4 -isForBrowser -prefsHandle 4916 -prefMapHandle 4912 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0cccb564-fbce-4922-b6ef-437a23e1ee07} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 4836 22365bf8658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.6.1517676030\526204014" -childID 5 -isForBrowser -prefsHandle 5052 -prefMapHandle 5056 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4f858119-2740-4c3b-a215-c8d396d1c7a1} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 4936 22365d40858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.7.777692790\1154665339" -childID 6 -isForBrowser -prefsHandle 5252 -prefMapHandle 5256 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {94e4f316-dd1e-40f6-8038-a3c1815ecf4d} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5244 223664bd958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.8.853241690\1219432804" -childID 7 -isForBrowser -prefsHandle 4916 -prefMapHandle 5728 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c59114ec-a468-4062-8c9c-f16e81f47246} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5816 223685af658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.9.1218274131\1664894082" -parentBuildID 20221007134813 -prefsHandle 6116 -prefMapHandle 5900 -prefsLen 26424 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {907db794-8600-4da7-b59e-a3f6c1e5431c} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 4060 22362524258 rdd

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.10.125321251\280842303" -childID 8 -isForBrowser -prefsHandle 4456 -prefMapHandle 4464 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc45d306-eaae-4c9e-9051-ac7a5c90457b} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 4504 223674f2f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.11.791663523\1933215243" -childID 9 -isForBrowser -prefsHandle 5404 -prefMapHandle 5336 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e57aa84f-056d-406a-a28d-4ee6c69b209c} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 9552 22368eac558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.12.1939168423\1221411282" -childID 10 -isForBrowser -prefsHandle 9404 -prefMapHandle 9408 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f1f2ca61-fae9-4e48-bae8-4be5820965be} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 9512 223675fc158 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.13.582673751\103800954" -childID 11 -isForBrowser -prefsHandle 5804 -prefMapHandle 5800 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0bb50c46-3203-4461-8e7e-ccb0c73c672a} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5836 223675fca58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.14.628915855\1240781882" -childID 12 -isForBrowser -prefsHandle 9200 -prefMapHandle 9192 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {660058f5-3ed8-4495-8be6-5059638771c5} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5916 22368d85858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.15.855100887\1469006588" -childID 13 -isForBrowser -prefsHandle 9252 -prefMapHandle 9404 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86218135-7f42-4bb9-9336-7924d257bee2} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 9324 22369028658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.16.1473782237\1256056244" -childID 14 -isForBrowser -prefsHandle 8856 -prefMapHandle 8848 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c7f0672f-431e-48b3-abec-de42af1c027c} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5788 22368d85558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.17.632196454\413167470" -childID 15 -isForBrowser -prefsHandle 8872 -prefMapHandle 5604 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {50a3dfb0-cb8a-4de5-97fd-95eabc6bba04} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5828 2236ab4da58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.18.1703535944\114156375" -childID 16 -isForBrowser -prefsHandle 5604 -prefMapHandle 5612 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {13986b97-b9c7-448f-a947-db6fdf99ed30} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5720 2236ac04a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.19.2107536084\794227174" -childID 17 -isForBrowser -prefsHandle 8452 -prefMapHandle 8448 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {00d28b19-1038-4123-907b-e954b6bfeea2} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 8460 2236acbc558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.20.1162235535\889735754" -childID 18 -isForBrowser -prefsHandle 8256 -prefMapHandle 8252 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c34acf66-e405-4c5f-8380-e529ddf3f06b} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 8264 2236acbad58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.21.379425881\828797504" -parentBuildID 20221007134813 -sandboxingKind 1 -prefsHandle 7900 -prefMapHandle 7904 -prefsLen 26503 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eeb6b7c3-e07f-4849-bd88-fb535f22cc45} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 7888 2236b46b258 utility

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x1e4

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.22.1493771613\500008606" -childID 19 -isForBrowser -prefsHandle 8212 -prefMapHandle 8220 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1307e916-e771-4797-8069-e97b49b0d59f} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 8256 2236b531558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.23.566931709\2077692390" -childID 20 -isForBrowser -prefsHandle 7652 -prefMapHandle 7648 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {54d23e3f-ed18-449f-a0bc-c041161f56bc} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 7564 2236b531858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.24.998174892\1711789170" -childID 21 -isForBrowser -prefsHandle 7760 -prefMapHandle 7660 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9cc76f3c-9f58-4c8f-815e-3bd2165b76fd} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 8252 2236b532d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.25.287304780\1836692878" -childID 22 -isForBrowser -prefsHandle 7660 -prefMapHandle 8720 -prefsLen 27190 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {66a9d59f-621e-4586-94f5-9a01c62540d4} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 7324 2236bb62858 tab

C:\Users\Admin\Downloads\compiter-exe.exe

"C:\Users\Admin\Downloads\compiter-exe.exe"

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe" /k attrib "C:\Users\Admin\Downloads\compiter-exe.exe" +s +h

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe" /k attrib "C:\Users\Admin\Downloads" +s +h

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.26.916545928\2009477405" -childID 23 -isForBrowser -prefsHandle 6636 -prefMapHandle 6676 -prefsLen 27442 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c1ab47f-70db-468d-9f22-65ba96c15d73} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 6628 22360d3e858 tab

C:\Users\Admin\Documents\MSDCSC\msdcsc.exe

"C:\Users\Admin\Documents\MSDCSC\msdcsc.exe"

C:\Windows\SysWOW64\attrib.exe

attrib "C:\Users\Admin\Downloads\compiter-exe.exe" +s +h

C:\Windows\SysWOW64\notepad.exe

notepad

C:\Windows\SysWOW64\attrib.exe

attrib "C:\Users\Admin\Downloads" +s +h

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.27.1231457895\797388357" -childID 24 -isForBrowser -prefsHandle 6712 -prefMapHandle 6720 -prefsLen 27442 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5404d1b4-ffe2-40cd-abc8-106e61822756} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 6708 2236420a258 tab

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" SetDateTime

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\tasklist.exe

tasklist

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.28.1118508753\123956514" -childID 25 -isForBrowser -prefsHandle 6116 -prefMapHandle 9356 -prefsLen 27560 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7c7a7392-cb93-470b-9f0a-bae60b169318} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5924 22364209c58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.29.1214005987\872167259" -childID 26 -isForBrowser -prefsHandle 9220 -prefMapHandle 7064 -prefsLen 27560 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {138b31ca-2855-4d36-baa3-773b3b7eb353} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 7612 223675d0558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.30.1473033321\1993916465" -childID 27 -isForBrowser -prefsHandle 2820 -prefMapHandle 3204 -prefsLen 27560 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {05723ff3-6d42-4e32-8b32-5e0d460457d1} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 3492 223673ca758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.31.1790226171\758836168" -childID 28 -isForBrowser -prefsHandle 9992 -prefMapHandle 9996 -prefsLen 27560 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d410dbb2-fbd1-480c-9d19-76e50030ac6a} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 8560 223673cbf58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.32.1799160752\2004554957" -childID 29 -isForBrowser -prefsHandle 6488 -prefMapHandle 6480 -prefsLen 27569 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb3438c7-648a-4ed0-803d-c37f7ccb54d9} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 5728 223641a9758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.33.513512162\1220493681" -childID 30 -isForBrowser -prefsHandle 6108 -prefMapHandle 7512 -prefsLen 27873 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {70868df2-e21d-4ae3-9362-f46e58d7f511} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 6232 2236797e358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.34.913666541\286011698" -childID 31 -isForBrowser -prefsHandle 3080 -prefMapHandle 9980 -prefsLen 27873 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a7cf94bf-6c5e-4d38-8735-4bf64c21da94} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 9640 22367448258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4724.35.861478643\341762033" -childID 32 -isForBrowser -prefsHandle 9236 -prefMapHandle 6164 -prefsLen 27900 -prefMapSize 233444 -jsInitHandle 1292 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {577a0463-f827-4e94-b4d6-4a7e5e72253f} 4724 "\\.\pipe\gecko-crash-server-pipe.4724" 9912 22367cd5d58 tab

Network

Country Destination Domain Proto
N/A 127.0.0.1:49757 tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 166.188.117.34.in-addr.arpa udp
US 8.8.8.8:53 122.28.160.35.in-addr.arpa udp
N/A 127.0.0.1:49764 tcp
US 8.8.8.8:53 gamejolt.com udp
US 104.18.4.160:80 gamejolt.com tcp
US 104.18.4.160:80 gamejolt.com tcp
US 8.8.8.8:53 gamejolt.com udp
US 8.8.8.8:53 gamejolt.com udp
US 104.18.4.160:443 gamejolt.com tcp
US 8.8.8.8:53 160.4.18.104.in-addr.arpa udp
US 104.18.4.160:443 gamejolt.com udp
US 8.8.8.8:53 s.gjcdn.net udp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 104.18.24.184:443 s.gjcdn.net tcp
US 8.8.8.8:53 s.gjcdn.net udp
US 8.8.8.8:53 s.gjcdn.net udp
US 104.18.24.184:443 s.gjcdn.net udp
US 8.8.8.8:53 184.24.18.104.in-addr.arpa udp
US 104.18.24.184:443 s.gjcdn.net udp
US 8.8.8.8:53 firebase.googleapis.com udp
NL 142.250.102.95:443 firebase.googleapis.com tcp
NL 142.250.102.95:443 firebase.googleapis.com tcp
US 8.8.8.8:53 firebase.googleapis.com udp
US 8.8.8.8:53 firebase.googleapis.com udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 firebaseremoteconfig.googleapis.com udp
NL 142.250.102.95:443 firebaseremoteconfig.googleapis.com tcp
US 8.8.8.8:53 firebaseremoteconfig.googleapis.com udp
NL 142.250.102.95:443 firebaseremoteconfig.googleapis.com tcp
NL 142.250.102.95:443 firebaseremoteconfig.googleapis.com tcp
NL 142.250.102.95:443 firebaseremoteconfig.googleapis.com tcp
US 8.8.8.8:53 firebaseremoteconfig.googleapis.com udp
NL 142.250.102.95:443 firebaseremoteconfig.googleapis.com udp
US 8.8.8.8:53 m.gjcdn.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 v-2.gjcdn.net udp
US 104.18.24.184:443 v-2.gjcdn.net tcp
US 104.18.24.184:443 v-2.gjcdn.net tcp
US 104.18.24.184:443 v-2.gjcdn.net tcp
US 8.8.8.8:53 m.gjcdn.net udp
US 104.18.24.184:443 m.gjcdn.net tcp
US 104.18.24.184:443 m.gjcdn.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 95.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 97.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 m.gjcdn.net udp
US 104.18.24.184:443 m.gjcdn.net udp
US 104.18.25.184:443 m.gjcdn.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 v-2.gjcdn.net udp
US 8.8.8.8:53 v-2.gjcdn.net udp
US 104.18.25.184:443 v-2.gjcdn.net udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 184.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 firebaselogging-pa.googleapis.com udp
US 8.8.8.8:53 firebaselogging-pa.googleapis.com udp
US 8.8.8.8:53 firebaselogging-pa.googleapis.com udp
US 8.8.8.8:53 global.proper.io udp
GB 99.86.114.50:443 global.proper.io tcp
US 8.8.8.8:53 global.proper.io udp
US 8.8.8.8:53 global.proper.io udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 abcheck.proper.io udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 18.244.114.19:443 abcheck.proper.io tcp
US 8.8.8.8:53 abcheck.proper.io udp
GB 18.244.114.19:443 abcheck.proper.io tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 abcheck.proper.io udp
NL 142.250.27.157:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 bids.proper.io udp
DE 91.228.74.159:443 secure.quantserve.com tcp
US 8.8.8.8:53 global.px.quantserve.com udp
US 8.8.8.8:53 global.px.quantserve.com udp
NL 142.250.27.157:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 50.114.86.99.in-addr.arpa udp
US 8.8.8.8:53 19.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 157.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 rules.quantcount.com udp
US 8.8.8.8:53 d2fashanjl7d9f.cloudfront.net udp
GB 18.245.187.41:443 d2fashanjl7d9f.cloudfront.net tcp
US 8.8.8.8:53 d2fashanjl7d9f.cloudfront.net udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
NL 142.250.27.138:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 www3.l.google.com udp
US 8.8.8.8:53 www3.l.google.com udp
US 52.13.92.203:443 bids.proper.io tcp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 bids.proper.io udp
NL 142.250.27.138:443 www3.l.google.com udp
US 8.8.8.8:53 41.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 138.27.250.142.in-addr.arpa udp
US 44.236.149.23:443 bids.proper.io tcp
DE 91.228.74.200:443 pixel.quantserve.com tcp
NL 142.250.27.138:443 www3.l.google.com udp
NL 142.250.27.138:443 www3.l.google.com tcp
NL 142.250.27.138:443 www3.l.google.com tcp
US 8.8.8.8:53 23.149.236.44.in-addr.arpa udp
US 8.8.8.8:53 154.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 203.92.13.52.in-addr.arpa udp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
IE 18.200.164.220:443 rtb.gumgum.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
DE 141.95.98.65:443 id5-sync.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 220.164.200.18.in-addr.arpa udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 a.teads.tv udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 104.18.36.155:443 htlb.casalemedia.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 18.195.11.216:443 btlr.sharethrough.com tcp
DE 18.195.11.216:443 btlr.sharethrough.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 69.166.1.9:443 apex.go.sonobi.com tcp
GB 108.138.217.66:443 hb.yellowblue.io tcp
US 34.149.20.76:443 ssc.33across.com tcp
IE 54.154.253.231:443 ap.lijit.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
US 34.120.63.153:443 prebid.media.net tcp
GB 95.100.245.39:443 a.teads.tv tcp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 hbopenbid-lhrc.pubmnet.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 104.18.36.155:443 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid-lhrc.pubmnet.com udp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 34.149.20.76:443 ssc.33across.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 iad-2-apex.go.sonobi.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 iad-2-apex.go.sonobi.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 e9957.b.akamaiedge.net udp
GB 108.156.46.103:443 eb.proper.io tcp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 e9957.b.akamaiedge.net udp
US 8.8.8.8:53 eb.proper.io udp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 115.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 216.11.195.18.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 39.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 66.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 231.253.154.54.in-addr.arpa udp
US 8.8.8.8:53 76.20.149.34.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 9.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 103.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 eb.proper.io udp
NL 35.214.149.91:443 user-data-eu.bidswitch.net tcp
FR 18.245.194.122:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 aa3ef0e5edc3cce67f7232f7351d11da.safeframe.googlesyndication.com udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com tcp
US 8.8.8.8:53 static.fr3.vip.prod.criteo.net udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 static.fr3.vip.prod.criteo.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
NL 142.250.102.132:443 tpc.googlesyndication.com tcp
FR 18.245.194.122:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 18.245.220.173:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 b-code.liadm.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 aps.zqtk.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 104.22.52.173:443 cdn.hadronid.net tcp
FR 172.234.57.28:443 aps.zqtk.net tcp
NL 142.250.102.132:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
GB 18.164.68.15:443 cdn.browsiprod.com tcp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 gum.criteo.com udp
NL 142.250.27.147:443 www.google.com tcp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
US 8.8.8.8:53 linode-api.eu-west.proximic.com udp
US 8.8.8.8:53 detgh1asa1dg4.cloudfront.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 linode-api.eu-west.proximic.com udp
US 8.8.8.8:53 detgh1asa1dg4.cloudfront.net udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 www.google.com udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
GB 13.224.245.118:443 yield-manager.browsiprod.com tcp
US 44.237.120.26:443 events.browsiprod.com tcp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.147:443 www.google.com udp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 id.hadron.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 8.8.8.8:53 122.194.245.18.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 132.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 132.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 173.220.245.18.in-addr.arpa udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 28.57.234.172.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 15.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 147.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 118.245.224.13.in-addr.arpa udp
IE 54.239.38.253:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 gbc8.fr3.eu.criteo.com udp
US 172.67.23.234:443 a.ad.gt tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 a.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 gbc0.nl3.eu.criteo.com udp
US 8.8.8.8:53 gbc8.fr3.eu.criteo.com udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 gbc0.nl3.eu.criteo.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 a.ad.gt.cdn.cloudflare.net udp
GB 52.84.90.126:443 config.aps.amazon-adsystem.com tcp
NL 23.218.48.210:443 e4536.g.akamaiedge.net tcp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
GB 18.165.227.85:443 detgh1asa1dg4.cloudfront.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 44.230.128.104:443 ids.ad.gt tcp
US 44.230.128.104:443 ids.ad.gt tcp
US 44.230.128.104:443 ids.ad.gt tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 ids.ad.gt udp
DE 51.89.9.253:443 onetag-sys.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 ids.ad.gt udp
US 172.67.23.234:443 p.ad.gt tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
IE 52.215.197.131:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 pug-lhr-bc.pubmnet.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 sync.1rx.io udp
DE 51.89.9.253:443 onetag-sys.com udp
US 8.8.8.8:53 pug-lhr-bc.pubmnet.com udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 p.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 26.120.237.44.in-addr.arpa udp
US 8.8.8.8:53 253.38.239.54.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 100.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 126.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 85.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 210.48.218.23.in-addr.arpa udp
US 8.8.8.8:53 253.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 104.128.230.44.in-addr.arpa udp
US 8.8.8.8:53 131.197.215.52.in-addr.arpa udp
US 8.8.8.8:53 www-alv.google-analytics.com udp
US 8.8.8.8:53 pixels.ad.gt udp
US 172.67.23.234:443 pixels.ad.gt tcp
US 44.236.149.23:443 bids.proper.io tcp
US 8.8.8.8:53 bids.proper.io udp
US 104.22.5.69:443 pixels.ad.gt tcp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
US 8.8.8.8:53 pixels.ad.gt.cdn.cloudflare.net udp
US 44.236.149.23:443 bids.proper.io tcp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
DE 37.252.171.21:443 secure.adnxs.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
GB 185.64.191.210:443 pug-lhr-bc.pubmnet.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.net.akadns.net tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 208.93.169.131:443 am1-direct-bgp.contextweb.com tcp
US 8.8.8.8:53 usync.proper.io udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 usync.proper.io udp
US 52.25.197.137:443 usync.proper.io tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com udp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 usync.proper.io udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 www-alv.google-analytics.com udp
DE 18.195.11.216:443 btlr.sharethrough.com tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 hbopenbid-lhrc.pubmnet.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 8.8.8.8:53 tag.1rx.io udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 178.38.239.216.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 21.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 119.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 137.197.25.52.in-addr.arpa udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 propermedia-d.openx.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 35.244.159.8:443 propermedia-d.openx.net tcp
US 8.8.8.8:53 propermedia-d.openx.net udp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 propermedia-d.openx.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 35.244.159.8:443 propermedia-d.openx.net udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 diagnostics.id5-sync.com udp
US 8.8.8.8:53 diagnostics.id5-sync.com udp
DE 162.19.138.82:443 diagnostics.id5-sync.com tcp
US 8.8.8.8:53 diagnostics.id5-sync.com udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 sync.teads.tv udp
US 8.8.8.8:53 de.tynt.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 67.202.105.33:443 de.tynt.com tcp
US 8.8.8.8:53 de.tynt.com udp
FR 104.116.97.85:443 sync.teads.tv tcp
US 8.8.8.8:53 e9957.e4.akamaiedge.net udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 de.tynt.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 e9957.e4.akamaiedge.net udp
IE 34.241.3.170:443 ce.lijit.com tcp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 104.18.24.184:443 v-2.gjcdn.net udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 api.enthusiastgaming.net udp
GB 18.244.179.73:443 api.enthusiastgaming.net tcp
US 8.8.8.8:53 api.enthusiastgaming.net udp
US 8.8.8.8:53 api.enthusiastgaming.net udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 33.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 170.3.241.34.in-addr.arpa udp
US 8.8.8.8:53 73.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 vplayer.enthusiastgaming.com udp
GB 13.224.222.60:443 vplayer.enthusiastgaming.com tcp
US 8.8.8.8:53 d25rcu0ocutfu6.cloudfront.net udp
US 8.8.8.8:53 d25rcu0ocutfu6.cloudfront.net udp
US 8.8.8.8:53 ced.sascdn.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 tagan.adlightning.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 a1184.b.akamai.net udp
US 8.8.8.8:53 d23sp3kzv1t6m5.cloudfront.net udp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 btloader.com udp
GB 216.137.44.59:443 tagan.adlightning.com tcp
US 8.8.8.8:53 d23sp3kzv1t6m5.cloudfront.net udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
GB 13.224.222.60:443 d25rcu0ocutfu6.cloudfront.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 tagan.adlightning.com udp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 pghub.io udp
US 8.8.8.8:53 tagan.adlightning.com udp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 35.241.45.217:443 pghub.io tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 pghub.io udp
US 192.0.73.2:443 secure.gravatar.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
US 35.241.45.217:443 pghub.io udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 pghub.io udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 60.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 59.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 217.45.241.35.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 2.73.0.192.in-addr.arpa udp
US 192.0.73.2:443 secure.gravatar.com udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 2.16.170.49:443 a1184.b.akamai.net tcp
GB 18.244.114.17:443 d23sp3kzv1t6m5.cloudfront.net tcp
GB 18.154.84.35:443 sb.scorecardresearch.com tcp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 a1184.b.akamai.net udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
NL 142.250.102.95:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
NL 142.250.102.95:443 imasdk.googleapis.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 49.170.16.2.in-addr.arpa udp
US 8.8.8.8:53 17.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 35.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 149.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
NL 63.215.202.146:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 convex-rr.global.dual.dotomi.weighted.com.akadns.net udp
US 8.8.8.8:53 convex-rr.global.dual.dotomi.weighted.com.akadns.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
NL 142.250.27.101:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 146.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 209.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 redirector.gvt1.com udp
NL 142.250.27.101:443 redirector.gvt1.com udp
US 8.8.8.8:53 r1---sn-5hneknek.gvt1.com udp
NL 142.250.27.132:443 cdn-content.ampproject.org tcp
NL 142.250.27.132:443 cdn-content.ampproject.org tcp
NL 142.250.27.132:443 cdn-content.ampproject.org tcp
NL 142.250.27.132:443 cdn-content.ampproject.org tcp
NL 142.250.27.132:443 cdn-content.ampproject.org tcp
NL 74.125.8.134:443 r1---sn-5hneknek.gvt1.com tcp
US 8.8.8.8:53 r1.sn-5hneknek.gvt1.com udp
US 8.8.8.8:53 r1.sn-5hneknek.gvt1.com udp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
NL 74.125.8.134:443 r1.sn-5hneknek.gvt1.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.102.155:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 101.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 134.8.125.74.in-addr.arpa udp
NL 142.250.102.155:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.231:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.1:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 155.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 download.gamejolt.net udp
US 104.18.15.32:443 download.gamejolt.net tcp
US 8.8.8.8:53 download.gamejolt.net udp
US 8.8.8.8:53 download.gamejolt.net udp
US 8.8.8.8:53 32.15.18.104.in-addr.arpa udp
US 104.18.15.32:443 download.gamejolt.net udp
US 8.8.8.8:53 lexicon.33across.com udp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 lexicon.33across.com udp
US 35.244.193.51:443 lexicon.33across.com tcp
US 8.8.8.8:53 lexicon.33across.com udp
NL 178.250.1.11:443 dnacdn.net tcp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 stats-dev.brid.tv udp
US 8.8.8.8:53 vcdn.enthusiastgaming.com udp
NL 142.250.102.95:443 imasdk.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
GB 13.224.245.70:443 stats-dev.brid.tv tcp
US 8.8.8.8:53 stats-dev.brid.tv udp
GB 18.165.227.18:443 vcdn.enthusiastgaming.com tcp
US 8.8.8.8:53 d23ty8mdmlmsvp.cloudfront.net udp
GB 18.165.227.18:443 d23ty8mdmlmsvp.cloudfront.net tcp
GB 18.165.227.18:443 d23ty8mdmlmsvp.cloudfront.net tcp
US 8.8.8.8:53 stats-dev.brid.tv udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 d23ty8mdmlmsvp.cloudfront.net udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
GB 13.224.245.70:443 stats-dev.brid.tv udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
NL 142.250.102.148:443 s0.2mdn.net tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
NL 142.250.102.148:443 s0.2mdn.net udp
US 8.8.8.8:53 70.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 18.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 148.102.250.142.in-addr.arpa udp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 prod.tahoe-analytics.publishers.advertising.a2z.com udp
US 44.239.21.22:443 prod.tahoe-analytics.publishers.advertising.a2z.com tcp
US 8.8.8.8:53 prod.tahoe-analytics.publishers.advertising.a2z.com udp
US 8.8.8.8:53 prod.tahoe-analytics.publishers.advertising.a2z.com udp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
US 8.8.8.8:53 22.21.239.44.in-addr.arpa udp
US 8.8.8.8:53 pb-stats.brid.tv udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
US 8.8.8.8:53 onetag-sys.com udp
GB 216.137.44.52:443 pb-stats.brid.tv tcp
US 8.8.8.8:53 btlr-eu-central-1.sharethrough.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 pb-stats.brid.tv udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
DE 18.198.239.174:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 prebid-server-perf-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 pb-stats.brid.tv udp
US 8.8.8.8:53 prebid-server-perf-eu.rubiconproject.net.akadns.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 52.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 174.239.198.18.in-addr.arpa udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
NL 142.250.102.155:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
NL 142.250.102.155:443 pubads.g.doubleclick.net udp
US 8.8.8.8:53 csi.gstatic.com udp
IN 142.250.76.67:443 csi.gstatic.com tcp
IN 142.250.76.67:443 csi.gstatic.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 csi.gstatic.com udp
IN 142.250.76.67:443 csi.gstatic.com tcp
IN 142.250.76.67:443 csi.gstatic.com tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 creativecdn.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 creativecdn.com udp
DE 91.228.74.200:443 cms.quantserve.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 104.22.51.98:443 spl.zeotap.com tcp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.net.akadns.net tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 dorpat.geo.iponweb.net udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
DE 54.93.109.96:443 match.sharethrough.com tcp
DE 54.93.109.96:443 match.sharethrough.com tcp
DE 54.93.109.96:443 match.sharethrough.com tcp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 imagsync-lhrpairbc.pubmatic.com udp
US 8.8.8.8:53 dorpat.geo.iponweb.net udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 imagsync-lhrpairbc.pubmatic.com udp
US 8.8.8.8:53 spl.zeotap.com udp
NL 35.214.199.88:443 dorpat.geo.iponweb.net tcp
US 74.121.140.211:443 pixel-origin.mathtag.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
DE 37.252.171.53:443 secure.adnxs.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.net.akadns.net tcp
NL 82.145.213.8:443 outspot2-ams.adx.opera.com tcp
NL 81.17.55.109:443 ssbsync-euw1.smartadserver.com tcp
GB 185.64.191.214:443 imagsync-lhrpairbc.pubmatic.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 52.46.128.147:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
US 8.8.8.8:53 67.76.250.142.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 98.51.22.104.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
DE 54.93.109.96:443 match.sharethrough.com tcp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
DE 54.93.109.96:443 match.sharethrough.com tcp
DE 54.93.109.96:443 match.sharethrough.com tcp
NL 35.214.199.88:443 dorpat.geo.iponweb.net udp
IN 142.250.76.67:443 csi.gstatic.com udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 109.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 115.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 147.128.46.52.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
DE 162.19.138.82:443 diagnostics.id5-sync.com tcp
FR 185.235.86.251:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.2:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 96.109.93.54.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.242:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.27:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
FR 185.235.86.248:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.4:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.238:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.0:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.238:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.0:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 prebid.media.net udp
NL 142.250.102.155:443 pubads.g.doubleclick.net udp
FR 185.235.86.238:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.0:443 gbc0.nl3.eu.criteo.com tcp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 eb.proper.io udp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 35.186.253.211:443 rtb.openx.net udp
US 34.149.20.76:443 ssc.33across.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
N/A 127.0.0.1:888 tcp
NL 142.250.102.155:443 pubads.g.doubleclick.net tcp
NL 185.89.210.46:443 ib.adnxs.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
US 34.120.63.153:443 prebid.media.net tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 34.149.20.76:443 ssc.33across.com tcp
US 34.149.20.76:443 ssc.33across.com tcp
US 34.149.20.76:443 ssc.33across.com tcp
US 34.149.20.76:443 ssc.33across.com tcp
US 8.8.8.8:53 hb.yellowblue.io udp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 hbopenbid-lhrc.pubmnet.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 34.149.20.76:443 ssc.33across.com tcp
FR 185.235.86.238:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.0:443 gbc0.nl3.eu.criteo.com tcp
NL 142.250.102.155:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 ce.lijit.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com udp
NL 142.250.102.155:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 131.72.42.20.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 stats-dev.brid.tv udp
FR 3.164.163.95:443 stats-dev.brid.tv tcp
US 8.8.8.8:53 stats-dev.brid.tv udp
FR 3.164.163.95:443 stats-dev.brid.tv tcp
NL 142.250.27.157:443 googleads.g.doubleclick.net udp
NL 142.250.27.157:443 googleads.g.doubleclick.net tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 bids.proper.io udp
US 52.13.92.203:443 bids.proper.io tcp
N/A 127.0.0.1:888 tcp
NL 142.250.102.132:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.147:443 www.google.com udp
US 8.8.8.8:53 bids.proper.io udp
NL 142.250.27.147:443 www.google.com tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.147:443 www.google.com tcp
US 8.8.8.8:53 95.163.164.3.in-addr.arpa udp
FR 3.164.163.95:443 stats-dev.brid.tv udp
NL 142.250.27.147:443 www.google.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.232:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.15:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.232:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.15:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.232:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.15:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.232:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.15:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 3.124.64.248:443 eu-tlx.3lift.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 185.89.210.46:443 ib.adnxs.com tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 hbopenbid-lhrc.pubmnet.com udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.236:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.17:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 bids.proper.io udp
US 52.13.92.203:443 bids.proper.io tcp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 bids.proper.io udp
US 44.236.149.23:443 bids.proper.io tcp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
NL 142.250.102.138:443 encrypted-tbn1.gstatic.com tcp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
NL 142.250.102.113:443 encrypted-tbn3.gstatic.com tcp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
NL 142.250.102.138:443 encrypted-tbn3.gstatic.com tcp
NL 142.250.102.113:443 encrypted-tbn3.gstatic.com tcp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 100.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 113.102.250.142.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.102.113:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.138:443 encrypted-tbn3.gstatic.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ap.lijit.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 hb.yellowblue.io udp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.23:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.23:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.23:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.235:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.23:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 240.143.123.92.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
NL 142.250.102.132:443 tpc.googlesyndication.com tcp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.138:443 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
NL 142.250.27.138:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 52.13.92.203:443 bids.proper.io tcp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
NL 142.250.27.138:443 encrypted-tbn0.gstatic.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.243:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.21:443 gbc0.nl3.eu.criteo.com tcp
NL 185.235.87.21:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.243:443 gbc8.fr3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 185.235.86.243:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.21:443 gbc0.nl3.eu.criteo.com tcp
FR 185.235.86.243:443 gbc8.fr3.eu.criteo.com tcp
NL 185.235.87.21:443 gbc0.nl3.eu.criteo.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 178.250.1.11:443 dnacdn.net tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 ap.lijit.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 de2-bid.adsrvr.org udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 attentionxyz.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 pxdrop.lijit.com udp
US 8.8.8.8:53 imp-ew1-secondary.lijit.com udp
US 8.8.8.8:53 de2-bid.adsrvr.org udp
GB 108.156.39.49:443 attentionxyz.com tcp
US 8.8.8.8:53 attentionxyz.com udp
US 8.8.8.8:53 www.googletagservices.com udp
GB 108.156.39.12:443 choices.truste.com tcp
US 8.8.8.8:53 de2-bid.adsrvr.org udp
US 8.8.8.8:53 www.googletagservices.com udp
IE 52.210.74.221:443 pixel.adsafeprotected.com tcp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 bids.proper.io udp
IE 52.210.74.221:443 pixel.adsafeprotected.com tcp
US 8.8.8.8:53 e213908.b.akamaiedge.net udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 e213908.b.akamaiedge.net udp
US 8.8.8.8:53 firewall-external-2134955858.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 firewall-external-2134955858.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 49.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 12.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 221.74.210.52.in-addr.arpa udp
NL 142.250.102.148:443 s0.2mdn.net udp
US 8.8.8.8:53 api.attentionxyz.com udp
US 8.8.8.8:53 static.adsafeprotected.com udp
US 8.8.8.8:53 cdn.lijit.com udp
US 34.117.222.118:443 api.attentionxyz.com tcp
US 8.8.8.8:53 api.attentionxyz.com udp
US 34.117.222.118:443 api.attentionxyz.com tcp
US 8.8.8.8:53 d162h6x3rxav67.cloudfront.net udp
GB 18.245.218.5:443 cdn.lijit.com tcp
US 8.8.8.8:53 d27c6x3b3mm9so.cloudfront.net udp
NL 142.250.102.148:443 s0.2mdn.net tcp
US 8.8.8.8:53 api.attentionxyz.com udp
US 8.8.8.8:53 d162h6x3rxav67.cloudfront.net udp
US 8.8.8.8:53 d27c6x3b3mm9so.cloudfront.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 34.117.222.118:443 api.attentionxyz.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 3.33.153.203:443 de2-bid.adsrvr.org tcp
GB 23.40.43.91:443 e213908.b.akamaiedge.net tcp
IE 34.246.245.91:443 imp-ew1-secondary.lijit.com tcp
GB 52.84.90.96:443 d162h6x3rxav67.cloudfront.net tcp
NL 142.250.102.155:443 googleads4.g.doubleclick.net tcp
US 34.117.222.118:443 api.attentionxyz.com udp
NL 142.250.102.155:443 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 8.8.8.8:53 dt-external-217593033.us-east-1.elb.amazonaws.com udp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 118.222.117.34.in-addr.arpa udp
US 8.8.8.8:53 5.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 203.153.33.3.in-addr.arpa udp
US 8.8.8.8:53 91.43.40.23.in-addr.arpa udp
US 8.8.8.8:53 96.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 91.245.246.34.in-addr.arpa udp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 choices.trustarc.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 sync.sharethis.com udp
US 8.8.8.8:53 aqfer.lijit.com udp
US 18.213.235.225:443 dt.adsafeprotected.com tcp
GB 18.244.140.102:443 choices.trustarc.com tcp
US 8.8.8.8:53 choices.trustarc.com udp
GB 18.244.140.102:443 choices.trustarc.com tcp
IE 52.214.219.236:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 23.40.43.91:443 aqfer.lijit.com tcp
IE 52.31.149.25:443 sync.sharethis.com tcp
US 8.8.8.8:53 httplogserver-lb.global.unified-prod.sharethis.net udp
US 8.8.8.8:53 choices.trustarc.com udp
US 8.8.8.8:53 225.235.213.18.in-addr.arpa udp
US 8.8.8.8:53 102.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 httplogserver-lb.global.unified-prod.sharethis.net udp
IE 52.214.219.236:443 bcp.crwdcntrl.net tcp
GB 23.40.43.91:443 aqfer.lijit.com tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 ps.eyeota.net udp
US 8.8.8.8:53 25.149.31.52.in-addr.arpa udp
US 8.8.8.8:53 236.219.214.52.in-addr.arpa udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 ps.eyeota.net udp
DE 3.125.70.222:443 ps.eyeota.net tcp
US 8.8.8.8:53 ps.eyeota.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 222.70.125.3.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 prebid.media.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 tag.1rx.io udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 prebid.media.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
NL 142.250.102.156:443 ade.googlesyndication.com tcp
NL 142.250.102.156:443 ade.googlesyndication.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 156.102.250.142.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.102.156:443 ade.googlesyndication.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.157:443 ade.googlesyndication.com tcp
NL 142.250.27.157:443 ade.googlesyndication.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 bids.proper.io udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ib.adnxs.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
GB 108.138.217.66:443 hb.yellowblue.io tcp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.27.132:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 eb.proper.io udp
DE 37.252.171.149:443 ib.adnxs.com tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 bids.proper.io udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 prebid.media.net udp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 eb.proper.io udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 rtb.openx.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 ce.lijit.com udp
NL 142.250.102.138:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.113:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
N/A 127.0.0.1:888 tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 prebid.media.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 tagged-by.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
NL 46.228.174.115:443 tag.1rx.io tcp
US 69.166.1.9:443 iad-2-apex.go.sonobi.com tcp
US 8.8.8.8:53 ssc.33across.com udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 aa3ef0e5edc3cce67f7232f7351d11da.safeframe.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.102.138:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.113:443 encrypted-tbn3.gstatic.com udp
NL 142.250.102.100:443 encrypted-tbn3.gstatic.com udp
NL 142.250.27.138:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 bids.proper.io udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 eb.proper.io udp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
US 8.8.8.8:53 ib.adnxs.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 targeting.unrulymedia.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 ap.lijit.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 hbopenbid-ams.pubmnet.com udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
N/A 127.0.0.1:888 tcp
NL 69.173.156.139:443 tagged-by.rubiconproject.net.akadns.net tcp
N/A 127.0.0.1:888 tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 prebid.media.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 69.166.1.9:443 apex.go.sonobi.com tcp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 eu-tlx.3lift.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 iad-2-apex.go.sonobi.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 tag.1rx.io udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
FR 178.250.7.2:443 static.fr3.vip.prod.criteo.net tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 ad.adsrvr.org udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 imp-ew1-secondary.lijit.com udp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.18.23.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 dg2iu7dxxehbo.cloudfront.net udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 dg2iu7dxxehbo.cloudfront.net udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 e213908.b.akamaiedge.net udp
US 8.8.8.8:53 choices.truste.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 i.clean.gg udp
US 8.8.8.8:53 cdn.lijit.com udp
US 8.8.8.8:53 e213908.b.akamaiedge.net udp
US 8.8.8.8:53 bids.proper.io udp
US 34.95.69.49:443 i.clean.gg tcp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 i.clean.gg udp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 d27c6x3b3mm9so.cloudfront.net udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 i.clean.gg udp
N/A 127.0.0.1:888 tcp
US 3.33.153.203:443 de2-bid.adsrvr.org tcp
GB 99.86.116.119:443 dg2iu7dxxehbo.cloudfront.net tcp
GB 23.40.43.91:443 e213908.b.akamaiedge.net tcp
US 8.8.8.8:53 d27c6x3b3mm9so.cloudfront.net udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 119.116.86.99.in-addr.arpa udp
US 34.95.69.49:443 i.clean.gg udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 sync.sharethis.com udp
US 8.8.8.8:53 aqfer.lijit.com udp
US 8.8.8.8:53 ps.eyeota.net udp
IE 52.214.219.236:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 23.40.43.91:443 aqfer.lijit.com tcp
DE 3.125.70.222:443 ps.eyeota.net tcp
US 8.8.8.8:53 ps.eyeota.net udp
IE 52.31.149.25:443 sync.sharethis.com tcp
US 8.8.8.8:53 httplogserver-lb.global.unified-prod.sharethis.net udp
US 8.8.8.8:53 ps.eyeota.net udp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 httplogserver-lb.global.unified-prod.sharethis.net udp
US 8.8.8.8:53 choices.trustarc.com udp
US 8.8.8.8:53 choices.trustarc.com udp
US 8.8.8.8:53 choices.trustarc.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 52.142.223.178:80 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.102.132:443 tpc.googlesyndication.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
NL 142.250.102.132:443 tpc.googlesyndication.com tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 aa3ef0e5edc3cce67f7232f7351d11da.safeframe.googlesyndication.com udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com udp
N/A 127.0.0.1:888 tcp
NL 142.250.27.132:443 pagead-googlehosted.l.google.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 155.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
NL 142.250.102.138:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 bids.proper.io udp
NL 142.250.102.113:443 encrypted-tbn1.gstatic.com udp
NL 142.250.102.100:443 encrypted-tbn1.gstatic.com udp
US 52.13.92.203:443 bids.proper.io tcp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 bids.proper.io udp
US 8.8.8.8:53 bids.proper.io udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 prod.classify-client.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
US 8.8.8.8:53 216.72.190.35.in-addr.arpa udp
US 35.190.72.216:443 prod.classify-client.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp
N/A 127.0.0.1:888 tcp

Files

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\pending_pings\31d68aa3-7ad3-4c19-9fbc-a1bbce681ee4

MD5 14727e3c4d88c1dbbef5a26508d97b62
SHA1 ed85ab1e1a4f32ba3f001bdc05bd1aa5fe9553f9
SHA256 1a1f8091d7cdd456ea72ea2a4ad6699b832d531a902cf1cdf8d9b042a7c60a7f
SHA512 9a2ede2fe2e97e52b30f9f400e1e6e5c7286780245a960694f874ab401d7e9637a6f96812d170674c94cb18d098748416ef6b76fd6387465fa2c3dbce6c62a5e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\pending_pings\87b997f5-eaf0-4aac-a933-4e60e4c788cd

MD5 10d6518a75f8705d509a0c82a595bdfc
SHA1 b29500d527ccc7a4ee75eea1df15af513002dd65
SHA256 486c813738cc2ced9aa34dc687d34baeff10f078fc3f0216b9694fed127591e5
SHA512 aa3d257d54e0acbc8a0fde4a28a468bf5810ee197f997603e8167515083e537433e85d4b2fb791d528bbd4fc0a58aa8ccb56f3ebdb4beafc028e6aa5078c09ee

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\datareporting\glean\db\data.safe.bin

MD5 c6dcb6cee1f7b937c26e6ca950645547
SHA1 eb3f329c48771d4de3fb700b5822ac566af481de
SHA256 f174f548272bf2383ec8d9c3a05e64b0df748f0784702a601b910990a1a411cd
SHA512 5548312d1d847e4a8de9da5dc0a3fc671b89fe6652a1193c996ddfbe8e8d2613050b33d4532517e19f16f9131448e602819925471b39c5e81f8f39bc7f776618

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 731c0e733fe1e3123d366af7c8e578ae
SHA1 9756304ea773dd9cd96e5996dc79de2ed6a9ae9c
SHA256 8f426b4be5e3440fa14d37480f018b7dc3d1a547b0e91c2fbfc6e31d9054a359
SHA512 d29e0f2356a3226f64692b390c122d4d70f09f677d9f5d086f2babaeba6574d670171edb24ff52f928871ec489680f57910e21fac1ca8ec08783a07d21b1f427

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\31871

MD5 a456eedd58b8456f4e3960f903556765
SHA1 b608e031b96d24986cbc2a77065ba7902e5d7a87
SHA256 44427a8a4a4b7df28ad7be18815489fe7ac2e33fc03a4a0095aeb2347d65c003
SHA512 47fbb89a1e1f4e903415cb9798eb960de0c8116cdb9537722089206ce08ec3b6e7368f613536270ffb228dbaeff90967911a97c1193735043d8c45d35922a916

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\default\https+++gamejolt.com\idb\2926346687feisraebbaatsaed--hte.sqlite

MD5 085a09954ca7b28d2016ab8ab33c1533
SHA1 6c3c8ce91526e7ad09b26393d57df4258a5b00f7
SHA256 3a0093df12035be90258744d3283538f621a4beca2e59ce24cefc1729cf454f0
SHA512 dbec3a0bfe6f8d5f04bf9e4387b437fb51c7f2a2ca23502ee28fc55ba438c87a19359563df1a399c2dc178aab1e36852d3c31e0ee3920e05ec057ec7c92d5534

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

MD5 11b73194d104f760569a8597fd1860e1
SHA1 280f8761d001d75c71ac0b692d782c2551bcf3fd
SHA256 8996879d5700815bcd42561a780efdd37cff1b1d5102fa09f063f55d09857540
SHA512 a4576b607b88a4c8a219e8c02e5ba0a96baf02d19929df59209bb8974a3c607e9b007f80a95a4e3ecc0d06c9957a1d2de70c25816c0746e5dc101b6bf9151c1c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 610b003ae4158e2ce60ef8ac90853953
SHA1 ab0d2145ec6ef67424667ebbb0d11db07f2f2712
SHA256 4f6f3b503d6edeb879e6fb06818ae0150ece90c28cfc3505362f9f8effa48947
SHA512 5557ee891d7547432c4292d92c5f4abe9eb03d5d11a7c139303ac3916b73ec5bd9e1472aada34d30ef5997db6e66f702c35999d98f315d4e6553c3d5930a50c7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 d944c73694045766e0148b2986613965
SHA1 d68600700a0e0a36f135a68b0a8aa427b9682b28
SHA256 15ad24060ca4c14739847cfc23a65077271e77881a2246b1009f2676463bd79a
SHA512 b92c823ad10fd6ed48e801a48e5cb281eae85162b5a91746572bd54104726c1599bc2b3e5b6edc9db307fa9f81937caf121fac417308deac45d08515030f759d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\2260

MD5 bc7583beef5654ad733af66b3a209d8f
SHA1 63769abc2adca049ba79620ccead49a448538dd0
SHA256 f6518e6c6442e7c09103a6f2ff2e93da9ea363ee554946b49b77643ca0c3e88a
SHA512 9af459d8d87c66336a8e1cf51047406b6c49698465c0dbc9eddd2101a46bacafb7438470285b05df0a554098e2390c9044ec7d78e74aa6af874c471617eb3587

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

MD5 220e18392d20f5a0a34b69079d05e3ce
SHA1 0af648b0a3ed4d931bd9d595fe22d3f1f2dd902d
SHA256 7b3fcd48b5682a48718b4dce8453e5cf6d51b11336861ddd5a6a0f10e62d1526
SHA512 8fc3cf9cb72a6f204f35563f19dcbe3973ece7e76d7c43cac69462d1aa95971bc7e350a2839183a3210288ced6d06b3de31623d9a3d7d3778ab4f8e135412ae6

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\5529

MD5 885ae8b3567a8157bb14d44ecc172d5a
SHA1 ab73c62b78c8c973b77996af4974b2ba2c3477ae
SHA256 5a0d5b2e9d455e414a913a49299403dad7d671648f75bcc2b73cee5bce06b295
SHA512 6e29228b32670dd36cc776fdcd524b61d87e0f5a87f1b2a38159cb4684397c28b4f62890573d855d02ab45e284d08f4cdf5f1a4a1ed33b95eecb444d0fb04e3f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\18931

MD5 f45ecb433fe5140363f8a28c06bd94a4
SHA1 976d76e60a878d8c70caf96696bfe63c4e5744a5
SHA256 7c769c5dff98375930f47c703838e0075c9ea1a246940080793b09a4eb0b3ec6
SHA512 ad41324da46625e4a01da7f10aa314f1454f4436091fd636843f6355e3c6bfafa291faa2e4b944e40ee40669b939cba690401853fdf628419e65c7201188983e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 ed003e68cb92fbca5e727899d9f7f446
SHA1 d686786ec6566e169c4911d249c076fcb1b80140
SHA256 3b4d434ba26cbb9872223e4a8507293d5d9356923ec1dde5d6c038bc6ddb8c66
SHA512 4acae14cdafa003a1ca8195c75f5a54523d7e93bb78ee9e2f9d62c5c879eef56f9ce5f2bb8f13db04057919de79c30b0233e4af6b9c833e77cd61a40c1e08619

C:\Users\Admin\Downloads\compiter-exe.UID6sCcv.exe.part

MD5 e9c8848028c188e9e602e7d9002f22e6
SHA1 3e53639113beaac7e08722188d98adff133d44c1
SHA256 4f05111a04f812c91a6481dfe208c5b70b3de14fdb5169de6898bfd7299c32ac
SHA512 603e2e84025fbff3373faffae56138bddd50dcc341c2689349f23ddcbe2a0da6f95492d261c5af0500f31d9134535c41ac7492362d4f35be87e71c2f3e767bb0

C:\Users\Admin\Downloads\compiter-exe.exe

MD5 e8ddbbe06fb29005464ea482d68590fd
SHA1 077e2fa722313f15ae901925d6b1b37e0049998f
SHA256 938ae1280c5907fc20b9b04d2028615b7dfdccafbb9cc9a4cc3a319bd19a0bca
SHA512 cc0f12cf1600898cadd8479a3aae41bb9b10e036181bbf39460fad6cc0a21dd1b2620208fb205d675d14ef8a8cc7cea564dcaca57f4764db44e89e045459c5df

memory/6640-1114-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

MD5 5d962ad3ba35ad85bc1ae2f08930e6a3
SHA1 947e5ac36ed926f4b8894d6c4f0216d24c472e1d
SHA256 37788b46110fd9368d042eb2df3b32ae2463fabde576ed182a22d7e9258e014d
SHA512 f98fe648666dc33736225cb2d06a98109124384a03655d30ecf23b8082c2e5b38107c82ab163061a9e2cf81e878ad0d98deb35b969beb1d51301f54630e27cd8

C:\Users\Admin\Documents\MSDCSC\msdcsc.exe:Zone.Identifier

MD5 206a1c650edea2de7edf8049be278519
SHA1 1528de24600ca66bb51bdbf71a6acf90f8d3ef72
SHA256 90cf66e0982fb8dda3b9acc5c74f7633312aa100e69d8a153b61359b043246fa
SHA512 c3b24bf9ff87cb55b02dd11eada35393b2c439c8f82693946a90eef3976e70afcb920cb7c14de11437724ce44ade9d1ed6e55c818af89b48c9f5d3b19190845d

memory/432-1193-0x0000000002910000-0x0000000002911000-memory.dmp

memory/6640-1194-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\F99ABE0BC8DDB023B60DC1797DE2F080BEB11A59

MD5 c5a485c12f84b38d08a23a8f3f540dbb
SHA1 039855c9fdb8568dfe344a738e568a16cd1cbe8c
SHA256 40df58dff38f4bff554cc92a63c7af96850fbe7c44bc92e8d96c9029ca124dd7
SHA512 e362acb906102f2ddddc77b2a3a1a4def0dbfe5b15a73b17cdb6587c66beb9c11b72b2f3178813107a201f88881383718bb6f89e1fe398e20ffb5ff2b04c4e22

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 de05e0e8dd137a1ac2a44f5fd28cd95b
SHA1 4e9fb53754f9c19c9fd53d3c782f7a256d619770
SHA256 45cd3167c12fc532cfcb9a5104654d2fb14efb142c19b9ba8cec48aafb9856d2
SHA512 02b84dd8582bbbb748f60b2054601f06df9c18c02747bb1473601a1667ebb59c7147c33e9cd2a52fff65d677e519e660dc9021c816aeb14f43c32475f01871a1

memory/6180-1232-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1260-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1268-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 639e2a43f1be34abea4ecec78138feb7
SHA1 0f071c64f0cc4f9ccc8bf59432cad46bcdce1d6a
SHA256 ff9818f5773d81ce0c11081dd7847992c329d2ebf708cc029249266b21308978
SHA512 44c8217a0959c152c4f78c976c59dca6e2f05846bc7d784079d8f9b33975018853174d2102cb1dcb85cecd4d1fa96dc32ab4069fc45a69f3a23c04cac5b9f0af

memory/6180-1288-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8f0ad9c7d89a924a9e055a52daa79e39
SHA1 03ac039ad0e8468a1a1f0eaee93a8f75ae912b31
SHA256 8908e9cdf327d4cdfac1f1dd5f342a6d19f47f4ccccb4a947ac161137f684bee
SHA512 ea98e33a830603340cc840f626894549367c38a1d55f0b75b490a235335172362b0926cc4d13f0fcbb9ef66b4cd6e6807a9c4cda34718b9fa25fa23b600d4092

memory/6180-1297-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1299-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 a631b40a8c92be4500fa0e4371c08fc2
SHA1 c080409ebe5a9928aaa6b9b2e373c38b6f81a8cd
SHA256 5ef3ce14bdc45adf252911adbc11fa296d7cce6e7ec98453a0fbe8e237c4a86f
SHA512 891acedd765e8efb15ae26f43bbd02d0f13d0435dc5d4007dd37471014850de7f28010fce395fd70b044bc7d55f7b1894b811e85da96b71cdbf2c0c5f03646d0

memory/6180-1309-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1310-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\jumpListCache\bdS8LNp2kI5xeMY4yFb8Kg==.ico

MD5 dbf33c11fb236301c1e4f5504d838ab0
SHA1 3fa9186c776b2dfaf9684a50ae0dc97844e9e6a8
SHA256 eb75229a7f4bf75f34ce782151850e309cc4e71113bc09925c2dc1d1ba4e7d01
SHA512 ad1d6fec2c9b29007b3e4011d75c38997bd7d326ad091b3199ee95241a9d58159e82b9d36a45ea61faed9731d22b4ad5b2310e3b44cd8e0d66394795324d49c9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\1319ABC368F857B1ABA47AFDE8EF69EB1F9057C0

MD5 d00a5ff82e59e792d8a7fbebd6afbf16
SHA1 c9f496bb6875dca7436c8d3749a6c77c41774f27
SHA256 ec216b7354e921924a6294bbec0e11a655a2b5cfce7b29a7bfbb133ee2b406ba
SHA512 2c41d0ae17402bdee528c737ee61bb69306264348d90988567d3ed3eb5638de3fbe392dbb9a5010961a873f29b17c8a399fc17a2e693e16736f20a5e4ad1d11f

memory/6180-1332-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\26334

MD5 9077115cad6318b6d59738d954984f89
SHA1 7bffec8f557c8e5a84e49b6ed17b6c983596adb3
SHA256 72a5aade597272409cca3443650de83b52f36abf58eaadc44ad34bafb30498f1
SHA512 ccf382c881572605659367def714a38b77ea829b159fcd550d247b4435f78e6ce72c1302eea7fca5d4fe7bc70efa07b39343ff487d74c40f19366b26a71ec32a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\32192

MD5 c13c08ca8ae43500539003f7612a96ab
SHA1 a1ba3c5b3d0d2d3eaefb05740c9d431297a5ff21
SHA256 485171854724661fa706301ad1479b5704c2e75da7b05e68014879a14c74ef7f
SHA512 ed8656e42222a14813e158badf5f07e60d92c02682016c7cc092f61e4cfd7163931d91e8f9c7ceb3325332d1093b4901a520e4cb53cfea49565c1e4f42c16a93

memory/6180-1374-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1379-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4ff7696209e06752ead595d1ed17212c
SHA1 a5f3c6199e94e52c425a1e67be9edb2fede31d7f
SHA256 b3d2691a1ff5b40c2d4230c0f7d4dd414b46697fcd7cfdaff6d5066d944ea146
SHA512 fc9b88e3c7f9d2900f656fc426c593b6d507939bb78dd2571a2bf3ad42ff869a58b5deb79d102572cc24ef1070d587a00c8cc40e2020024e5280245d867b67c7

memory/6180-1397-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\26685

MD5 2dac8a6321d66a0dfaeecdb6b0eb7523
SHA1 3b2e9c7e3fd7702791d5664cec7ce51b4425ed8c
SHA256 d9eb27e45c3553c1938e3d542780a927334f2dba08539feca8bcc2fae6e9428f
SHA512 032853833ebe4c56cc26657392732ffa0e262cbf5553542301cee2d666d0716082bfe6cc155a7a2d81c65df9d4ee129a263a69493ab2b60ef70de134675b511e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\10929

MD5 df3827dee69562c6810fb359fa377ca3
SHA1 45af9e843d3b9d4572b5a6f8d3e79d581c501a3b
SHA256 edff996fa77f6870699d55a73ce70b1e068296f26cbed9c3999bae1fb9ed1153
SHA512 0b252b82830a9acafcfefe618461e639238be881b94715955dd7554c9e0a3db360b6178b0a09f85ae152828bf8e13dc883587909f2c500e46290f6ef0de1e0d9

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\25574

MD5 9d9af0103f4c0f1b5535b1477da00988
SHA1 8e561773d88c95114b8ccb5a657535e18684b2fd
SHA256 0b7d284215aa9667e8e32fb8c91a7824da6377919d15ad8db7a502553d7c8157
SHA512 18a829d13fdf338be0c8c0bd982ab281d12410dbd227826b7b3e6402a867f2bfbc76f6d3dc797388a7f5c01a70de953a86148443fa81284af9d895615977e12b

memory/6180-1433-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\26990

MD5 ea7e29b1c5672cefb9469f2bd6a364c7
SHA1 c5df4ae4a5a7d7ee1171df07723e5e2c328db898
SHA256 045de930603fd760eae4686cbdb6d54c25e950ae36fd3980c2de17e1ad0d43cf
SHA512 16edc8add4c94455a627867760c33c814c4d4490c470a02ea54233053691add3b20bbf2d0a1e570ef2ea2834c595db61b50089f3bffd7f80a64f6ff29afe4889

memory/6180-1474-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\EDA34B5270C592C18984B2A3EF601B71AC2CCCED

MD5 b601d6336c66bf838d5dba7e88996979
SHA1 43f3ed5f9cfa3d16cf4d9a2399d988568d85a6e1
SHA256 d200cb4ffbbb7929e0ef5ee6bc3ed034c33f4384bfbd35bb4220601f457c1258
SHA512 dfd15b9a5cb19e1b75f16f1e0446283a00a974e8030b859b3cf8655d613f7d9b288003002dbb9207781cc90c21a4be73e936882b3cd7794b8d28ff3dfc106bce

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\54BE58374655C3E89277B3F0A4079B76B81C3F46

MD5 406f3cd46de3a4db5d5b0b06ced2c537
SHA1 1d0d0ad8697b11753d0d2ceb320da3ee0c41b31f
SHA256 e7371a94cd6c8ed25ddb621e895d08427177c17e5a316edd00ab67174fda3427
SHA512 916e56fc6394dfd7a86f59e4fd78a25d4798b83126a9bd76ece852c9bcd42e93ec97b2daef8bd98234ed19ccf5a24b0f116e6241924f43ea25743c97dc32ee46

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\31ACEC1D58BA9248D525E953C5804F46CBD370D6

MD5 195f01394c18b4ec554691a6de9f194f
SHA1 7f2d2820fc9589ecaea93f864bbae1a4004316ad
SHA256 3a7e52aa18e9cc02d7eac41b32a28584d94123e2bcbdbd8f1f7794250997e698
SHA512 aca1df1a1c64ce064003c3ab772b67cda4658af83d0c3172ebbc9b3b2ddec38853f5b5648e1dfbef4b30f9dcaab169e0753f6c6fda6834391baed2420e3791ac

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 0a311cfae206496dd942ca903d71bc2a
SHA1 039cc4910314bfc44ba1f35f110730420a44b894
SHA256 3fd4f5594a8312647dc088270fc646b11996ad4b6949a0cc488195ffaeb30d2d
SHA512 70bca351da761b6c09100a504943fb9e1d7ee7f66db397c8a87624465ecf6935bf8ac2ea412a6b76f9a51e419c59473b0f571c8cae7b80a771e4b8396e4c834f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\15845

MD5 50ba8576aec157b2d0b26aa4f038f45d
SHA1 2caa429bb0722c4fd9425d406e5b710b325681cc
SHA256 1ba84cf5118f32096a9db9763e3906afd7c0a2cbf660f602df451f534edf3bf7
SHA512 fdedf66d06839a8702aa254480f13a3c5a37962bd62eefd931aaf1708678c9f525d969652640f554e08a1130ebc6dd13cc792da59cf82486d46aa9e7c2a50702

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\B16898CE86D7BE4F60E8482A4AD97AD942B76C66

MD5 25c974b87ed3c02dbbcf9cf6ed62b1f0
SHA1 775cf55e30fbca5a80b0ffc80a6c33b0cdf79a31
SHA256 03c2bdc8cdbeba32d524ac1ed0542404844149950f1e10351c9af6852b3f4f47
SHA512 a7c1a00f4657d95f32ba8771d43b3630599dc4f8d0d5768cfff6ad8ea8b330654131edcdd1d6a5e44f56deffb0c20e99a57337046243cd3b736ac2fd26668d14

memory/6180-1575-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 447b36c88665bc5eaf18a3005ac86d79
SHA1 aff6a9032d02446cdcd2a11c48c76cd9c0050c3f
SHA256 371adf035d93250e899a79c16d7ad9cdc3fd9e5ca1404755645ee63e610739d8
SHA512 987e50e38cbb11085faf15895a962645ce131ff4799d602d3df2e26eef9589cb0b2f33d7b26938edabfe8bba594a9550f1822e5aa3bc1108df2e0f9b61da5485

memory/6180-1600-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\C941DBD419649B820658FDCD20C966BAC6540424

MD5 25cb5b7640055bd65affe903d30c4547
SHA1 ade0eff34003356f0b22b03e405770e669ef78f8
SHA256 1362d4cff006968b887e72a4a1225fbac1aade82823f27fd74bbc36e16614172
SHA512 9db94744d810148bff9f70710a57fd45ac90128c21ad9f7dff8f4445b46d14e183e26b2b6c10ab2ceb04f4586c8ac6086bf078b4766730c1c0a8193d5b36ad36

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\850

MD5 41d53805362ec50864e7ae5810567fc0
SHA1 11d681f80929e94fa44fac9b299708b1757e79c8
SHA256 2df89e7d627b41dac0ae289c749c86c2b9ade1b33dc72657a935d26038820f90
SHA512 b9f1895761fd871233ca34e5f609ddf0d7bbc7839564269e3ca8801c74f0ebf332c922bcfedda498be98252bec2bbf0bbc2fc9e5916d38c24c912929e20e596d

memory/6180-1681-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UB11CH4G55MFGPDF5OM3.temp

MD5 0559be79c535fbf3c3ae99502da79cf5
SHA1 b20bcc4035d5346f08e9fd77f10f66e8ba83217a
SHA256 94de432fcff5e56a215eb88346b5f5f7d7dbe96a56d183a01569f73bcc19efca
SHA512 69fea1876b08ac612f9a17c67dd12218df31d0e00bde3f4ecfa7e8e2ff3957f6077ddfc133859e408b6e389da0df75ef7dbaf25885848797ae1e9a02a34b7c50

memory/6180-1726-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 fc255daeaeca834fc136e9f69ddd4bbd
SHA1 b8b93c9e73a75c926e9c16ec0ecdbaaefd1ca311
SHA256 c056803d0c660438d920a05a3c68c0edc4ab06a199de740828669ea1c3dbfa2a
SHA512 b5bad35998f4ac6d33669ff1a98bc703ae66dc0fa5bc30d3e8f9480db54eb1e7e9654412f3cc8d404deeac6645073ff4c32a5c8fdd2306a80a549900c33c4a9b

memory/6180-1754-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\2043

MD5 f6e449b179e39b9834dc73b176e11e31
SHA1 7226b85b29889991236ced34346045c414f147e5
SHA256 59ba13ee34da48a321e8512b97181d36282d73e49738d2d8d4dce93932153ff7
SHA512 cd15815a61f66b09441ff95b2796e3e37c947c27195200a19be23a33102fe9334f7d8824315b906edd5bf2691d9122107babff11489887a6058e7345238ea798

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\24229

MD5 923f8d575368cc5c7afa451448990ea2
SHA1 5e0399b2a2ae7731c8e62433f8d6bb113c8587ea
SHA256 c66063cc049b144688475f4269727b8448cf2420308089706dd00e0c3befc555
SHA512 b5b315f09cdd4c78c8b544ed6121685348964e5c02e19d153d5184708dc515fa621ed8f0840d2870bc04cdb4de37f6e13f716e9cbfe10fe43598faa9cc6b647c

memory/6180-1809-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1828-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-1830-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\22315

MD5 75a92821063d1ed75846e6e494a2ddbb
SHA1 6b48d020ca73af03fa5a360f3ae39691807f4095
SHA256 f51e2b9646f74edf8ce0d6e7843f87265c594045c90c7207fb5d943d0523d764
SHA512 cd6fb53fa504f29c0c8e5a49dcd6f97e6e40bc90652e4f05f3bd0406ac8d8eeabe83b56085def9a9967402b981370f762547dc25fb3642f9bea41b91cf68fda3

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\1263

MD5 b48ce1b958c3db4611074cb41908fae6
SHA1 34a97cf3ab3fefa11d9967749f348cead48dce1c
SHA256 dca37fcbd4f48e15f8e6222b6358e0d6b98d5d599dfeea4a9fd02207d83b82c0
SHA512 f08a371fc327ed8d547b311f29acca2e9b608dba7e5b563775e3ea1f1a96248cb90a501158ea3fb2ffa4dcab8e77799cfacf0b75941cc5fef585f58130b87b1a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\395AED75AF0D9007FEB643CE13F7434987818A89

MD5 d29a924527929d62e953810095e0ab24
SHA1 073ad232d22f0729ab42b76f5c67a9f072d99b06
SHA256 ff248a398ece987fbf6e62bd9443bd377b5c6243fb2ba19fb23c410e86b82ec7
SHA512 a7375128d05059a4096b2b4ac378ea9bcbee02f8ab340543e49180c48bcbea8a4a98fa8fd3c01035ade00e2b22468b3ab2309b84ff8471cfe48962b70f9d2c06

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\E0421EDE2603EB97999D970719E1C23168CE2D8F

MD5 9885553ace1309ef3cf11b8eca445b17
SHA1 7fc983709fd61e603dc4ac1a43350266cbcc47c1
SHA256 1e52dcfc1923cd34406efe09264f3a7472eda35d44df3a97e52574605a00d58a
SHA512 ae069a9b64f6993385d96c8b09ea6cc61595bdbd937ac7ce78453cd4acb457886a647d4c7aa863ad091866f210af88d9431fe99aa7785ad3f376d7936b9f68ec

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\31899

MD5 04905b3fa805625da831cae94afd56bb
SHA1 8f71cf53533d587b6861c2e7137fa262d8ad89a6
SHA256 271dac918ae18144943af75589e14527a6dd5635a62fdfdddb700bfe1e4571dc
SHA512 b5117e0d727f0663834cf3988f6df19c467dba4067329fdb6e6bba7cfd43ac28d7f2743b4360c148dda0ecfc3b156ce6737c783f092f3ef7c47489a63be841b1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\13442

MD5 287617f4447d6fd693c8cd0bcced21c6
SHA1 3ab8dedce13a300c1f879d7962cae49a4eb86d1a
SHA256 a4adecc96c4069a0b094900176441ec53f7f23a67ec9710e973386acc56106d1
SHA512 55453e4a7463eb216bb571b4b6e6d367037c93b4981aa1dae4dd70e0d96b41772e3f6c4077af800619e93741e1db0cd7cc5d09eaa18cde589abd1226917d3cd2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 d21e537884089a660950308bd90acde3
SHA1 25ecd45c5ec105b8079d6ace9b7027184419e238
SHA256 b497c3546087a681bbb2766029f1c18ec89040229147eb2f58883c6419a298dc
SHA512 82c0a4fd33dc17de5308127e0293cc6e69c2d139e14ed1bb90655d08ec6e5eeac3e212f13874980281757ae7b71482991a84a31115704d415b0243ccf76a99f3

memory/6180-1912-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3d5850de86641de2d9f2cbe803b2c0e9
SHA1 3ca4c66e426dd941af9bacd2f8f623746e1b9fb0
SHA256 ae400a57d231310785418272cc0259232284f864336147038b908c3a9339e9a8
SHA512 40a4856cfc7174cb67f48e5dc77968c8fe4fb0594609c310d694ddd834f24b0fb57556c29ec6402a387821d4d25c0b3976cccaaee3d45229f6db9db8e74d15a3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\prefs-1.js

MD5 739ba1f9b13f0147d4ea444885909a86
SHA1 c74afa45a8dd37c00d3694c964784a2580f74de5
SHA256 631445a0d12d2ace8f2cf3ec25e7f8ac8b91c51a0e8f1c3825be92316472ddcb
SHA512 0b241c8566fc5b831b063f5c0a553a5a7a8181643439a3fdfffc25cd84855c8ffbe3f41a777926ae0b01fad9f3639c6c063e5b924f75d5f61fa3f175eabc286a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\2622F90B7DFE361347C3245327DE5D3141BC670F

MD5 34a2f3d77e7c2bc40df3c6616237cf89
SHA1 7d17cd3d22ab05f8082ccff9e96cfe2e8a8b7d7b
SHA256 ae1a3957808fdcb87bec11d5e2a35f1e954442721500c5390619d8740f9ab0a3
SHA512 2fe9b203fc05da37e7d1f587e0f22ebc56dfd2cdd38a699b0949fc6de0304bfa3cb7a8e7cf24fae4edb9a4bf9b3c522b36dd95965ec1658ca3159e8c7c43ad7b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\xulstore.json

MD5 1995825c748914809df775643764920f
SHA1 55c55d77bb712d2d831996344f0a1b3e0b7ff98a
SHA256 87835b1bd7d0934f997ef51c977349809551d47e32c3c9224899359ae0fce776
SHA512 c311970610d836550a07feb47bd0774fd728130d0660cbada2d2d68f2fcfbe84e85404d7f5b8ab0f71a6c947561dcffa95df2782a712f4dcb7230ea8ba01c34c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\68DEECF308E411870B2ED5B7FB4ED8330A1999DF

MD5 75e8f23c380269997abc333ed0118016
SHA1 9265e9f97f81705c3994dd6a146ea5c889ecc0eb
SHA256 8c3b3460390c3831aaecb549c30cc068103c3ccaa2c456a8cf180d7735ecfa86
SHA512 628357ff963c4462df352a1befb3feefb4a8715d8258544397e58c6f987c692a5c6e2c2cb38be47a08c622100c9dca35e397ed4c6ef1dadfec8ae30a187830d4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\83818C42966876DA76213DF7CD67475A9F5D172B

MD5 70daade17b8894a19d307231a635832a
SHA1 d3a9befbb7901e060dad22beee0ba3b1b11ab99d
SHA256 111984375b2f78bbd38f4fe56f864ef5bad92667b87985a91201759ec5987332
SHA512 823a5688e3ab934241de11e4dc8e61d33f195556a78a050e54339cdcab3b472527ffa23d48d719bb4b3fa9ca356d05bf93842f6be68100469cf247f0adaec72e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\513EF9647CC170C0340E85A19567EC546F93C6BA

MD5 67ba1feef6de7121f5d48ecd10621766
SHA1 7e1df952eb750a28ea7c744767fd3451a02cc922
SHA256 e5b0490d3a23cc6d15afe59906461aba21d3e65ae3de341edff7cb147cb5c184
SHA512 61dd2af04aa1920868b24fc24b4a9f0bcfc6f736bc078fba6cdb733401620f668d3944b1383a678585600e753cf733d64d1be345923a66bda5e4c97f22d8b2ce

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\targeting.snapshot.json

MD5 5886280eeb2f3f3a1fb534c84ef0306c
SHA1 2ce99db21d42d3bafe256aed24e375c0b5939ba9
SHA256 5b48ce69e8e1d479dbc3825b0e92c75d64db86fc3de7a43235a5a6b1ebf72503
SHA512 7e094715c7b9bed266576c27b69bf001598045b8c824a1d65637194a9c05dd574986c08fb2cce5efc2ebb1b22db45bca5600301e3077ddedf2f121c479e2794e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\2AB0ED3D72F6842459296C2654AB13217682D975

MD5 5a878c3541fb92fcfcb34e7ec23285af
SHA1 a3aa5bbc98dd30312728ecfb6a501437b15fc9f5
SHA256 19f5356e2639943ce29862540940c967baae00d903a74b5e5e648d9450f1c205
SHA512 e9de6ee6e740cf3c7561507e5970ba4f0873a1f2e8210c91fb653458a9edb62fd7e279ad446468e48fae05ebef487dbc497fcb35aaa42099982f5d16c46fb919

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\94C57BE607A7A420BB5B1001A50BF0F2782883EA

MD5 3366abcb59e4e8c38b4b8378e14b1449
SHA1 c276430646669f33a17d1a7e3b35d5b770a8f5c9
SHA256 d2e108f13104802656e9853794f630f61c7b1e18017ab1affd86c8d61e7334a8
SHA512 6aaf95b03ee16b4c3b3c6d1ed2a6afeaec083a45d62d765626ef40e97533d83ca0a85ec64bdbda04877d01d673a2abb340bf77b974feaf99bfe0aeff680195e7

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\F570A4D66063D54B51865667B82FC4AE65733E89

MD5 dd430305267a91f67056b512b75c2320
SHA1 60a73ca5440e6a1f1c613d29f1026e4d49f5573b
SHA256 59ed4d6ce3159055b1ddefa85b8382f2f3335a5f9c8474f0678a4e6e1a79958b
SHA512 7f8abd7461fe0de742dde9e4ddd47af84a34b404501a75971015ab334c20e28e62899f9ea54965da18d3436524a21cd12fb708cbc636c95703c118c3d863329a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionCheckpoints.json

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\F75D5F8BDD87C317868E1FF4D44D0FB45407DE06

MD5 d28b523a39f337dd409eac03a7fbdde4
SHA1 cecbebc0c65a1ed307ab9c3acf4e29bc922f99af
SHA256 3bd812bbf75d15390937ea7d1a002b2d1f4e9a1002c7d1feb4bad83516fd57e1
SHA512 12c27e4968ced19470c70669385e59b7c465b10c67b4bd69a8b29eb843136b5fa1a499dca34ba74728fe6378a0d16da9b924f3672c528887c9ee1b67d432e4a2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\E8DB77A830E35053BBC08E465672C806C90B4D0E

MD5 934388ef0527c2afebd3303129afbe09
SHA1 bb49b6422d32a384f081fd113a94bf99c86e97c1
SHA256 6a56677811b8845807bc35ae56bef1a579de7cc88b3ec5591b8417b11df43d8a
SHA512 85572ec740eb432749e86f832374e79b64048d4e0c21c83349c5e5ff2400f45fc80561a3b9ea1ae807735813ffa2e2458006770b313332fd13fd597483d79c48

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\broadcast-listeners.json

MD5 72c95709e1a3b27919e13d28bbe8e8a2
SHA1 00892decbee63d627057730bfc0c6a4f13099ee4
SHA256 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
SHA512 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\5308

MD5 cb02d3b9c72056c11a7dada8268f5302
SHA1 848d6db6be6151e85e9d068862bb4673f6092e39
SHA256 5525fcfdddc54365816ec132157b920d0be5b08f5ca58231a49956bac11af295
SHA512 1dd48ca86a5a8001ca605dffd01e4c3b46da7487ae26843d2401c76a6f6a2b22c7e0ada35791be15d06e9a214cdf8b4bdf0a0203a4622d6d2a06375c46c72470

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\89BB40F49E7E00C765F29A69EF816077B2452FE0

MD5 6f0efbdc7629e0021e5fd042d44e5c91
SHA1 8985ea91c5449d3d252ea2a8f42613db98adb990
SHA256 d19966fcff46ec103ca421ddb8a58c07caf1fd87f5eec0e0ee8530979efbd2f4
SHA512 b115a343be7002540723a32163e0deee832966cec97b0c359020ba9c22c5417761a07568f1865bcc5f606873237cf4c77b0427927b09dbf1e901e8581f20ca48

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\CD1037DDC137C9DDF5719727987F48DB950A63DF

MD5 5b4bcc257a9b224998350319390ae68d
SHA1 298ce9e229e67da1effa8ee83fd80589417d52f5
SHA256 6a87639d485273bedcb63e59057a798687af7d430f3c68fefd596ee320e1422c
SHA512 3b5cb1aa78f8d841d13d7bc6faff807636668de5587f01dc2f41c187e80ec5a16dba17103a5702b4f6c60d23b5a820cacc56c6c1ac893714a3033240c4b7627b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\19167

MD5 3c3856b0411dabb1a286e0f4ec587bb4
SHA1 db4cccdf23cfe9b04fa1df1ce346f5211bab2f76
SHA256 69c86ca28359e825b56e93b8430401f199925564019133afa732969653f9b75f
SHA512 1cfa988cbf5a7d88003b423c429a1a6fcdf402340ca17b06ed11eaf7dea21658527475a68a49e65c3c2db7646bc73e606dd686b060a0d2212c0cbd4d4fc59cf4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\78319ABD4DCA69CF7BDE6B1B9357388F5C982B7C

MD5 d7d58a6f28456775099207ac2b95e2be
SHA1 9ffd6ea27a3ec91f18f87c1197e050c8c0fcacff
SHA256 6e11933dbb181df1c39cba63161c85f344570a63fb03dee179306d6a3e6895fa
SHA512 b45071383ccb5a4ea25243ce62845febaf71877f0f603b62014fa43ced322a830d4e2e18916024ffb000602c5130bf7d27fb1fa81154a86fcc4cc82d556d1b88

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\BDAE003C615AE932078842DEEF77E604CE3CC56E

MD5 dc8a17361bdc1ccde288faf71cbba761
SHA1 8263bbc8a88127cf3a376acdf9fd13d1a2f89121
SHA256 4d749bb578b8cf0fa167fca5fdc83e83c95e976c638225f0fb8c112df53e6396
SHA512 c7c846d438918a0f355ecb33943944566be473750ab1dcd3d3ae3cf6a54b6d4a63a363209df5004562c9199e3c1cdac0983d391b5162edb2fbe641ce2c103bbd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\147D00250DCA55E5C5D0DF8DE08452FAE49E84AA

MD5 30bd538dbd4d3c6386db2707f07125c9
SHA1 ddb2a2dfdc46165b0b9a63ae13fc00cff1acc872
SHA256 c15d5ad20bd2ef7b172418a96d0396ee96b74728596686e8ff44c676766ee660
SHA512 27045a19faa86b0f28cdb02fad533b9a307dbb3e1f1c67236781cf69b983fc57cc4ada8661f3db88646a2f8a62aced6cfb03d6378bced97c9bd13c703b0bbaea

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\199EA3BAEDB0FCC68E06F3F0F8144E65E55F4426

MD5 784b730c3342b078d86743de6cc24e8e
SHA1 973e82c90f045742813422788a8ca25128fb565e
SHA256 c773814a8a5a4eda7d61701314a98d650542a812814ae2bdf862c7a90db0f34e
SHA512 ed0d982b486a51efc5878b9805d74ba78dc519d77d607fa454c495c484f18d73c4f13d898d302d4897a2eb306a8fc4ce09affa3145ccb58b6d6e7fbc82067264

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\08713436ADC02E096F9869AC5D056CEC9B8F4135

MD5 d1dea0346b548dca0646362b0e86db8d
SHA1 d8574d3fc7c969c645b308bbb8533912cb587f7b
SHA256 e9e85e91738ba5eb368cdcc8145919804babfbdcd150d5c23152c076523924ad
SHA512 f13a54b9487e65e671c95b6836df0c96da725759d2409ebdcd876e8f36c13b8548991b687d17b43d807b4784f99e74bfa7a86a875388bac695162d5b9c667c77

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\4F1CF4C62111596B9000DAE6E8983F42F8823111

MD5 38f9b21fd570460ed0220d96126fa802
SHA1 6305dd2497aaa1e5a252e4225dee0ae547085900
SHA256 5482e59bf80be97e6f8341bcb7fa706e8d8ca1a6776c1ba209cc185191ae20d7
SHA512 7d68bee5af4c59783487b061e185c5ecc317760daff8f011decc298026242a55d688a464df96b6edc81fd44889790a623b1f7c4300219973bc5822f8a26b7c79

memory/6180-3340-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9fdad87c4dbeb5efe5b36aa85955ed50
SHA1 5688b745bd408aaf77016aa8bbf175d41be22609
SHA256 e185f132e095cfcdeced6cfa141a08ed5e527a139d0fa47ce6fa2bd1be82ca87
SHA512 63865d5f3a7bfc6436068cc7e2241fc290d8be045ab8bca1c2c21a854b774ddfb41e061c1cbe30f4963ad9abf7ac6fc40734d1e62359be92219d772ff4f4e00b

memory/6180-3403-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\6849

MD5 097bb387ae9635df047af98ac81ce86e
SHA1 e4a4baa9d36e6e0ff33faef407b80fffb5a20bea
SHA256 33ee3d9d281f90bcdcbac3dcd8787c7b81ee7aa3afd65f370b8a754cc6ef57d6
SHA512 65c0e5545fab94b21256c8e34c51b04cb90bb32018f1c31031d034d081b68e677ddd41230adaabc86dcae5872062fc7d875690dfcc7607701db8318eba947868

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\19687

MD5 46ebf04d2deb613ebe9a92e0e11bb2c5
SHA1 c768a1f4f7232fe3a9aa339cc75bb8ba056ab1e0
SHA256 9a67a5f715c10ff15e7f16ca213d8f666591be1eda3878dc9ba5b127de17bd22
SHA512 2dee1097af8fa95e8f4b1eb68a7daffa619fdd56e63080b649090c2055928a5ee1f1b3567a03684e350534f1cec5aeb229ebc3f2089c7e4024b32ce165739f3b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\12819

MD5 87fbfbece403fdcac29603d552afae20
SHA1 5c36d079ccdf8f279d2d86b619cc0969ff0eaad2
SHA256 8a6f40d93113be188fcf6621b79af622091bc0c6a4238b9b6474b7a9eec8edd2
SHA512 b0c7ea8de9ae76134d30129fcde71bbaf6b8c2c70bd1827e6417d434fc81ca06d4d44f404c221deaed434d3a9a2a7c78f6ffaee59720f6183b7793e44c78f7cf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\25657

MD5 42cf1718301e7a01b7000fdc0511a818
SHA1 838fd32ff5c12a131e086f79f9ed44ac21d34e47
SHA256 183246c6e0e304815e0fc3efacc0830a43c043556d48b756b9c92288d11f6e9c
SHA512 f3bb759419adae49ed4976420e27dcdf0ed22760d198ce09c0f3a71335fea7aa880997254572ecd529aeb89742fc75b690fabbc51417785855e6f85dbeed181a

memory/6180-3438-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 256232fa0fcd2848461fcf8585b2d317
SHA1 f431c6a0b2db0edc148a2bb197bff6d6268e9854
SHA256 e9691bfef566bbfb4e83015557e0994e620cc069f5ed187ff2a40cd6f3e0390a
SHA512 653e9abae7066526e5eb3ff020647fa70de9dc1157a02485b56fe26ffd77095db381bacf13ad0da993af294c0b216259611b789cd39192ccfd0d6ddb434103be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\bookmarkbackups\bookmarks-2024-08-03_11_MaaMR8mhAQTbCgvsLumwIQ==.jsonlz4

MD5 838d93fe7f64f4f752cc6aa88379ef54
SHA1 55f0a2bd40fd96e3a319f886a58891fd9d416c0b
SHA256 1b13e0ebb1dab164edd26588e55ea99c9909f18c56c9a3478937d96719d9a54d
SHA512 8a4fddabc8792bc2fdc4868e1873f415614c3dc08bbb50272b64fbab124b4516ab0e3be04f31cfb8e02e7b653bff231053208d1638dcf0372439dcec71d33f00

memory/6180-3454-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3463-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3495-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3496-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3497-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3525-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3528-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3561-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3563-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3624-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3625-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3653-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3657-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3683-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3689-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\SiteSecurityServiceState.txt

MD5 3ef9526112089c9dbc9cee39f5c56f73
SHA1 dc6206c0027235f6ebbfaa5479b25ac7d612bb97
SHA256 7caf6ee2f45446e5ebab45e5f311979742fa017819da69a01cec8552d550fa18
SHA512 a236fc2908ea787472f3bc8644d0c74448a501347d0763cd41d79a6f5b95382f29ca99767cfa2148be32edd772f21ca730af2929a71848c82e480acbfe8f2ff3

memory/6180-3698-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3720-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3729-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3738-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3739-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3769-0x0000000000400000-0x00000000004C7000-memory.dmp

memory/6180-3770-0x0000000000400000-0x00000000004C7000-memory.dmp

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\32302

MD5 ce3fc5c1ed0b8e45f67cdc5e226c24ca
SHA1 ad3c8ecb95c7a617f41513656b50dbb2446fa764
SHA256 7f9b72e8a4cd387eb2437e84dbee80ac4b531f860f7dbf3f514d22aeba449c66
SHA512 b5d52a05ab634e83e242070836827fcbba8c4d506f66c1e92e2f003d8cad1ef42181f87c78cae16e5bf597f7b7d6384b2ff83b1efa140ca1466a55d2f8fe6628

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\entries\D0852DAA2C88AF3CEE6AA021E2767B7D4738089F

MD5 2488d9045c11aedcb2a3418db9e4d967
SHA1 02572283da2797694257f173cf41797963bfaf23
SHA256 b04e50c080ea253805e41996e5aca116193d5fcf93c0c5b388a9342c3458781e
SHA512 9d72706380641b165a24115cd3ef5d0a24eb4a65f2bf58b2ceef85526c0b959bd71d5459482c122d3eedd638676ea07e07eb8db45c820c9cb7cfe823af778143

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\je1358xf.default-release\cache2\doomed\9129

MD5 8a1f3765b9967c64943a61f0ad053149
SHA1 5ba586c9bd5b3190ee83ab1b3b68cc22653c0e3d
SHA256 6548099a678c057e6137d5498e247463c852d3fd774e30282eadb1657fd5edcc
SHA512 89202f566229ba009caa17c7e419197934c192010cf140de24bd8572a20218310f3ea83e9d15e74d40f96c6edec51ef37dca5ce9f144fe35bafe1de64df29272

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\je1358xf.default-release\sessionstore-backups\recovery.jsonlz4

MD5 f9c0a089ec2da940438f2a7e722959f2
SHA1 ce720f9de2f85c0189879feb8492441a34e648e6
SHA256 e9ac4fe10f0031709ee98f052ff5a04fbba85ad6e83945a84995f9f141138d85
SHA512 cdb9a784e52168509fa6376aa2e30d22c6c4ed6a5dfa451adfcc4389249b05ead0c5cab039c8acbc0944f86b7f384d19fd9ab458decdce22251a6bc501f258d1

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-02 13:56

Reported

2024-08-02 13:58

Platform

win10v2004-20240730-en

Max time kernel

149s

Max time network

154s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ftah2.ini

Signatures

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ftah2.ini

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 192.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 25.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 240.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp

Files

N/A