Malware Analysis Report

2025-01-23 14:01

Sample ID 240821-k8k5jsthlm
Target http://youtube.com
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file http://youtube.com was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Enumerates kernel/hardware configuration

Reads runtime system information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-21 09:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-21 09:16

Reported

2024-08-21 09:27

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

0s

Max time network

682s

Command Line

[xdg-open http://youtube.com]

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/task/1619/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1632/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1606/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A

Processes

/usr/bin/xdg-open

[xdg-open http://youtube.com]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox http://youtube.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://youtube.com]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser http://youtube.com]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://youtube.com]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox http://youtube.com]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox http://youtube.com]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.193.91:443 tcp
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.193.91:443 tcp
GB 89.187.167.7:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.38:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 launchpad.net udp
US 1.1.1.1:53 launchpad.net udp
GB 185.125.189.223:443 launchpad.net tcp
GB 185.125.189.222:443 launchpad.net tcp
US 1.1.1.1:53 keyserver.ubuntu.com udp
US 1.1.1.1:53 keyserver.ubuntu.com udp
GB 185.125.188.27:443 keyserver.ubuntu.com tcp
US 1.1.1.1:53 _http._tcp.ppa.launchpad.net udp
US 1.1.1.1:53 _https._tcp.deb.nodesource.com udp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 _http._tcp.nl.archive.ubuntu.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 deb.nodesource.com udp
US 1.1.1.1:53 ppa.launchpad.net udp
US 1.1.1.1:53 ppa.launchpad.net udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 1.1.1.1:53 nl.archive.ubuntu.com udp
US 104.22.5.26:443 deb.nodesource.com tcp
GB 185.125.190.82:80 security.ubuntu.com tcp
GB 185.125.190.80:80 ppa.launchpad.net tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
US 1.1.1.1:53 motd.ubuntu.com udp
IE 34.243.160.129:443 motd.ubuntu.com tcp
US 1.1.1.1:53 _https._tcp.esm.ubuntu.com udp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 esm.ubuntu.com udp
US 1.1.1.1:53 esm.ubuntu.com udp
US 91.189.91.46:443 esm.ubuntu.com tcp
IE 34.254.182.186:443 motd.ubuntu.com tcp
IE 54.171.230.55:443 motd.ubuntu.com tcp
IE 54.247.62.1:443 motd.ubuntu.com tcp
IE 54.217.10.153:443 motd.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.62:443 tcp
US 1.1.1.1:53 ppa.launchpad.net udp
US 1.1.1.1:53 ppa.launchpad.net udp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
GB 185.125.190.80:80 ppa.launchpad.net tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
NL 213.136.12.213:80 nl.archive.ubuntu.com tcp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 1.1.1.1:53 obsproject.com udp
US 1.1.1.1:53 obsproject.com udp
CA 142.4.216.103:443 obsproject.com tcp
US 1.1.1.1:53 ingest.twitch.tv udp
US 1.1.1.1:53 ingest.twitch.tv udp
US 192.108.239.253:443 ingest.twitch.tv tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 support.mozilla.org udp
US 1.1.1.1:53 wiki.mozilla.org udp
US 1.1.1.1:53 wiki.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozilla.org udp
US 1.1.1.1:53 www.mozorg.moz.works udp
US 1.1.1.1:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 wiki-prod-850398177.us-west-2.elb.amazonaws.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 archive.mozilla.org udp
US 1.1.1.1:53 archive.mozilla.org udp
US 34.117.35.28:443 archive.mozilla.org tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 34.117.35.28:443 archive.mozilla.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 www.debian.org udp
US 1.1.1.1:53 www.debian.org udp
GR 194.177.211.216:80 www.debian.org tcp
US 1.1.1.1:53 drive.google.com udp
US 1.1.1.1:53 drive.google.com udp
GB 172.217.169.78:80 drive.google.com tcp
GB 172.217.169.78:80 drive.google.com tcp
GB 172.217.169.78:443 drive.google.com tcp
GB 172.217.169.78:443 drive.google.com udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com tcp
GB 74.125.71.84:443 accounts.google.com udp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 1.1.1.1:53 kstatic.googleusercontent.com udp
US 1.1.1.1:53 kstatic.googleusercontent.com udp
US 1.1.1.1:53 lh3.googleusercontent.com udp
US 1.1.1.1:53 lh3.googleusercontent.com udp
US 35.241.11.240:443 kstatic.googleusercontent.com tcp
US 35.241.11.240:443 kstatic.googleusercontent.com tcp
US 35.241.11.240:443 kstatic.googleusercontent.com tcp
US 1.1.1.1:53 ajax.googleapis.com udp
US 1.1.1.1:53 ajax.googleapis.com udp
US 35.241.11.240:443 kstatic.googleusercontent.com udp
US 1.1.1.1:53 googlehosted.l.googleusercontent.com udp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
GB 142.250.200.33:443 lh3.googleusercontent.com udp
US 1.1.1.1:53 ssl.gstatic.com udp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 216.58.201.99:443 ssl.gstatic.com tcp
GB 216.58.201.99:443 ssl.gstatic.com tcp
GB 216.58.201.99:443 ssl.gstatic.com udp
US 1.1.1.1:53 accounts.youtube.com udp
US 1.1.1.1:53 accounts.youtube.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com udp
US 1.1.1.1:53 play.google.com udp
US 1.1.1.1:53 play.google.com udp
GB 216.58.212.206:443 play.google.com tcp
GB 216.58.212.206:443 play.google.com tcp
GB 216.58.212.206:443 play.google.com udp
GB 172.217.16.238:443 accounts.youtube.com tcp
GB 172.217.16.238:443 accounts.youtube.com udp
US 1.1.1.1:53 accounts.google.co.uk udp
US 1.1.1.1:53 accounts.google.co.uk udp
BE 64.233.167.94:443 accounts.google.co.uk tcp
BE 64.233.167.94:443 accounts.google.co.uk udp
US 1.1.1.1:53 apis.google.com udp
US 1.1.1.1:53 apis.google.com udp
US 1.1.1.1:53 lh3.google.com udp
US 1.1.1.1:53 lh3.google.com udp
GB 172.217.169.14:443 apis.google.com tcp
GB 216.58.204.78:443 lh3.google.com tcp
GB 172.217.169.14:443 apis.google.com tcp
GB 216.58.204.78:443 lh3.google.com udp
GB 172.217.169.14:443 apis.google.com udp
US 1.1.1.1:53 clients6.google.com udp
US 1.1.1.1:53 clients6.google.com udp
GB 142.250.187.206:443 clients6.google.com tcp
GB 142.250.187.206:443 clients6.google.com tcp
GB 142.250.187.206:443 clients6.google.com udp
US 1.1.1.1:53 ogads-pa.clients6.google.com udp
US 1.1.1.1:53 ogads-pa.clients6.google.com udp
US 1.1.1.1:53 waa-pa.clients6.google.com udp
US 1.1.1.1:53 waa-pa.clients6.google.com udp
GB 216.58.201.106:443 ogads-pa.clients6.google.com tcp
GB 216.58.201.106:443 ogads-pa.clients6.google.com tcp
GB 216.58.201.106:443 ogads-pa.clients6.google.com udp
GB 172.217.16.234:443 waa-pa.clients6.google.com tcp
GB 172.217.16.234:443 waa-pa.clients6.google.com tcp
GB 172.217.16.234:443 waa-pa.clients6.google.com udp
US 1.1.1.1:53 addons-pa.clients6.google.com udp
US 1.1.1.1:53 addons-pa.clients6.google.com udp
GB 216.58.201.106:443 addons-pa.clients6.google.com tcp
GB 216.58.201.106:443 addons-pa.clients6.google.com tcp
GB 216.58.201.106:443 addons-pa.clients6.google.com udp
US 1.1.1.1:53 drivefrontend-pa.clients6.google.com udp
US 1.1.1.1:53 drivefrontend-pa.clients6.google.com udp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com tcp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com tcp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com udp
US 1.1.1.1:53 people-pa.clients6.google.com udp
US 1.1.1.1:53 people-pa.clients6.google.com udp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com udp
US 1.1.1.1:53 ogs.google.com udp
US 1.1.1.1:53 ogs.google.com udp
GB 172.217.16.234:443 waa-pa.clients6.google.com udp
US 1.1.1.1:53 g0.gstatic.com udp
US 1.1.1.1:53 g0.gstatic.com udp
US 1.1.1.1:53 contacts.google.com udp
US 1.1.1.1:53 contacts.google.com udp
GB 142.250.178.14:443 contacts.google.com tcp
GB 142.250.178.14:443 contacts.google.com udp
US 1.1.1.1:53 signaler-pa.clients6.google.com udp
US 1.1.1.1:53 signaler-pa.clients6.google.com udp
GB 216.58.213.10:443 signaler-pa.clients6.google.com tcp
GB 216.58.213.10:443 signaler-pa.clients6.google.com tcp
GB 216.58.213.10:443 signaler-pa.clients6.google.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
GB 216.58.213.10:443 signaler-pa.clients6.google.com udp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com udp
GB 142.250.179.234:443 drivefrontend-pa.clients6.google.com udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 docs.google.com udp
US 1.1.1.1:53 docs.google.com udp
GB 172.217.169.14:443 docs.google.com tcp
GB 172.217.169.14:443 docs.google.com tcp
GB 172.217.169.14:443 docs.google.com tcp
GB 172.217.169.14:443 docs.google.com tcp
GB 172.217.169.14:443 docs.google.com udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com udp
GB 216.58.212.206:443 play.google.com udp
US 1.1.1.1:53 play.google.com udp
US 1.1.1.1:53 ssl.gstatic.com udp
US 1.1.1.1:53 ssl.gstatic.com udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp

Files

N/A