Analysis Overview
SHA256
88d09d628527a8f6e0f2ddd4b463eda15b8caeafc6f750ac14f4f9b6ea80aea6
Threat Level: Known bad
The file Robax.exe was found to be: Known bad.
Malicious Activity Summary
Detect Xworm Payload
Xworm family
Xworm
Downloads MZ/PE file
Executes dropped EXE
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Unsigned PE
Suspicious behavior: GetForegroundWindowSpam
Modifies registry class
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 15:44
Signatures
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Xworm family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 15:44
Reported
2024-08-25 16:00
Platform
win10-20240404-en
Max time kernel
925s
Max time network
900s
Command Line
Signatures
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Xworm
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Robax.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Robax.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Robax.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\XClient.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Robax.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\XClient.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Robax.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\XClient.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Robax.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\XClient.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\Robax.exe
"C:\Users\Admin\AppData\Local\Temp\Robax.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.0.1705539134\726345166" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1126b0cd-e681-47f7-b97d-8f9ff9161a47} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 1792 1fda7ded158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.1.2054799332\1534645805" -parentBuildID 20221007134813 -prefsHandle 2136 -prefMapHandle 2132 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {37f54cde-45e9-4aea-aac0-7c1de67bcb2d} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 2148 1fd9ce71958 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.2.1360854697\599334198" -childID 1 -isForBrowser -prefsHandle 2868 -prefMapHandle 2864 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3e2249d-ade2-424c-b1d0-5709d8818c8e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 2840 1fdac0b1a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.3.349619304\538219333" -childID 2 -isForBrowser -prefsHandle 3500 -prefMapHandle 3496 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e3bed17-08aa-475a-a813-67c72433381b} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 3508 1fdaa6dd858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.4.111014642\1233169614" -childID 3 -isForBrowser -prefsHandle 4128 -prefMapHandle 4140 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56de873a-22bd-4caf-a14e-c3c5032edb4c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4292 1fdae0f3658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.5.1301111361\1030882109" -childID 4 -isForBrowser -prefsHandle 4764 -prefMapHandle 4756 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9010521e-14a6-4a03-a29d-339c61d1f6c9} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4776 1fdae3fb058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.6.564754405\78771545" -childID 5 -isForBrowser -prefsHandle 4920 -prefMapHandle 4924 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {da5777d0-e3e3-4672-8fa6-a103c5ae1d21} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4912 1fdae67e358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.7.2020203478\1063387286" -childID 6 -isForBrowser -prefsHandle 5100 -prefMapHandle 5104 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {70c1ed15-131b-44fc-af71-2892fdc9dd59} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4776 1fdae67f258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.8.803342278\909860358" -childID 7 -isForBrowser -prefsHandle 5624 -prefMapHandle 5644 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {668677d9-b379-420b-b410-096638d6f418} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 5604 1fdaf832058 tab
C:\Users\Admin\Downloads\Robax.exe
"C:\Users\Admin\Downloads\Robax.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.9.843073932\1943615127" -childID 8 -isForBrowser -prefsHandle 10352 -prefMapHandle 4776 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a03f77db-c64d-4342-a2ca-d36b18a39e6d} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 1624 1fdb0f1c958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.10.1880691498\1318305223" -childID 9 -isForBrowser -prefsHandle 5260 -prefMapHandle 5216 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f635b29-5496-49a1-9027-ec52faec0c02} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 5240 1fdb10ae058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.11.1249109736\1511535389" -childID 10 -isForBrowser -prefsHandle 10196 -prefMapHandle 10096 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88f61c1a-eb3e-4f64-bf16-e42660504654} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10092 1fdb0dd6658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.12.2091266705\860685095" -childID 11 -isForBrowser -prefsHandle 10176 -prefMapHandle 9972 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f95bf50e-acba-4229-bb07-bb76412bf832} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10196 1fdb14e4d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.13.1205404519\220356316" -childID 12 -isForBrowser -prefsHandle 10176 -prefMapHandle 9972 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1e5d8ab-c90b-40c9-80b6-0484fce4320c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9692 1fdb1a61558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.14.923148167\158915508" -childID 13 -isForBrowser -prefsHandle 9444 -prefMapHandle 9440 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d0f2efa-5586-4fcc-8c23-bc8454334150} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9452 1fdb1a61858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.15.1900927754\931979952" -childID 14 -isForBrowser -prefsHandle 9272 -prefMapHandle 9268 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5aadd7fb-04dc-42b5-bfb8-e8e475098563} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9288 1fdb1a62758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.16.657074522\150314662" -childID 15 -isForBrowser -prefsHandle 9056 -prefMapHandle 9312 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d17e12f4-de72-4f27-87d5-4765363805b8} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9080 1fdb156ce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.17.1581636520\536784319" -childID 16 -isForBrowser -prefsHandle 8888 -prefMapHandle 8884 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {070f7a6f-8839-4259-87c5-1dced6f1a075} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9180 1fdb1e9ce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.18.971722541\1176920805" -childID 17 -isForBrowser -prefsHandle 9380 -prefMapHandle 8652 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {15125d0d-c083-4106-bb39-a5711f8b3ac5} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9212 1fdb1f9ee58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.19.594435224\1757971684" -childID 18 -isForBrowser -prefsHandle 9236 -prefMapHandle 9224 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5931dd5e-1431-4ba4-8cf7-0fe2e1c4b45a} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9280 1fdb1f9e558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.20.1953124406\324060577" -childID 19 -isForBrowser -prefsHandle 8396 -prefMapHandle 8400 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a801b2d6-8e25-4a9d-a089-beb5777f094f} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8388 1fdb1daf558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.21.326478607\1425842302" -childID 20 -isForBrowser -prefsHandle 8008 -prefMapHandle 8012 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {99e48513-8fce-4892-ab23-2dcf36fad015} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8072 1fdb2ea5e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.22.2057608284\1826135080" -childID 21 -isForBrowser -prefsHandle 7996 -prefMapHandle 8000 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {79284d44-2163-4960-9d56-e294dc3bc10e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8084 1fdb2ea3a58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.23.223834911\2042127381" -childID 22 -isForBrowser -prefsHandle 7788 -prefMapHandle 7792 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d166a93-96d2-4d13-a9d7-e1e228637d0c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7780 1fdb2ac2558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.24.236601621\1744564123" -childID 23 -isForBrowser -prefsHandle 7896 -prefMapHandle 7884 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8758f96f-624d-4113-b431-adff23d47ac6} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7908 1fdb338b758 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.25.997543392\958609477" -childID 24 -isForBrowser -prefsHandle 7380 -prefMapHandle 7384 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {baf1f61d-0735-4603-837c-e795af0e5794} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7372 1fdb3769658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.26.611345004\867310695" -childID 25 -isForBrowser -prefsHandle 7232 -prefMapHandle 7352 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {42754928-f65d-46c9-af40-9e49ee521216} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7492 1fdb3768458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.27.1270960890\717090508" -childID 26 -isForBrowser -prefsHandle 7492 -prefMapHandle 7248 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0fefeed0-b795-4978-b50a-213a9194b0c0} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6816 1fdb4838d58 tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.28.655777060\1405761198" -childID 27 -isForBrowser -prefsHandle 10496 -prefMapHandle 10492 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43292931-c6ac-47ac-b4d2-fe433c376ed6} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10504 1fdb31fd858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.29.1675250642\383177807" -childID 28 -isForBrowser -prefsHandle 10524 -prefMapHandle 10528 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff9fe977-5bb6-4b28-bb4d-6f75b9d1131c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6664 1fdb46de258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.30.877116441\1530323200" -childID 29 -isForBrowser -prefsHandle 5652 -prefMapHandle 6996 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88be9b99-0cf9-4394-b58f-5a5e602812ac} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10700 1fdb4b4d958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.31.1524535302\728929334" -childID 30 -isForBrowser -prefsHandle 10724 -prefMapHandle 10728 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a51ee0b-99a1-4f84-9ebd-29ee4c183a8e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6480 1fdb4b4ca58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.32.959413254\2039683247" -childID 31 -isForBrowser -prefsHandle 10712 -prefMapHandle 10716 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e12f22a-2b7a-4d95-af20-d18b37daf021} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7352 1fdb4b4d058 tab
C:\Users\Admin\Downloads\Robax.exe
"C:\Users\Admin\Downloads\Robax.exe"
C:\Users\Admin\Downloads\Robax.exe
"C:\Users\Admin\Downloads\Robax.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.0.1326539269\1051034276" -parentBuildID 20221007134813 -prefsHandle 1596 -prefMapHandle 1588 -prefsLen 21136 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f8664b8-eeec-4b0f-ad57-8c58a68c379b} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 1688 1eedfafb358 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.1.348719560\146026041" -parentBuildID 20221007134813 -prefsHandle 1992 -prefMapHandle 1988 -prefsLen 21181 -prefMapSize 233583 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f39fc4e4-d4a3-4539-8a6f-8bc684cb3cb1} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 2004 1eedf736158 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.2.367979329\137439284" -childID 1 -isForBrowser -prefsHandle 2684 -prefMapHandle 2588 -prefsLen 21642 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc87f73d-c0fc-4998-b89f-d5b22bb741fc} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 2892 1eee23ab858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.3.1769745482\310168723" -childID 2 -isForBrowser -prefsHandle 3264 -prefMapHandle 3260 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dbb855d0-66e0-4c02-8e2a-854e65e5f9aa} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 3116 1eed4b62858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.4.323211311\1452050492" -childID 3 -isForBrowser -prefsHandle 3672 -prefMapHandle 3668 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {832de8df-0fc0-4365-a3d5-4cbbf067ab7f} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 3692 1eee4d53b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.5.282959071\1148423311" -childID 4 -isForBrowser -prefsHandle 4588 -prefMapHandle 4592 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdd3ed8d-6fcb-4546-b6c0-3b82ff1753bb} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4524 1eee231b258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.6.901273236\718374795" -childID 5 -isForBrowser -prefsHandle 4648 -prefMapHandle 4652 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d9bfc2c-8783-4c49-9bdb-008a5e3dc374} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4640 1eee59d2558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.7.617990733\1253258243" -childID 6 -isForBrowser -prefsHandle 4840 -prefMapHandle 4844 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3883c643-9eeb-42f3-9ef8-df7cb0f2fb5b} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4832 1eee59d5e58 tab
C:\Users\Admin\Downloads\XClient.exe
"C:\Users\Admin\Downloads\XClient.exe"
C:\Users\Admin\Downloads\Robax.exe
"C:\Users\Admin\Downloads\Robax.exe"
C:\Users\Admin\Downloads\XClient.exe
"C:\Users\Admin\Downloads\XClient.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| N/A | 127.0.0.1:49766 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | f.f.f.f.8.f.2.0.2.c.1.c.3.1.0.9.f.f.f.f.6.9.8.8.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.24.239.44.in-addr.arpa | udp |
| N/A | 127.0.0.1:49773 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 172.67.69.88:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 172.67.69.88:80 | shorturl.at | tcp |
| US | 172.67.69.88:80 | shorturl.at | tcp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 172.67.69.88:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | 88.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 104.26.9.129:443 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | tags.refinery89.com | udp |
| IE | 3.162.140.123:443 | tags.refinery89.com | tcp |
| US | 8.8.8.8:53 | d38u9fzbdfzf67.cloudfront.net | udp |
| US | 8.8.8.8:53 | d38u9fzbdfzf67.cloudfront.net | udp |
| US | 8.8.8.8:53 | 129.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | a.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | a.delivery.consentmanager.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 89.187.167.39:443 | cdn.consentmanager.net | tcp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| IE | 18.66.167.55:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | a.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | 1376624012.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | b.delivery.consentmanager.net | udp |
| DE | 87.230.98.78:443 | b.delivery.consentmanager.net | tcp |
| DE | 87.230.98.78:443 | b.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | b.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | b.delivery.consentmanager.net | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 78.98.230.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.167.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| IE | 18.66.167.55:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| IE | 18.66.168.3:443 | d1hyarjnwqrenh.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1hyarjnwqrenh.cloudfront.net | udp |
| US | 8.8.8.8:53 | 3.168.66.18.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | download1075.mediafire.com | udp |
| US | 8.8.8.8:53 | download1075.mediafire.com | udp |
| US | 205.196.122.16:443 | download1075.mediafire.com | tcp |
| US | 8.8.8.8:53 | download1075.mediafire.com | udp |
| US | 8.8.8.8:53 | 16.122.196.205.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| DE | 87.230.98.78:443 | b.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | d294j4en0095q1.cloudfront.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| IE | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| IE | 3.162.143.68:443 | d294j4en0095q1.cloudfront.net | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | d294j4en0095q1.cloudfront.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 34.149.50.64:443 | s.seedtag.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | e4536.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| US | 34.149.50.64:443 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.148.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.143.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.50.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | bidder.nl3.vip.prod.criteo.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 3.165.232.34:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 23.218.48.210:443 | e4536.g.akamaiedge.net | tcp |
| US | 3.165.232.40:443 | tags.crwdcntrl.net | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| FR | 178.32.210.226:443 | euw2.smartadserver.com | tcp |
| FR | 178.32.210.226:443 | euw2.smartadserver.com | tcp |
| FR | 178.32.210.226:443 | euw2.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | s.seedtag.com | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| FR | 172.217.20.162:443 | ep1.adtrafficquality.google | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| FR | 142.250.179.65:443 | 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| IE | 54.154.69.222:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| FR | 172.217.20.162:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | d294j4en0095q1.cloudfront.net | udp |
| FR | 142.250.179.65:443 | 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | u.4dex.io | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.48.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.210.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.69.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.115.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| FR | 178.32.210.226:443 | euw2.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.nl3.vip.prod.criteo.com | tcp |
| IE | 52.19.47.217:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 164.132.25.180:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssbsync-euw2.smartadserver.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 95.100.244.195:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| IE | 18.66.171.8:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| IE | 52.49.78.189:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| FR | 216.58.214.161:443 | cdn-content.ampproject.org | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.47.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | 189.78.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| US | 8.8.8.8:53 | rtb-csync-euw2.smartadserver.com | udp |
| IE | 34.254.135.1:443 | raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com | tcp |
| FR | 178.32.197.56:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 76.223.111.18:443 | eu-eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | rtb-csync-euw2.smartadserver.com | udp |
| US | 8.8.8.8:53 | eu-eb2.3lift.com | udp |
| FR | 178.32.197.56:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| FR | 178.32.197.56:443 | rtb-csync-euw2.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| FR | 142.250.178.138:443 | ajax.googleapis.com | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| FR | 142.250.178.138:443 | ajax.googleapis.com | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| GB | 2.22.101.110:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 56.197.32.178.in-addr.arpa | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 1.135.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | 134.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | udp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | cs.seedtag.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | e8960.e2.akamaiedge.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| FR | 216.58.214.162:443 | googleads4.g.doubleclick.net | tcp |
| US | 104.16.183.87:443 | cs.seedtag.com | tcp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | eu-west-dual.ads.stickyadstv.com.akadns.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| FR | 216.58.214.162:443 | googleads4.g.doubleclick.net | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 89.149.193.100:443 | ssbsync-global.smartadserver.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| FR | 142.250.178.130:443 | cm.g.doubleclick.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| FR | 142.250.178.130:443 | cm.g.doubleclick.net | tcp |
| US | 104.16.183.87:443 | cs.seedtag.com | udp |
| US | 8.8.8.8:53 | 110.101.22.2.in-addr.arpa | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| FR | 142.250.178.130:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.183.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | prod.appnexus.map.fastly.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | cs.seedtag.com | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| FR | 185.235.86.130:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.110:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | cs.seedtag.com | udp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | pixel-origin.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | dorpat.geo.iponweb.net | udp |
| US | 8.8.8.8:53 | outspot2-ams.adx.opera.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| GB | 2.16.170.40:443 | csync.smartadserver.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| FR | 217.182.178.234:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | imagsync-lhrpairbc.pubmatic.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 34.252.6.15:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 34.1.230.181:443 | csync.loopme.me | tcp |
| IE | 108.128.151.11:443 | ad.360yield.com | tcp |
| DK | 37.157.6.232:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | ssbsync-euw1.smartadserver.com | udp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | ced-ns.sascdn.com | udp |
| GB | 2.16.170.40:443 | csync.smartadserver.com | tcp |
| US | 68.232.35.16:443 | ced-ns.sascdn.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gbc4.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | gbc3.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | gbc3.fr3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 130.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.236.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.6.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.151.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.230.1.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.35.232.68.in-addr.arpa | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | a577.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | a577.dscb.akamai.net | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 18.213.195.227:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 34.1.230.181:443 | csync.loopme.me | tcp |
| US | 3.165.232.40:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| GB | 92.123.140.19:443 | player.aniview.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | match-eu-central-1-ecs.sharethrough.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | visitor-fra02.omnitagjs.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 185.64.191.214:443 | imagsync-lhrpairbc.pubmatic.com | tcp |
| US | 64.202.112.63:443 | b1sync.zemanta.com | tcp |
| US | 54.157.210.214:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.49.168.145:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 3.209.126.202:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| DK | 37.157.5.133:443 | c1.adform.net | tcp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| GB | 92.123.140.19:443 | player.aniview.com | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | 227.195.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.168.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.210.157.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| FR | 178.32.197.56:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cs410.wac.edgecastcdn.net | udp |
| US | 8.8.8.8:53 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | udp |
| US | 8.8.8.8:53 | track-eu.adformnet.akadns.net | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | cs410.wac.edgecastcdn.net | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com.akadns.net | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | k8s-kongow-generalp-4b9a3bfec6-974801183.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| FR | 51.178.195.216:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | k8s-kongow-generalp-4b9a3bfec6-974801183.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 34.196.131.151:443 | qvdt3feo.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | tracker-use.ortb.net | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | dckrl2e5yf7xg.cloudfront.net | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | tracker-use.ortb.net | udp |
| US | 172.240.45.78:443 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | dckrl2e5yf7xg.cloudfront.net | udp |
| US | 8.8.8.8:53 | a1970.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | a1970.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | track.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | sync-sc-main-was.aniview.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | track.adformnet.akadns.net | udp |
| US | 8.8.8.8:53 | 202.126.209.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.131.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync-sc-main-was.aniview.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | user-data-eu.bidswitch.net | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | visitor-ow.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | visitor-us-west-2.omnitagjs.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 69.166.1.35:443 | iad-2-sync.go.sonobi.com | tcp |
| US | 35.166.205.24:443 | visitor-ow.omnitagjs.com | tcp |
| IE | 52.18.177.155:443 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | visitor-us-west-2.omnitagjs.com | udp |
| US | 8.8.8.8:53 | cs.openwebmp.com | udp |
| US | 8.8.8.8:53 | rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| NL | 147.75.80.51:443 | prebid.a-mo.net | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | am6-tmp.a-mx.net | udp |
| GB | 108.138.233.96:443 | cs.openwebmp.com | tcp |
| GB | 108.138.233.96:443 | cs.openwebmp.com | tcp |
| US | 8.8.8.8:53 | d1mee2k02h94hw.cloudfront.net | udp |
| GB | 108.138.233.96:443 | cs.openwebmp.com | tcp |
| GB | 108.138.233.96:443 | cs.openwebmp.com | tcp |
| GB | 108.138.233.96:443 | cs.openwebmp.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | am6-tmp.a-mx.net | udp |
| US | 8.8.8.8:53 | d1mee2k02h94hw.cloudfront.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 155.177.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.119.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.80.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.233.138.108.in-addr.arpa | udp |
| US | 34.1.230.181:443 | envoy-hl.envoy-csync1.core-b8mf.ov1o.com | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| IE | 54.154.213.207:443 | cs.yellowblue.io | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| IE | 54.154.213.207:443 | cs.yellowblue.io | tcp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | 207.213.154.54.in-addr.arpa | udp |
| FR | 51.178.195.216:443 | sync.smartadserver.com | tcp |
| FR | 51.178.195.216:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | assets.a-mo.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 147.75.34.177:443 | sync.a-mo.net | tcp |
| NL | 147.75.34.47:443 | sync.a-mo.net | tcp |
| NL | 147.75.34.47:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| US | 8.8.8.8:53 | xandr-prebid.trafficmanager.net | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ow-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | ow-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | csm.nl3.vip.prod.criteo.net | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | csm.nl3.vip.prod.criteo.net | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | 24.73.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:51054 | tcp | |
| N/A | 127.0.0.1:51067 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| FR | 216.58.214.174:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2---sn-aigzrnse.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | 199.168.125.74.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 172.67.69.88:80 | www.shorturl.at | tcp |
| US | 172.67.69.88:80 | www.shorturl.at | tcp |
| US | 172.67.69.88:80 | www.shorturl.at | tcp |
| US | 172.67.69.88:443 | www.shorturl.at | tcp |
| US | 104.26.9.129:443 | www.shorturl.at | tcp |
| US | 8.8.8.8:53 | download1509.mediafire.com | udp |
| US | 205.196.123.197:443 | download1509.mediafire.com | tcp |
| US | 8.8.8.8:53 | download1509.mediafire.com | udp |
| US | 8.8.8.8:53 | download1509.mediafire.com | udp |
| US | 8.8.8.8:53 | 197.123.196.205.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp | |
| N/A | 127.0.0.1:7000 | tcp |
Files
memory/816-0-0x00007FFC73053000-0x00007FFC73054000-memory.dmp
memory/816-1-0x0000000000820000-0x000000000082E000-memory.dmp
memory/816-2-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp
memory/816-3-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\cff7424e-d37d-42d9-9cf2-d015359ff44c
| MD5 | ff9aad5b02b4c0212650436df9ebc0e9 |
| SHA1 | bc7b053efc9eb7f6490cd5c01ae9a8185df8ebc6 |
| SHA256 | fa0117ab014203946d4aca7845db48772991e68ef51317b6482df62b57351620 |
| SHA512 | 1ce083afa588fe224e8867c7ee0a561a773f8f883b094d110355adf58aa94a9485bb66eb163f8cd690c3e54743379e6a464bbbcf52019e23e341f99aefa04ca4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\7fa699e8-cdbb-46a2-b6e8-1de1f834674d
| MD5 | 8ba728303f7185deac00570ba01bfa5f |
| SHA1 | 94f8ae2df042028dd06eb563f5d7a11654be1e7a |
| SHA256 | 1edefb59934a37b2ed43e47d98ed5052c680dd188811fa77aac2a3245304e6c8 |
| SHA512 | 578f6a409fb67135a8b92bcabaeabea4b812a8ae5e95fe1591decdb53c9f77e16245024cdd88499f4804d53758df96b1806fc245bcc05015877c6e87bbecca08 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin
| MD5 | a0147d2f5271b33951a82bb1c88898cb |
| SHA1 | 938f1e18a405e7735710e1f29613f4dba2e969f5 |
| SHA256 | 32e7386f659e5aad3cea71a44b510a6b03851ef402419f47627298b74fc7c553 |
| SHA512 | 65865cf2ad5c596feb89aa9002e92dc2548b76430af3b6a67ce6c8dc087a5e095114870e87f665ec5ae90bf9ca0bcfa2c7a9743eb3c9ff62f143abd4c7b9bf7e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 9816109cbf9597b5ca27ad702b5fc35c |
| SHA1 | 750ad76a18478bc1126f8e69677b4f752f69225e |
| SHA256 | b7e924dc5f973b8119b944e3af4d9b3f36d05e4e3eb660529f9446f07c6c14b9 |
| SHA512 | 8aa66eddab354eeec81f157d49689e8f97ad54f227cb00da9262da4857d6602f8f653493f13108e2a74fd7dad215d7a5f17fdd8c463b7a0b8f0f25d3aa8527fd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 0ed2663971e8051b2bcb574926400fa8 |
| SHA1 | 467756bf41c377bdb07c8be10d5391f1df1d80a7 |
| SHA256 | 0c44c9887ebd30506041e4f483422673660df0b74c7468b0cab2c69bee1f4e8c |
| SHA512 | e521f02d0a4dc70e3bb33747c5113c76f18f15b4370826ef13700c4f559c8b158ed1d8ef79d7d88794bfea61496a75d653237391f2f8b5e53d8574a21f113898 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js
| MD5 | f07653eb91cfd4bd374bb7e2689a8448 |
| SHA1 | 91c0303cd51877b5bb9c32dd028dccded2eb0db6 |
| SHA256 | e9ed6c4f5d1ab66393c8bf80aa27bb5f2cdd10da706341910738327a7807fb56 |
| SHA512 | ae18a97e67b823be9e4163065f0617cbbbea51c940b64a75296920deb234f20221c08130912feb6d8db44905b7304f1700d8cebbabad4a8762d66ec73ff96833 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | cfbaaba58a13caa4a2cd15e51d3d10d0 |
| SHA1 | a4fce31b47ab9511fc91e759c0bef1dc9334b17f |
| SHA256 | d038d214fc25cf594e3e0e5dd764758405bfd5950b9f51c25a4e6d8d2e9a6888 |
| SHA512 | 72af9daf4a27e76289b3e44e38fc0fc5814305c2cb5fc87695f3bf7c0111ff7f5e82b5aeb8baf1941076e972e94fb6d1a8ea199f69b8457ce49081b21b3a0df1 |
C:\Users\Admin\Downloads\Robax.exe
| MD5 | f2a0b732e9b58a2882c0a2652c68da89 |
| SHA1 | 8c27ccd93f67395acaa71da72f0b7988d575aa86 |
| SHA256 | 88d09d628527a8f6e0f2ddd4b463eda15b8caeafc6f750ac14f4f9b6ea80aea6 |
| SHA512 | 92ddc326a34434fe84a9c771e3f9c40ab2a0ef6d241cf65c23a2c3b7dec9a428dafab614e6dc1a8dcdb29e55bb62f425d5d885f573c34cbd065485d8abf7bef1 |
memory/756-221-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp
memory/756-225-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8c9a956da83fe54781e9c6902930aa6a |
| SHA1 | 9331bd7cb7381210a8242e22e1bcc3ba5d5cd159 |
| SHA256 | 659caef8d785d10b6d1cc68b58e4ec28a14df0e92cae57fd8ece5f5ce6247406 |
| SHA512 | 76f2813b7694e181cfb989fb2bc4f60e05f0dd1c5695a24320c53b7ec37af65e86d548f9cafc9a7ef0f6ee467809c29b12b970f9fe43b8080a1b59a75fbbfd92 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0D0BB73C78ADDE449FA633D84DF95E410284A76D
| MD5 | 266a71de51408d1a8268eb21c7540966 |
| SHA1 | ac9ffb7aba47ee72c06fc8b0ec3800c070b1d51a |
| SHA256 | c153f1c4fd39b7b675e702e96570c5022b541505a757cf085bcd9ff23b8667cc |
| SHA512 | 7904d1a1623b77b4b0ceeabd86aaef49bd4639927f7db0bffdf55c9504470055cc75da5aad18edfe17d3b88bba9bca5d02b43c7c932dfcfdb91ca87e19de829a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\433C76AC9AB32960C4FB97F78B6A7687B4E33F26
| MD5 | 21496f1b5539e00ff17a550022ea00a6 |
| SHA1 | 359e4d9c18248e48810165a8c04121b1b7cb3ab3 |
| SHA256 | 325dbef1331251158605d49180306ea11c559d83e3498e369c6a7c004b3a2f11 |
| SHA512 | ea00c8b89e2b4fea57dacb4909929fe7eb229e649c3c27ae9cfe9c296c7680a23a36a2ea5f6b8f49aa2ef6e8481cda23af432798c3a96b871949f2fa50bf3ec1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\14602
| MD5 | 93f81bbc275c5640b4ab3dc6a4f93da6 |
| SHA1 | b4767e04ff8bb52309966a5b9258a985eebf67ec |
| SHA256 | 801fc559aabbe6460e1ddcba1049c8ac5f7edd27521325835a8894ef7cd4e00f |
| SHA512 | 140d5e338cf648984c66535adfa24d90c8d28cbd80cb0051869968011fed5d8ffef4ec67bbb0942a530dfec4d1cd47bd4d7f5a93d6a25ec34232898b29cd47fa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\3122
| MD5 | 85aad11daba87442e2ec576682f57152 |
| SHA1 | 832dba74dfbc49e27cb313e2977d32600bef8c99 |
| SHA256 | b537c1fd1187846825fa6e3c667f163bd0799d6871dd7e68dd11841a2284b41c |
| SHA512 | 681f395aecff59208f42c25bd77e04db6b58993bd86b7c6c14af113218ce6c3decda2f79c9d275b43e6e1b9738d2b90d37214ccebdfd599a65b2b3eeed3f7a2b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js
| MD5 | bbaab47ea46eab9e3f9be0b2b25c139a |
| SHA1 | 2ac0ebc8e3c5bcaa1b9e682985989ab23ea7bde1 |
| SHA256 | bf1226944bdd90c1a575ee251852c5a717d4640157e1965ceec752985518e6b8 |
| SHA512 | 6dd070ea5355bf2b6faebf01c29563df352d0a973cb14087e91c1d6a48b46b6e72d42e2064e929e2664beba752a093c67c311705fa590db2a002a041e9dd67fb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js
| MD5 | b70325e6eefcb7f53e5030278323436e |
| SHA1 | 67615876af7587e449faa0db93077aff468954af |
| SHA256 | f320dbe234320165d7e1212431cc52c71293cb8a3d05b791965b6b1231def7e0 |
| SHA512 | a4fde179f72907ab79ce42cf14121010445b5d03f312e5489b8a21ad459a0df5f505b7273c2b79f36ac1b6f15ea892ca0650fb98e05de3ccb67d7faef24c99c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\69C85B5310A2628963FF16C33CDDE1E8257D6A99
| MD5 | 39ab8dced670172b49fe6d15c5ed8838 |
| SHA1 | b73fed91bfc5360213287b9f36654791204b5018 |
| SHA256 | eedd145a8137ce8960dc0d36c436cdeda698e473e52b59d47193b57d5aef4b65 |
| SHA512 | 59f66a8a0952d3f26b78027e306ecc88ad805e323dfa3f81fe448c880e7ecbc48af65b5211f8f4db109dac18dc4e57b06a9a550432cd7561ebc555c552a0f65a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\22943
| MD5 | e3d1dbc52d3cba7f897918938eb6d17b |
| SHA1 | f06cffa8fa92a7cc73a8644eda876e592e997b63 |
| SHA256 | af931868b2cb456c5827d273b85ac4901206e25c27415aaadb58365359731fd0 |
| SHA512 | 273b50509e8590de55ad0be6a6eb75fff5fb34aab47860be6c3ae5c8ca815b45edd4445175e7dc65b7a6996d3b5ee6df7602f24eafb05e979df0451e868ecda1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json
| MD5 | a0821bc1a142e3b5bca852e1090c9f2c |
| SHA1 | e51beb8731e990129d965ddb60530d198c73825f |
| SHA256 | db037b650f36ff45da5df59bc07b0c5948f9e9b7b148ead4454ab84cb04fd0e2 |
| SHA512 | 997528e2ecd24a7e697d95cd1a2a7de46a3d80b37fd67fac4fb0da0db756b60a24648b7074255dc38f7651302f70894a53c3d789f3d7cd9f80fb91bd0cade4be |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore.jsonlz4
| MD5 | bbfd28dc41ad7ddfe325994b6af9f92e |
| SHA1 | 9a6255246db6baa8eea22e65544bbd7cf40180c4 |
| SHA256 | 484ef2377e59118c4bc001caf97767323e6000c2ec5c01cba7c1cf88b33d12e8 |
| SHA512 | add2dbe50b52bc22085c0d0facdcd5a96d118acec8756cb513cbb8bb920280311a05bee7877bec859b2eba38090adee80ad422c2f955f5347393fa8f1b45f855 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Robax.exe.log
| MD5 | 16c5fce5f7230eea11598ec11ed42862 |
| SHA1 | 75392d4824706090f5e8907eee1059349c927600 |
| SHA256 | 87ba77c13905298acbac72be90949c4fe0755b6eff9777615aa37f252515f151 |
| SHA512 | 153edd6da59beea6cc411ed7383c32916425d6ebb65f04c65aab7c1d6b25443d143aa8449aa92149de0ad8a975f6ecaa60f9f7574536eec6b38fe5fd3a6c6adc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js
| MD5 | 112f510bb468f9c4b106afd3b95b84ca |
| SHA1 | 6ea218591ea89462818ecd8206d32f11b1eb0b83 |
| SHA256 | 1e9c2b314a173acaf4f04a5c1b34059ce15b77f66dffd3b73192510502c526d9 |
| SHA512 | 8a389bd872fa8e51645d6243a3825cfdbf1a9b687e0cd2a66bd37180fafb2a6c16d4e97135a00f591caf3d1741e6f2a6e378e40b49960e8747e2987ee3e4a973 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\scriptCache.bin
| MD5 | dfb48432fd1dab350519a364a8edda64 |
| SHA1 | 8f7f6114f3821e2e63ec6ed78cad41208b0d88d8 |
| SHA256 | b2ada89a76e88ffa4e353e8fc5450f137b08f692fe71f681aac9e2e9cc287051 |
| SHA512 | 3fd937f8f03d2a2e02412f835e8427d2a3f4769f9fec88bf19b0aaa895740bf900676b2de115866adf3e530884399accb521fc908eeedbf42a6d5dd66c5790b5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\xulstore.json
| MD5 | 58e240288763218d12bf235d34e5aee2 |
| SHA1 | 89135494b57f590011c09668dec3b90d2c5ee9ae |
| SHA256 | 615f80e71dfde24711e7fefc1b7959f7592c5e5cf9ad0f3aecb4235b93187176 |
| SHA512 | caed2638902987aead199e73cffb90881bf245bbb616cb38c46b281d4aaaa54dc20a54e9bfe17a8d6e68847394c113fb7606e94b64f44ab0b52bf7846f26e936 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\urlCache.bin
| MD5 | 5a3e1cca06569a3abad215db82b0b76c |
| SHA1 | 18ecdf820ea13771e7b56bdb6ef306f0c0c13334 |
| SHA256 | 503d2ae1b9e57f6b33593b6013152cc3a6b60b7697366416192d205673bf481f |
| SHA512 | fd2b7fc449db397f5a8c23484a369a5ab7ebded5f2e21a594fe7a5faa314f185453c31650fd6bba83a66c4405a50f49748c1e79bde3a0bc69bceb6d069d2a8e7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\permissions.sqlite
| MD5 | 1221f0680adaafaa4394e186d08677b7 |
| SHA1 | ef1389874b1a5aa8f72f62273a4f242f62d4ec59 |
| SHA256 | 889d0cdc818465e7cf0d761b8894a0fc992a764723d75c8e12fa1d9e25202aa3 |
| SHA512 | 0366b48f90f32de45a00e60ac4a47b6d9332293f1faffaf7e754a2c154d63c5c969f39a2ebd088c3606cb52400dc182f6858893ede016ee571727b51e9f6a78e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\cookies.sqlite
| MD5 | 8b33aee0d8c65270a05a4423aedd5dbd |
| SHA1 | dd988c4a33081cb71d2ffe58de5d3566c3e0ba2c |
| SHA256 | 4729c3cd576d541a2d8f9953f34fe49be119d5cf7d0bc14a4ce0c3f325591e1d |
| SHA512 | 495b0304679195bd64ccb301ebcc93aad250a3351f602ef82d51bf25c28cccb6d8f053235d4ae1ededacb52b4ed2f729559a9b008b277ea4978f67fdcc1c721e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage.sqlite
| MD5 | 089b61640ebf75aa4e4b75065aeaee29 |
| SHA1 | f3ab955b092ee8866ce9644b6d5dd6e2e7ba9bca |
| SHA256 | 7177cfb0c689daefb2eb7f5f2c7148804979a99314f2740d9e5e2f39c71a552d |
| SHA512 | 55d9ac505f24650f48ac8840a1c69cb2a4d08afae2452a9996a62cc3bac43d93d6552a563e44df5d99cf828378b1faadd695523e3b83e2a1aae17ea697bfa140 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\favicons.sqlite
| MD5 | 17044f737f921dc92c4a996943f05005 |
| SHA1 | 131775abbed9f7ad8e0f20e34b27e17e6dbcc195 |
| SHA256 | 4ada35479a00e9f5cc849fcc8fb0005d39a04ded4fef671304ed53e221d49432 |
| SHA512 | 605e75e6a8163875f7fb73cd2e2be4271137d676a476a6a8882fb0cee06ab5c4522a9157ff9c48a8fb84e6498f8b5aae2f6c60b748a57c0fcd8c5c9ca721c268 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\places.sqlite
| MD5 | f60673c419dfe69df769f53516712d1a |
| SHA1 | a7558f39e11230f78f9256daf3b2e3700a20fd69 |
| SHA256 | ab412ab3be1938d46b89f0ca3701fd2ece4090fa1f6df5b6c8f1bdff32115986 |
| SHA512 | 8c7c58a420790a247f58cf3294a3e186f9406deb9f94863c48848d2553f02a8c9fa36a9dc35954f79c3375fa709fc90bd387543b1cbea83d9ded14624f316b96 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F
| MD5 | a4e6d920e1633d6e3badd02f845eebec |
| SHA1 | 3f6e95d0e0d9dd0110e1bbddf57abb2786a37ded |
| SHA256 | e5dc9cb5bf927584a93288680849ecb08e94e6aff510c486df54d69c048fff75 |
| SHA512 | 91f77c731ba99fb1aa284e341478a288445dba8e939ca75d3dfc5cd2f1cb58da3d36cd308fc14680f0f266643b4a9dcc6319d9b3effafd729c7bbd893b1867ca |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\AlternateServices.txt
| MD5 | d13bf6c141c5a719b0d84edf73c12632 |
| SHA1 | 2f1ec2c5044cc5a914b6bf8d300280f08b392e94 |
| SHA256 | 1cfc1eb9a9a429f03d43c912694bd681f9e6f3963c9b53297099093c2618e41e |
| SHA512 | 924f87015eb6d5ad4845e05473145e202cbbd65ec84233fceb8107faff0c2c95a8f5f45d11179b5541836ff942efd109aa30705d6df8bc5888873e11b0374608 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite
| MD5 | d82e3c809b6917cf3f53f04cd9fb8de5 |
| SHA1 | f7abf981ae1e4890af7158a8f890c30b98db6f32 |
| SHA256 | f0a443120647981d74d8a9c32acc8792f77db3f0f52f48f113d09ac05b00a0e5 |
| SHA512 | aa110fdb33d448dee8907be508d1e5ae140c5ddff40519f06eec2ef1af2ad7bc6c74a6085ad2d69f81fa08b4386452a1ea3990c6f14ab1065e08179bc5947cd5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\SiteSecurityServiceState.txt
| MD5 | f61bc7c08bd4951bd8cb65ebeac696d3 |
| SHA1 | 24ed4cc1b35c5f37d12c70bf917703ba508a3230 |
| SHA256 | cb8c784490e575f03c2e2b190c8cd4fd5befde04a73544ab2b70a8edfb168c06 |
| SHA512 | 94622084140fa2682b7f0517c72ba643fcef0516780da58229ce8baec3789be1e06fcc0dac74f913d84f234c1c88b6b8f3c9904fc104b71b6cd54b5ad8b43ca7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\protections.sqlite
| MD5 | e1fa2b1ece0653b17da12b1aa5f3ce57 |
| SHA1 | e2ec5cfc0377eef775f7299efe575883f25523f4 |
| SHA256 | 38729d164e37b4a4f87f00dae211d4b752b2c35d1bc2d27c2f49047996869b2d |
| SHA512 | d8f42f92f2332f94e16f5aecf731332144eede1b45cc7053697a96ddf1974d011b0aaacbd7cda75e772f4ecca43263f3db74ebdcd835f2de62fd18755a6cfa28 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\b96686a9-5d8b-453d-bb28-5204b394ea71
| MD5 | 23244f569a600fc298af6164e4ea2bfb |
| SHA1 | 043de10762b90b408a3fff6c081036eb6e013085 |
| SHA256 | 93b0eeb0189c3ae19e0576a422525fe7515d28c298c8c9e14bad37796caaf3b3 |
| SHA512 | d96c0a46789802f091983b924ee7991ebfc5d443e83ffdf4010d87d9a0202d72e84aff446aee546ade5f0e2592a9cf1fe020a99adfeca260cb4cb7d5c4c6f129 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\a68baedb-2c37-48ee-a4c6-83107684154c
| MD5 | d12c306d41632c5c5b8534ad0c9ab570 |
| SHA1 | f6f4a712dc2b8d63bd5eccfb46cc49cd9f7baf67 |
| SHA256 | 2e52d9315e2860709bfb9ea6219251f0b8cdffa12957e2f7e7cd1ab17906a78b |
| SHA512 | 5d58e037fe37b93ec440241bb1e4da4bae2dc20e5109b048c842fd88822931029243442d5186efc293b79335e1d581f4e20c8c7222e4cf8010edec5bbff837dc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin
| MD5 | d1ad9c3a71924c9d0c5a153545206c82 |
| SHA1 | 441cf4be26fe14abdbf3deeee931fc02a08a8d30 |
| SHA256 | b1d3466418a85380b154a36839035251a5c184b92f8cdfb24e3046720f381270 |
| SHA512 | 0764517e4223aa1d9caf751fa8fbab99c56046982bd8805df4489e10d4470f906f67cbabaf34b44536857c92c21eeae9e8ca1cdce286bf8f32a3d7f0ab92fde9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\events\events
| MD5 | bdd25674ec60c4cf9b7ddff37b7e8ed1 |
| SHA1 | e929da2bcca6495ed96142f0bdc6fcc247b80bbf |
| SHA256 | 4c72e22c115bb5c5c413f3cd420caf80e4fd22d5a9962eeae21d5e222c725c54 |
| SHA512 | 73865b9e1ad1e3c11c757300ddea702a6aca10f4554652888bfa067bb504fa02acf240a6775904bfe619682326e7582c31dca71a00bf8fbef7f200c214b4f0b3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\cert9.db
| MD5 | 3b05a63418e175799d9f14a310a244ca |
| SHA1 | 69ba9064a077a8b60f24d6ff98d32013c7757a81 |
| SHA256 | c971bfd305c1e25b988019f0777a9bc3ccc916c7f28c6e7f0c3e57ec81d03507 |
| SHA512 | 463887f985c933529859c2f190e05e258a813a6730998ce1ab8a2c09bf5c1b179bbb3543de62f9049289f64034fac125abe6ae0bef800aaa5780d9ca9d0352e4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4eb91787ea00c5e8bcbd9c7f5e232da1 |
| SHA1 | 3110f130ee25250dcae7d2005fc3b5f550b7f0ca |
| SHA256 | b2114c0dfb17c2fe495454111b86a71da81db341bec4d45d427152f19b698c60 |
| SHA512 | 5e441f803574d1e5965b139de698e6e5cb5f9fd07afc044431a04615162f32f5a3d014b56030e27426f7f3e4bce7188b7d637d598b36dbcb121166cbec36af88 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js
| MD5 | 621ad54abff2883ec164dd4943458ed1 |
| SHA1 | 45dce7e91c187afd52ed56934f24bf68e448bad6 |
| SHA256 | 5b7ec5d55858ab94004e48c2b88057f19f53ee5ff261a1ec5983143b3a357592 |
| SHA512 | c68d616ae5f9ceb84d8e71b437a1cbaf7c648db6ec9e04f8700116631fcb705143b91123dfd2c009d302d9b3842b732c693aba19a363b89ebcd5a1d78e215008 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\11D716E3A8F46E480CC79AB65A8333ED9891564A
| MD5 | d8bb6eb5a06405ea5ef9ed697866a6fc |
| SHA1 | bf21b3463cd5aadd9c7be9263136b6035ab808ad |
| SHA256 | a7cdfa79ed0c9a1ec4a9eee69268f8a8468c3d0c22602e0ed24c31a3701f4378 |
| SHA512 | eeb1751cdb3d03a0f213c0cfbd647b5b2dc55825e21463f9d8e50f2e1e7a99981d015fbdaa6e45aecacea4e6b2b1cda9990358c5c239ab883e932b8d3fbd2268 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\11BEF81FA5772E208655C9EC922DB3D96299A274
| MD5 | 288f4560dae9a6dc08c931c1ed35893b |
| SHA1 | d63c4c5fc6bd3969a2073776572f29255f06c5b6 |
| SHA256 | be30bd958c9c2c4f00a1db3ebe46086ad5d08a9ff00c48a5d8ad0a35b653c022 |
| SHA512 | 649a8424eb13a534a2dff02ad5bdf08e71ede163980d02f293c5d9841938dcd9e835c52dd470ac8079a056b249737e59a01592a9104fae5e6ed4405a838739fc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\1170539DA57BADF52DA36F4BA44A9830258E06C7
| MD5 | 093cc0121a6c6e1023fe376692dab25d |
| SHA1 | 7f26507d502bbf320371ca2c953d4500a7625f82 |
| SHA256 | df7b471daa57ddc24a2726a8b338bc76507919dc6d0afd6579f0a29345ddd10f |
| SHA512 | 87a8a634f0359cda618701af240cf63dfd16848ed3b9d57731a3781cbfefd3930502134c182130654ba4a9b9a349bd902eb1a0995c636cddb60f1541307c0f70 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\1120F1F4FDD35D040A3B9CA23D687F6113EA27F9
| MD5 | 6ac88f35d3ecfd7f8d7d61e075256fd9 |
| SHA1 | 5ecc955240c27c4ca33c0b919199cf0d1edcb249 |
| SHA256 | 3a91d20253e375e3539c1af12cf652f29717df7c85fcdf9efa8af8e97ccaf041 |
| SHA512 | 6ef6d22528709ee1de2a0828dc40337cf6e50026189d7e7bc8b2cf177b2f7c9401d82969063b3d1f8d0fc99f4512dd888e6e0b1df323bff8ce690d3c6c471a51 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10D79488E1D9FFF4E844A406A0365AF094D6DDA8
| MD5 | 934b4e99a0189e9470815be8eadc0a8d |
| SHA1 | affbaee28e7c97d1ff6555aa4c871af3deef2b1f |
| SHA256 | 076f9b47169821b09bfbe6a964a060e72197b35c2b09786f805d99e5516c4f47 |
| SHA512 | 14d0d37a7c339fa128c4ae0af9c6c75c0b3e9539f4fdbdf80775fe3dd20abb0369b11cf923e0617fd57d2a000b76a63481f128f9dc3d4109c218b3f08084b7bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10BF4141788ADB37CA7CDF7278125EAA26CECB18
| MD5 | 9013cd72d49fe26a8b0be59d838c8a07 |
| SHA1 | babcddbab948d424648cb91a6c81bbf72bc24f1b |
| SHA256 | 707a7df2f1d58c241c470213c9de1c61c3cfa680ac190feb6d35a413693d8b9b |
| SHA512 | 3ba360ecc7cdd9d9dc66b4a16fbaf22ad1d4d9cdc2d5026e5978b9444e60d1feb51b67d6b3a5db7d43884870cc9549007c7e8ddc2e3279cde5d5abd2319cabe0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10AB2C999DD2F707D85EBE263E92B4C6256FEEBD
| MD5 | d63764cd5bc7de036dccc46f4feff982 |
| SHA1 | a1695813511a557a001bafbfb4cc673ec80efe76 |
| SHA256 | e314dd13636240587bf25a78775d0c141a071babb95da1028a59975782388fee |
| SHA512 | 4426a21ed07b1b84a67cb01ca77ff23878e02d223d860daceeca0f475b1b8c139d86657a9a7261aaea6d19bfa44366ba48cc20c6833adc99563d446805497ed1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\105DA275DFC4F14B54D34531EA68D762FDE8BC00
| MD5 | c7c7e2fb97740a0a8938b0aaa9fc1ed7 |
| SHA1 | 2e594aa1ddd7396eecd889eefab3926cde3e9111 |
| SHA256 | 517de6c35aa6ee3a24aaa73c713d8154f18555259bd54856434ae9f2a1f97441 |
| SHA512 | 162a5f142e896bd8b9b3b0a506149d5869cdec0ae80cc3c0001b73c8e084d8534f20d6f90eaa7dce1b06d0dbd08a1b82a14924ef0fb6bd2a51a456bae8eb3ecf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0F7C190AE088BE7A03F09B974E6FD6E50BDBDEF3
| MD5 | b056346114048c2ebd47433753ca4ba7 |
| SHA1 | ebe0741c295e9f56b0ec07dcd84b05e9dc4d8ff2 |
| SHA256 | 145e5612043ff4d8ed186e054020141d3df1ef110ce52405e6126e611392d105 |
| SHA512 | d61f8a8f19342ad032b17de2e3277de21aac59825a04a94bed7866b6c94922164e4913af75095ab2b506d021c3a0c74ab61a426b636e77d513310506defb9e82 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0F54798B805AE9883DB54AF3BED72FEED995744D
| MD5 | 74055767872071829c1cfbece3ec4834 |
| SHA1 | ad0084808dde3d83a55220a8bf1d48d0ef12ce10 |
| SHA256 | 6e5c64970592fa25ced0b86f2992a7f5b764d18aca6e64ca185e096185658d7f |
| SHA512 | 93006ef0092e996d8619507a3173ed225b9d3cab9b66ca23fafcfda56a5e4e9aae5088a41c15001d18bd631428a0e22f0c25486722faaf102fb0ed5d13164270 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0DB0ABA58F84E560A957280383093CD614DB6CEE
| MD5 | adab066bb0928459390dafc96f58df20 |
| SHA1 | 9303ecd9a701cfe976634300d66eadcb478be0b0 |
| SHA256 | 428cf9903fe912f3f6a1bd17fa0546beda161ff7d6216450f721c345a346e957 |
| SHA512 | 2db9b6020f234930792a31a3a22e9d4cd240cd38143dd07a50ccc3fb8666a9ef17f5c0975e0b27c1b50ad73d5be8fae642606d2537b6925facfba546533545aa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0D6BBF3FDB173DA9A2C5C03CD12EF5AB9F297188
| MD5 | cc039b097dc8425587a0183037f8c59e |
| SHA1 | c89afe6f5b7c60786a9dca4e9bc5623e0f6f9619 |
| SHA256 | e281de9e2a462a2c6e8433bb0d32a2967104f02f8ce3a2db75abdf287facbb65 |
| SHA512 | b98e532f6dee94096176122050dfb61258ab54a045a0f758e943e7616cde1674d278358337a06db1d06f876c2df50bb84c4f2f83ee054caa14c4316343cd765d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0CD1754F06A8A14809CE08F1B3A586EBC0AAF97B
| MD5 | c00ea70c5fd340af90de933f98170b81 |
| SHA1 | 663d0953ca584159a7b020f94ca1b52e6e99ff7f |
| SHA256 | 7e31e96bb6a4019f1bbd1df9aad37acc5d3884a4c0d4202c336bc813ca9fa8fb |
| SHA512 | dca38e1592cd7ef0d82a734826c37a137c2a0d7ed319e2c5a7a342581b2599e6d22fa9cc88fcfefde9a76813705721b6a14f456b973bcf435cf46b9a4819f78f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0C3FDF1E2B44699F6664E34AE8E3F977E655FF91
| MD5 | c23261e69190ac687513e371f3c612fb |
| SHA1 | 10da0083382c6c3a0d6afb2d36a29f00ad2c7f01 |
| SHA256 | 9ca25e2350eb025ca4bca785ece4fc7dd2830bd27e715c4e1dddac7e9df4f01d |
| SHA512 | b870b4928160289fdab686eea5fb48c7916371b5637f0b8c4c76ace4afc630d035c45d6017369baee386b016657b25c516c600574e4403861cf2806780e43701 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0BF32BA706A6E0F48700E7F27522FCF2B8ED29A9
| MD5 | 33ab22f664ff1397f78db1354e232b60 |
| SHA1 | 433175f045e911dc70816281ba50f1f86ac4a7c7 |
| SHA256 | 0dc503f66cb5649813ba041aaaac13a00b40e7901c821b3819bb419d43f69f39 |
| SHA512 | 1a644b6186cdb22280e2ad3aa074fefa4d84a8d61403b065f2e4b63b7364faf4585bfaf08eb10f92744280dadf37ced2638e4bb3072f034a1d3015f5ec971796 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0AFE9AD0339B601EE380435CC9FEE8F11207C873
| MD5 | 50137536a38f63857317d2043e5fd729 |
| SHA1 | e42881cc4ce845667914ddba28982c009b26a380 |
| SHA256 | 3cbde164b2b3a78c321e0c044b7bdb801b22da90e9e95b92886103ea579c0168 |
| SHA512 | 776010a99745dcade7fcb3eb65ea2dc5a722bcb516f50f9524ff0cc623dac1b722ac56db203c88809772a53c1cb70c312f3751f19c85a117b017d0ec6a9f475b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0AEFCA55B69557CF95C5FC83027FDA2CBDE6A67B
| MD5 | db239b82bf3df0663e61793b5f9ba1f1 |
| SHA1 | 3a5a4db140598fac5d6fbc9591905d62f1c3c354 |
| SHA256 | e06910581620871ee33022dc7d8c80af73cfcf9518adaf0b3e0aa8e1dafe172b |
| SHA512 | abcebd29f4bcc04198a9e11a42973ba427645a43c51841a967eec419f3067ca163c5cbd07c18f4db0dfb88467cb24331b18f68799c9b7782247d800a2684f2fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0A99E768FAEA4EA7F1CE9937001AADAE6ADB6722
| MD5 | 591ee5199946c929d800e657800dfd6e |
| SHA1 | 90a5e6836e8d40a5139920b8fbb07343477f404d |
| SHA256 | adb4102feca07c99dcf0e6b353f7dc491b86c84d32d1b918abcf97332516a5d3 |
| SHA512 | 8930258f97953a5663ad0ce718d9e80d2b9686ca2c3f59be47470ccc85cc610e96d3710c306e415244482238dcefb43a8f11da1380ddc8f1cf648f6ce4c41726 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\09B17C97CDE4D8468CE474B97A9E3926EB4D7B0C
| MD5 | 1dd32e73587afc5d43a36d3ef41cda8c |
| SHA1 | 49bd61fcf7ce201c5c64becba435a137c3a0b539 |
| SHA256 | 5cacc58433524eff8b4511d6fbb7b8a48d987338ec15ddf70ec386af84fdf9c8 |
| SHA512 | a550477499d9105040489fb230c48317fa4436b38441134380e1e30412f175e27d64290bdce7f992c24f4cc382fc3e0f3b829e0ba17067169fb4c4528156b24f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0951F4EC014B58E0DD4C1F3461CAC9C8BBE8509C
| MD5 | c31b0a9a164dbb4d24a983340d46e932 |
| SHA1 | 13731b8374b5318d2ba62874c5d45b71598f1988 |
| SHA256 | 369c872a64a2b488a1c73ad818e61c3026d690d4b14762f52e0ea88b0eb750a3 |
| SHA512 | 84ee2719c91f6106d7584d17032f1623b961ee3c5f398ddc6ef8fdb5853ea0a2b96fc22804a450fbb8ae1c479f10ef87807bd8775e21726c62be982ece757a0a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0905BB088FB5F03D2E3E61966578159625A2E71A
| MD5 | 7fbea85a465c35a24ffec926e5838f9e |
| SHA1 | 515dd337d7db2081c8d136f7c0b137607f81d3b9 |
| SHA256 | c4f7d74851d690e61f7637d1850a1d74de5d2c45244f26d2e6965ba13d7aa6dd |
| SHA512 | 2fee9b5ec314c7998ce9bde246b6cb967896d3abd3445c8e16a556e099a8e286e017eb555e55d011f340c8a85e56743a2ecfc90d6d2c9e1f7ffe040cc13d4294 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\08093CF9507F34AFD1465FB49BC648A3FECB781C
| MD5 | 19c0a69b8cb1fd8b5299edd576ae058c |
| SHA1 | f71791a77d692951ae83e34fb97e817be02c59c8 |
| SHA256 | 4df0835798e9daac889345601f74c93bb4a289669bbc7d9589dff40919795e75 |
| SHA512 | e5b64589bf0b39d49aa50f8dd251ccbdf60f979d52b42844efd3824c03f951a1d0e283ce6dbfdcbe7cb4aca9455fecbbb09cc7820d0f7a4b4cabfcd1514a4a93 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\07D77DE742D24AEE40B80D771E538C44DDDFDDB2
| MD5 | 6b9e0a17e11189736c1b913c6aca4142 |
| SHA1 | c513421c9f2939dafa92690b0531fba4b9a2d313 |
| SHA256 | dc017ded8724a6e261ebaa586e93c2747b278219c70e2b3a446c08aa3a83e360 |
| SHA512 | a496d4148c09e6cbd2fe7efe381e96dfe28cdf55ebdfe8b09cb0a3dd07d61b0993ed68c8a90b7a946105a7331a2c0a3dc54e17cabc11d7aa63d01736fa91b381 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\072170237CBB54978487A47482F15C2DEE0955DA
| MD5 | c64251f3fe8c4c22afb6e66bdf0a6784 |
| SHA1 | bdb8e8b4daaa7475e8c4017a0cb7257430a1dc47 |
| SHA256 | 55104c2a458007952558f9a9e57300153a9165a5fb249e2f06a14690dd0b6fba |
| SHA512 | c850264fd686ddc4a85c7fc3d3f19327e0c2c6fcb9004edf400ad12deb4dec6c11633dcd7f611dd219adec9ad9c793e4bb0c42926cfcfcab72a437815c0de311 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0635451CB258AA1873FDCC92CA10E33ADCEAE334
| MD5 | 50c4bafc90e5940ed27c53da160d30bd |
| SHA1 | 967be452f48211d9494e113b13502cf7519b5907 |
| SHA256 | 47a9ad9ae316e4d7af8b199ee2a39ac9d9c1dd12b9cbb9ae3216fab1ef6d4c89 |
| SHA512 | 8b079e0fbc80636bd65d4131d8b4db9d0cdae9e8fe6cda6a7109ed25a333cd460cc5270bd4b0d5550fb4649de761681e2adf9080b6878e1bca77422d9ec7ee4f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\059E05769BCA56D70ED6010443AF90922005586B
| MD5 | 776db608cca4eb5247747153c560cab3 |
| SHA1 | e1bd11625f8850a468699d38ccf6cc53d9804fbf |
| SHA256 | a51d39b8914750cfa900375dd337bb63c5426f720c754e08adf864082fc8caeb |
| SHA512 | 1a2760a6e39618a84f8d4fd6f779dd2cc5b83c30e0cd70a848c4b09d4117ecd024920f3812e2d049fab7a656220a425d03ef96ff86efca2f66b6dafc6ea381ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\04BA94132921BFCC45D89680C88459FCC1705D30
| MD5 | 769ea5094230ab992745c4e05f71dc4e |
| SHA1 | c149146f4ba7ca6c45ffb5934d829e0d1b14a78d |
| SHA256 | a2d051bcb567d29402644eb473ac9e93441da23b26e2e77a9dc4d7e8080f66ca |
| SHA512 | fdb76f6925d09eb60df23f0f772fd9dff3b0382c7d4507d6278fb3e2f994b549b4c93aa8d828c8ad50c838f6a05d193086d77bcbcf57b4316883faf37fb3ff6c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\04AA576D1E65CE0F117F88EEA0EBF6FCCDCA00C9
| MD5 | e84aeb15ee023463be86168dca648406 |
| SHA1 | f5da629dc610ba3b9cf00ea4654e7a87a4e928ae |
| SHA256 | dd4c94c3ec586af4dcb52407cde5c2921f48572783f9279ea3870e6db7e1ba30 |
| SHA512 | a60531d365677427a8dcab7a0543ae56fa3830e3d625c14d213bae54ee95167723f551339d4b9d0e058f12f848b6ab79f426483528891378031783648a5c0051 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\042EE76429725796A43654251DA28F80D4DB89BA
| MD5 | 9bca69e46e88178dbd3c1ed3f835d130 |
| SHA1 | 2e9951fefc0adf9a3be4a0489f8987dd79f47c56 |
| SHA256 | 852fb3f3932df89725597de2d19d03c13f8527c23f2995c18b07e0ff7d22f5cf |
| SHA512 | 625edd1bf3f0b6edfdc8745948646f041dd41865b33b2573918ceeb45352c4b8dfe5b13b8e7a329be33e27fa9751d73f4baecd2fd8dc28b58b24c07387e99f8f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\03B88CE02AD3680B3A87A2AD7A98F8AE4C9396D3
| MD5 | 402197b7e26653f46f247e9d030dfe7c |
| SHA1 | 66d27f09d53914a548324dc2df21d974a1692316 |
| SHA256 | b577dd7a5c04c27254a75d46a5b3285cb3c90bd8995caf8057fc7945d0f00038 |
| SHA512 | a3ecbbd37b1af7f37d0527fbc3c4b207ed8b3ea268240643ff2d526ef0e2ccb480f0422acb4800879280efc6390437bba9e2025ac483e88dc96f58bb2c8f28f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913
| MD5 | e66932c77a189241a2a7ab77b3fbf5f2 |
| SHA1 | 6716d163b068b1b5311890335d7269eb82450929 |
| SHA256 | ff7aa921d2ac00f6cec14f564c236eb6979c6e64b10b01ff2ba84e71e5a5db63 |
| SHA512 | e44ed62a8bb29c5ff72fb234f0810b2b380e3aa35f24ac0184ba7806274aee1577e88b136684cb11c487b69fe7ddd18b1d26203fcc80135b650f6e4fd9ff48e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\019ACB89F1539981771C76BE0C38878142C6AE66
| MD5 | 0b0658a597f1778f729d37105924c1ad |
| SHA1 | c9a0b54d6ebc3ac86a318a410930fe5053e2724c |
| SHA256 | d46ca450a93164c653204de5954a08ee334c6085952e259b6fa06bdbb22f7c52 |
| SHA512 | 2dd39f18e6dd59c244fe155d92cc23d0a63225d5b6df0741002c04c4fc5f514c115f4d33b80fe339fbe2f4097199e352ee864abc2233e955b45a1f7cf7457d46 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\01698AA4261A00617EA49F9684E324815BDA36BB
| MD5 | 56257394808c6fb33ee51c3dc2f21f51 |
| SHA1 | bceefc481a66094c52a16274ac3af2899f4872e2 |
| SHA256 | be6ac6c47ff1ca51b9d13dcfa74f6cccedfa7d731964c3469f59ef3541aeac7c |
| SHA512 | 29bf5b467addf76e371ec7e9ddcab235d3ef2afbcf41a1bc0c31d566aad0e4073ada02bead6aa33702431a55bc29abed0685d4ab15922461c360b7c6b8519b73 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\00F32E750D4AF678F0F82C2E154EE710B4CB776C
| MD5 | fcb586602931c7f6e071623a8ba73561 |
| SHA1 | 719a83c6df39644c2ecccb6da5218d523b599739 |
| SHA256 | 15c4198afe15c3ff051d95721c94c75c53a624c7f614cb63cde4cbe1830fe54b |
| SHA512 | ef2aa5beab3529c0de8212f0c32f44a6486c65904c86664039fbf7e64d54bd3ce64ae9cc9f64f4c844763952160ebe1bcfa9e320a24a9430a5ba55a1ad43b6d6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\Downloads\XClient.exe
| MD5 | 4f55797486399094709dbb38ca90b5b5 |
| SHA1 | b75252d2862144f1d2908ebdb69d7b54bd3f3d61 |
| SHA256 | c21b82b8b3df1d66ff1896d13e8b4b13dc19865e847cda2f2234b2fcbf2a9ce7 |
| SHA512 | 77137fad87ee6b575034712d3d43abd582baf58778266a8ecacef972167007e1611281229394f44199bcf7518ac9afcbc0df95b72efc7b7cf3bfbd17092608e3 |
memory/7080-1293-0x0000000000750000-0x000000000075E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4c18e9346f879d1f34bf923432ad6de6 |
| SHA1 | b762788a09e4497aa989851f250b894802511925 |
| SHA256 | f8d2a87542edc2b6bc826842f5c738cab9776e7be848e128af891552b9ec2e6e |
| SHA512 | f58d45a1a974f267d570a2319b6371fb0ae067eaad83b0f0be488a900d2e63ac125c82db74ec9d9f2016ab945babbe4f53c851f67ee58ead4d8bf8b1ce01acfc |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 7955670128f7f6f25fa575a59a47fbae |
| SHA1 | 52b9638a06157449e66e9ff1dc759473cc50d0f5 |
| SHA256 | acebdfb6c5dcf279495db399a66899baaab58159861abd9e3e42d150fce15bb4 |
| SHA512 | fa2d7014187329f8bac40eab0993512a21dca475ae24a4894ecf457b2222b80d98b2abe960b3b4935e965c6b3309f48021c3fd9ced4ab208935a6497dd24d3b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\places.sqlite
| MD5 | e8b15f3181f683b7ecee7f779bb5dc7e |
| SHA1 | 8d576136b193a9569d91532487645daf5c83adbc |
| SHA256 | 30eba1dc3e46c045511bfcfcbe1f02f7bf1c5eaebbd861ca37975d55d72e65d8 |
| SHA512 | c9d3596aecc7d47630e89bd45416d929e53ebfa9fd0ae09dbaaffa349b6ed15b481b88943edccf0e4b1e028e409025bc4b4ab3f04889fd3cd1bf7a658b4ceb02 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js
| MD5 | e89c00701a34ef60f2c29bcf8cf1b2c9 |
| SHA1 | 06a37a11dcbd596b963f46f064a98d66e411176d |
| SHA256 | a7287c56e96ddcec34ddd277d225d071d1501dd0ed63dd9775c002c23eb34935 |
| SHA512 | b48b2d8c6a619b3c174feb4677527e25ea2d535e62d56e65e062b6f3f1c4080f9bdd806ba2ae81547a9d81b12d319646f7c78b2549a85bd3ca8d07f4c228c20e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\targeting.snapshot.json
| MD5 | 7026217fddef2e955cea98021c2ae70d |
| SHA1 | 91605db9ba917a4b49a47d46980052df870cf257 |
| SHA256 | 4f256190577badb4d091d473a3ba235d6592edda761a09a5162e045678662e1f |
| SHA512 | 30e48137c6e9be9b4e9bcaa2434ee0a2231342213c1d1309476a7fd002d5d3f5ce16e554db670f4a6bcec8ad194d6a42559a76b973e98168e31a39abffae2185 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\bookmarkbackups\bookmarks-2024-08-25_11_ScpUM-Ibb5LR1l4-7-Og+g==.jsonlz4
| MD5 | 708d579bb783ed9e58c4e87173aa5028 |
| SHA1 | 54dcdeb367c15a06aa620df1559de185668992a5 |
| SHA256 | 3f7fa0f3a61236b17951ef95bd63347281c40abbbcce937e8fc787d31c8faa28 |
| SHA512 | 1c7f8b921e5f32d67b1150e24092ab800ca4939993832cc46f43638bdcce380da1e74b44aa2f368a74e5ae29b76ca1e3a20b837517a4f0464b7af53098772e95 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\SiteSecurityServiceState.txt
| MD5 | 4392dc1a4df074dfd7641a1f5d959dde |
| SHA1 | cf09797f5f776c16cb92613429b003a0afda8cd7 |
| SHA256 | 673f5554fb175e13ebe02fce353155e45d0335799f3ea1c2e1abfd277473d276 |
| SHA512 | 419a80c0822ae98a0f12c9b2eabc5867204a63473864eb73ac13cef69f0345f87c7097c7acbab68e53f600813a6c7345d310bc396e29959e76cc33eb918ce18b |