Malware Analysis Report

2025-03-15 04:03

Sample ID 240825-s6qagstcrj
Target Robax.exe
SHA256 88d09d628527a8f6e0f2ddd4b463eda15b8caeafc6f750ac14f4f9b6ea80aea6
Tags
xworm defense_evasion motw phishing rat trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

88d09d628527a8f6e0f2ddd4b463eda15b8caeafc6f750ac14f4f9b6ea80aea6

Threat Level: Known bad

The file Robax.exe was found to be: Known bad.

Malicious Activity Summary

xworm defense_evasion motw phishing rat trojan

Detect Xworm Payload

Xworm family

Xworm

Downloads MZ/PE file

Executes dropped EXE

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Unsigned PE

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Uses Task Scheduler COM API

Checks SCSI registry key(s)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 15:44

Signatures

Detect Xworm Payload

Description Indicator Process Target
N/A N/A N/A N/A

Xworm family

xworm

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 15:44

Reported

2024-08-25 16:00

Platform

win10-20240404-en

Max time kernel

925s

Max time network

900s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Robax.exe"

Signatures

Detect Xworm Payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Xworm

trojan rat xworm

Downloads MZ/PE file

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\4183903823\2290032291.pri C:\Windows\system32\taskmgr.exe N/A
File created C:\Windows\rescache\_merged\1601268389\715946058.pri C:\Windows\system32\taskmgr.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File created C:\Users\Admin\Downloads\Robax.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\XClient.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Downloads\Robax.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
File created C:\Users\Admin\Downloads\XClient.exe:Zone.Identifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Robax.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Robax.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Robax.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Robax.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\XClient.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Robax.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\XClient.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 1468 wrote to memory of 3980 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 3808 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 3808 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 4748 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 2488 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 2488 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 3980 wrote to memory of 2488 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\Robax.exe

"C:\Users\Admin\AppData\Local\Temp\Robax.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.0.1705539134\726345166" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1126b0cd-e681-47f7-b97d-8f9ff9161a47} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 1792 1fda7ded158 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.1.2054799332\1534645805" -parentBuildID 20221007134813 -prefsHandle 2136 -prefMapHandle 2132 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {37f54cde-45e9-4aea-aac0-7c1de67bcb2d} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 2148 1fd9ce71958 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.2.1360854697\599334198" -childID 1 -isForBrowser -prefsHandle 2868 -prefMapHandle 2864 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3e2249d-ade2-424c-b1d0-5709d8818c8e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 2840 1fdac0b1a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.3.349619304\538219333" -childID 2 -isForBrowser -prefsHandle 3500 -prefMapHandle 3496 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e3bed17-08aa-475a-a813-67c72433381b} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 3508 1fdaa6dd858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.4.111014642\1233169614" -childID 3 -isForBrowser -prefsHandle 4128 -prefMapHandle 4140 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56de873a-22bd-4caf-a14e-c3c5032edb4c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4292 1fdae0f3658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.5.1301111361\1030882109" -childID 4 -isForBrowser -prefsHandle 4764 -prefMapHandle 4756 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9010521e-14a6-4a03-a29d-339c61d1f6c9} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4776 1fdae3fb058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.6.564754405\78771545" -childID 5 -isForBrowser -prefsHandle 4920 -prefMapHandle 4924 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {da5777d0-e3e3-4672-8fa6-a103c5ae1d21} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4912 1fdae67e358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.7.2020203478\1063387286" -childID 6 -isForBrowser -prefsHandle 5100 -prefMapHandle 5104 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {70c1ed15-131b-44fc-af71-2892fdc9dd59} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 4776 1fdae67f258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.8.803342278\909860358" -childID 7 -isForBrowser -prefsHandle 5624 -prefMapHandle 5644 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {668677d9-b379-420b-b410-096638d6f418} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 5604 1fdaf832058 tab

C:\Users\Admin\Downloads\Robax.exe

"C:\Users\Admin\Downloads\Robax.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.9.843073932\1943615127" -childID 8 -isForBrowser -prefsHandle 10352 -prefMapHandle 4776 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a03f77db-c64d-4342-a2ca-d36b18a39e6d} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 1624 1fdb0f1c958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.10.1880691498\1318305223" -childID 9 -isForBrowser -prefsHandle 5260 -prefMapHandle 5216 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f635b29-5496-49a1-9027-ec52faec0c02} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 5240 1fdb10ae058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.11.1249109736\1511535389" -childID 10 -isForBrowser -prefsHandle 10196 -prefMapHandle 10096 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88f61c1a-eb3e-4f64-bf16-e42660504654} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10092 1fdb0dd6658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.12.2091266705\860685095" -childID 11 -isForBrowser -prefsHandle 10176 -prefMapHandle 9972 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f95bf50e-acba-4229-bb07-bb76412bf832} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10196 1fdb14e4d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.13.1205404519\220356316" -childID 12 -isForBrowser -prefsHandle 10176 -prefMapHandle 9972 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1e5d8ab-c90b-40c9-80b6-0484fce4320c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9692 1fdb1a61558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.14.923148167\158915508" -childID 13 -isForBrowser -prefsHandle 9444 -prefMapHandle 9440 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d0f2efa-5586-4fcc-8c23-bc8454334150} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9452 1fdb1a61858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.15.1900927754\931979952" -childID 14 -isForBrowser -prefsHandle 9272 -prefMapHandle 9268 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5aadd7fb-04dc-42b5-bfb8-e8e475098563} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9288 1fdb1a62758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.16.657074522\150314662" -childID 15 -isForBrowser -prefsHandle 9056 -prefMapHandle 9312 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d17e12f4-de72-4f27-87d5-4765363805b8} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9080 1fdb156ce58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.17.1581636520\536784319" -childID 16 -isForBrowser -prefsHandle 8888 -prefMapHandle 8884 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {070f7a6f-8839-4259-87c5-1dced6f1a075} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9180 1fdb1e9ce58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.18.971722541\1176920805" -childID 17 -isForBrowser -prefsHandle 9380 -prefMapHandle 8652 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {15125d0d-c083-4106-bb39-a5711f8b3ac5} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9212 1fdb1f9ee58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.19.594435224\1757971684" -childID 18 -isForBrowser -prefsHandle 9236 -prefMapHandle 9224 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5931dd5e-1431-4ba4-8cf7-0fe2e1c4b45a} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 9280 1fdb1f9e558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.20.1953124406\324060577" -childID 19 -isForBrowser -prefsHandle 8396 -prefMapHandle 8400 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a801b2d6-8e25-4a9d-a089-beb5777f094f} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8388 1fdb1daf558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.21.326478607\1425842302" -childID 20 -isForBrowser -prefsHandle 8008 -prefMapHandle 8012 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {99e48513-8fce-4892-ab23-2dcf36fad015} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8072 1fdb2ea5e58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.22.2057608284\1826135080" -childID 21 -isForBrowser -prefsHandle 7996 -prefMapHandle 8000 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {79284d44-2163-4960-9d56-e294dc3bc10e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 8084 1fdb2ea3a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.23.223834911\2042127381" -childID 22 -isForBrowser -prefsHandle 7788 -prefMapHandle 7792 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d166a93-96d2-4d13-a9d7-e1e228637d0c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7780 1fdb2ac2558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.24.236601621\1744564123" -childID 23 -isForBrowser -prefsHandle 7896 -prefMapHandle 7884 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8758f96f-624d-4113-b431-adff23d47ac6} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7908 1fdb338b758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.25.997543392\958609477" -childID 24 -isForBrowser -prefsHandle 7380 -prefMapHandle 7384 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {baf1f61d-0735-4603-837c-e795af0e5794} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7372 1fdb3769658 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.26.611345004\867310695" -childID 25 -isForBrowser -prefsHandle 7232 -prefMapHandle 7352 -prefsLen 26808 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {42754928-f65d-46c9-af40-9e49ee521216} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7492 1fdb3768458 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.27.1270960890\717090508" -childID 26 -isForBrowser -prefsHandle 7492 -prefMapHandle 7248 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0fefeed0-b795-4978-b50a-213a9194b0c0} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6816 1fdb4838d58 tab

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.28.655777060\1405761198" -childID 27 -isForBrowser -prefsHandle 10496 -prefMapHandle 10492 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43292931-c6ac-47ac-b4d2-fe433c376ed6} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10504 1fdb31fd858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.29.1675250642\383177807" -childID 28 -isForBrowser -prefsHandle 10524 -prefMapHandle 10528 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff9fe977-5bb6-4b28-bb4d-6f75b9d1131c} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6664 1fdb46de258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.30.877116441\1530323200" -childID 29 -isForBrowser -prefsHandle 5652 -prefMapHandle 6996 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {88be9b99-0cf9-4394-b58f-5a5e602812ac} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 10700 1fdb4b4d958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.31.1524535302\728929334" -childID 30 -isForBrowser -prefsHandle 10724 -prefMapHandle 10728 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9a51ee0b-99a1-4f84-9ebd-29ee4c183a8e} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 6480 1fdb4b4ca58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3980.32.959413254\2039683247" -childID 31 -isForBrowser -prefsHandle 10712 -prefMapHandle 10716 -prefsLen 26864 -prefMapSize 233444 -jsInitHandle 1304 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e12f22a-2b7a-4d95-af20-d18b37daf021} 3980 "\\.\pipe\gecko-crash-server-pipe.3980" 7352 1fdb4b4d058 tab

C:\Users\Admin\Downloads\Robax.exe

"C:\Users\Admin\Downloads\Robax.exe"

C:\Users\Admin\Downloads\Robax.exe

"C:\Users\Admin\Downloads\Robax.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.0.1326539269\1051034276" -parentBuildID 20221007134813 -prefsHandle 1596 -prefMapHandle 1588 -prefsLen 21136 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f8664b8-eeec-4b0f-ad57-8c58a68c379b} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 1688 1eedfafb358 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.1.348719560\146026041" -parentBuildID 20221007134813 -prefsHandle 1992 -prefMapHandle 1988 -prefsLen 21181 -prefMapSize 233583 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f39fc4e4-d4a3-4539-8a6f-8bc684cb3cb1} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 2004 1eedf736158 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.2.367979329\137439284" -childID 1 -isForBrowser -prefsHandle 2684 -prefMapHandle 2588 -prefsLen 21642 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc87f73d-c0fc-4998-b89f-d5b22bb741fc} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 2892 1eee23ab858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.3.1769745482\310168723" -childID 2 -isForBrowser -prefsHandle 3264 -prefMapHandle 3260 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dbb855d0-66e0-4c02-8e2a-854e65e5f9aa} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 3116 1eed4b62858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.4.323211311\1452050492" -childID 3 -isForBrowser -prefsHandle 3672 -prefMapHandle 3668 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {832de8df-0fc0-4365-a3d5-4cbbf067ab7f} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 3692 1eee4d53b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.5.282959071\1148423311" -childID 4 -isForBrowser -prefsHandle 4588 -prefMapHandle 4592 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdd3ed8d-6fcb-4546-b6c0-3b82ff1753bb} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4524 1eee231b258 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.6.901273236\718374795" -childID 5 -isForBrowser -prefsHandle 4648 -prefMapHandle 4652 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d9bfc2c-8783-4c49-9bdb-008a5e3dc374} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4640 1eee59d2558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3484.7.617990733\1253258243" -childID 6 -isForBrowser -prefsHandle 4840 -prefMapHandle 4844 -prefsLen 26820 -prefMapSize 233583 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3883c643-9eeb-42f3-9ef8-df7cb0f2fb5b} 3484 "\\.\pipe\gecko-crash-server-pipe.3484" 4832 1eee59d5e58 tab

C:\Users\Admin\Downloads\XClient.exe

"C:\Users\Admin\Downloads\XClient.exe"

C:\Users\Admin\Downloads\Robax.exe

"C:\Users\Admin\Downloads\Robax.exe"

C:\Users\Admin\Downloads\XClient.exe

"C:\Users\Admin\Downloads\XClient.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

Network

Country Destination Domain Proto
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
N/A 127.0.0.1:49766 tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 f.f.f.f.8.f.2.0.2.c.1.c.3.1.0.9.f.f.f.f.6.9.8.8.8.0.8.0.8.0.8.0.ip6.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 166.188.117.34.in-addr.arpa udp
US 8.8.8.8:53 213.24.239.44.in-addr.arpa udp
N/A 127.0.0.1:49773 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 shorturl.at udp
US 172.67.69.88:80 shorturl.at tcp
US 8.8.8.8:53 shorturl.at udp
US 172.67.69.88:80 shorturl.at tcp
US 172.67.69.88:80 shorturl.at tcp
US 8.8.8.8:53 shorturl.at udp
US 172.67.69.88:443 shorturl.at tcp
US 8.8.8.8:53 88.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 www.shorturl.at udp
US 8.8.8.8:53 www.shorturl.at udp
US 104.26.9.129:443 www.shorturl.at tcp
US 8.8.8.8:53 www.shorturl.at udp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 tags.refinery89.com udp
IE 3.162.140.123:443 tags.refinery89.com tcp
US 8.8.8.8:53 d38u9fzbdfzf67.cloudfront.net udp
US 8.8.8.8:53 d38u9fzbdfzf67.cloudfront.net udp
US 8.8.8.8:53 129.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 123.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 cdn.consentmanager.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 a.delivery.consentmanager.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
DE 87.230.98.78:443 a.delivery.consentmanager.net tcp
US 8.8.8.8:53 a.delivery.consentmanager.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 89.187.167.39:443 cdn.consentmanager.net tcp
US 8.8.8.8:53 1376624012.rsc.cdn77.org udp
IE 18.66.167.55:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 a.delivery.consentmanager.net udp
US 8.8.8.8:53 1376624012.rsc.cdn77.org udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 d1ykf07e75w7ss.cloudfront.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 b.delivery.consentmanager.net udp
DE 87.230.98.78:443 b.delivery.consentmanager.net tcp
DE 87.230.98.78:443 b.delivery.consentmanager.net tcp
US 8.8.8.8:53 b.delivery.consentmanager.net udp
US 8.8.8.8:53 b.delivery.consentmanager.net udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 78.98.230.87.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 55.167.66.18.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
IE 18.66.167.55:443 d1ykf07e75w7ss.cloudfront.net tcp
US 8.8.8.8:53 d1hyarjnwqrenh.cloudfront.net udp
IE 18.66.168.3:443 d1hyarjnwqrenh.cloudfront.net tcp
US 8.8.8.8:53 d1hyarjnwqrenh.cloudfront.net udp
US 8.8.8.8:53 d1hyarjnwqrenh.cloudfront.net udp
US 8.8.8.8:53 3.168.66.18.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 download1075.mediafire.com udp
US 8.8.8.8:53 download1075.mediafire.com udp
US 205.196.122.16:443 download1075.mediafire.com tcp
US 8.8.8.8:53 download1075.mediafire.com udp
US 8.8.8.8:53 16.122.196.205.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
DE 87.230.98.78:443 b.delivery.consentmanager.net tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 d294j4en0095q1.cloudfront.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 script.4dex.io udp
IE 3.162.148.221:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
IE 3.162.143.68:443 d294j4en0095q1.cloudfront.net tcp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 d1jvc9b8z3vcjs.cloudfront.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 d294j4en0095q1.cloudfront.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 104.18.34.178:443 mp.4dex.io tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 e4536.g.akamaiedge.net udp
US 8.8.8.8:53 cadmus.script.ac udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 104.18.23.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 euw2.smartadserver.com udp
US 34.149.50.64:443 s.seedtag.com udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 221.148.162.3.in-addr.arpa udp
US 8.8.8.8:53 68.143.162.3.in-addr.arpa udp
US 8.8.8.8:53 178.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 euw2.smartadserver.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 bidder.nl3.vip.prod.criteo.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 3.165.232.34:443 config.aps.amazon-adsystem.com tcp
NL 23.218.48.210:443 e4536.g.akamaiedge.net tcp
US 3.165.232.40:443 tags.crwdcntrl.net tcp
NL 185.89.210.46:443 ib.adnxs.com tcp
FR 178.32.210.226:443 euw2.smartadserver.com tcp
FR 178.32.210.226:443 euw2.smartadserver.com tcp
FR 178.32.210.226:443 euw2.smartadserver.com tcp
NL 178.250.1.8:443 bidder.nl3.vip.prod.criteo.com tcp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 cadmus.script.ac udp
FR 172.217.20.162:443 ep1.adtrafficquality.google tcp
US 104.18.36.155:443 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 cadmus.script.ac udp
FR 142.250.179.65:443 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
IE 54.154.69.222:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 u.4dex.io udp
US 8.8.8.8:53 ice.360yield.com udp
US 172.67.41.60:443 btloader.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 34.149.40.38:443 u.4dex.io tcp
FR 172.217.20.162:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 d294j4en0095q1.cloudfront.net udp
FR 142.250.179.65:443 455ceb4f5194e40c2965b1620fbe4c83.safeframe.googlesyndication.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
IE 52.95.115.255:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 pagead-googlehosted.l.google.com udp
US 8.8.8.8:53 static.nl3.vip.prod.criteo.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 34.149.40.38:443 u.4dex.io udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 u.4dex.io udp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 btloader.com udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 u.4dex.io udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 ad-delivery.net udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 210.48.218.23.in-addr.arpa udp
US 8.8.8.8:53 46.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 34.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 40.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 226.210.32.178.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 222.69.154.54.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 38.40.149.34.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 255.115.95.52.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
NL 185.89.210.46:443 ib.adnxs.com tcp
FR 178.32.210.226:443 euw2.smartadserver.com tcp
NL 178.250.1.8:443 bidder.nl3.vip.prod.criteo.com tcp
IE 52.19.47.217:443 ice.360yield.com tcp
US 8.8.8.8:53 www.google.com udp
FR 164.132.25.180:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 ssbsync-euw2.smartadserver.com udp
US 8.8.8.8:53 ssbsync-euw2.smartadserver.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 130.211.23.194:443 api.btloader.com udp
GB 95.100.244.195:443 ads.pubmatic.com tcp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 dsp-cookie.adfarm1.adition.com udp
US 8.8.8.8:53 e6603.g.akamaiedge.net udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 nydc1.outbrain.org udp
IE 18.66.171.8:443 s.ad.smaato.net tcp
US 8.8.8.8:53 cdn-content.ampproject.org udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 nydc1.outbrain.org udp
US 8.8.8.8:53 s.ad.smaato.net udp
IE 52.49.78.189:443 ap.lijit.com tcp
US 8.8.8.8:53 dsp-cookie.adfarm1.adition.com udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 64.202.112.63:443 b1sync.zemanta.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
FR 216.58.214.161:443 cdn-content.ampproject.org udp
US 8.8.8.8:53 blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 dsp-cookie.adfarm1.adition.com udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 180.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 217.47.19.52.in-addr.arpa udp
US 8.8.8.8:53 195.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 194.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 161.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 8.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 189.78.49.52.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 217.210.82.80.in-addr.arpa udp
US 8.8.8.8:53 63.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
US 8.8.8.8:53 rtb-csync-euw2.smartadserver.com udp
IE 34.254.135.1:443 raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com tcp
FR 178.32.197.56:443 rtb-csync-euw2.smartadserver.com tcp
US 76.223.111.18:443 eu-eb2.3lift.com tcp
US 8.8.8.8:53 rtb-csync-euw2.smartadserver.com udp
US 8.8.8.8:53 eu-eb2.3lift.com udp
FR 178.32.197.56:443 rtb-csync-euw2.smartadserver.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.3:443 static.nl3.vip.prod.criteo.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 gum.nl3.vip.prod.criteo.com udp
FR 178.32.197.56:443 rtb-csync-euw2.smartadserver.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
FR 142.250.178.138:443 ajax.googleapis.com tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
FR 142.250.178.138:443 ajax.googleapis.com udp
FR 142.250.178.134:443 s0.2mdn.net udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 56.197.32.178.in-addr.arpa udp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 1.135.254.34.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
DE 51.75.86.98:443 onetag-sys.com udp
US 8.8.8.8:53 134.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
FR 172.217.20.162:443 googleads.g.doubleclick.net udp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 cs.seedtag.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 e8960.e2.akamaiedge.net udp
US 8.8.8.8:53 onetag-sys.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 151.101.129.108:443 acdn.adnxs.com tcp
US 35.244.159.8:443 u.openx.net tcp
FR 216.58.214.162:443 googleads4.g.doubleclick.net tcp
US 104.16.183.87:443 cs.seedtag.com tcp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 eu-west-dual.ads.stickyadstv.com.akadns.net udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 104.22.50.98:443 spl.zeotap.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
FR 216.58.214.162:443 googleads4.g.doubleclick.net udp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 216.200.232.249:443 sync.mathtag.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 89.149.193.100:443 ssbsync-global.smartadserver.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
FR 142.250.178.130:443 cm.g.doubleclick.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
FR 142.250.178.130:443 cm.g.doubleclick.net tcp
US 104.16.183.87:443 cs.seedtag.com udp
US 8.8.8.8:53 110.101.22.2.in-addr.arpa udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
FR 142.250.178.130:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 162.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 87.183.16.104.in-addr.arpa udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 prod.appnexus.map.fastly.net udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ads.us.e-planning.net udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 cs.seedtag.com udp
FR 178.250.7.13:443 dnacdn.net tcp
FR 185.235.86.130:443 gem.gbc.criteo.com tcp
FR 185.235.86.110:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 cs.seedtag.com udp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
US 8.8.8.8:53 pixel-origin.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 dorpat.geo.iponweb.net udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 163.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 100.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 249.232.200.216.in-addr.arpa udp
US 8.8.8.8:53 131.151.46.52.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 8.8.8.8:53 pixel.rubiconproject.net.akadns.net udp
US 8.8.8.8:53 dorpat.geo.iponweb.net udp
US 8.8.8.8:53 outspot2-ams.adx.opera.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 csync.smartadserver.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 imagsync-lhrpairbc.pubmatic.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
NL 185.89.210.90:443 secure.adnxs.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
GB 2.16.170.40:443 csync.smartadserver.com tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
FR 217.182.178.234:443 sync.smartadserver.com tcp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 imagsync-lhrpairbc.pubmatic.com udp
US 8.8.8.8:53 cm.adform.net udp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 creativecdn.com udp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 34.252.6.15:443 match.prod.bidr.io tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 34.1.230.181:443 csync.loopme.me tcp
IE 108.128.151.11:443 ad.360yield.com tcp
DK 37.157.6.232:443 cm.adform.net tcp
US 8.8.8.8:53 ssbsync-euw1.smartadserver.com udp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 ced-ns.sascdn.com udp
GB 2.16.170.40:443 csync.smartadserver.com tcp
US 68.232.35.16:443 ced-ns.sascdn.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 gbc4.fr3.eu.criteo.com udp
US 8.8.8.8:53 gbc3.fr3.eu.criteo.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 gbc3.fr3.eu.criteo.com udp
US 8.8.8.8:53 ads.us.e-planning.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 130.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 110.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 90.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 40.170.16.2.in-addr.arpa udp
US 8.8.8.8:53 234.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 224.236.55.162.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 15.6.252.34.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 11.151.128.108.in-addr.arpa udp
US 8.8.8.8:53 181.230.1.34.in-addr.arpa udp
US 8.8.8.8:53 232.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 16.35.232.68.in-addr.arpa udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ib.anycast.adnxs.com udp
US 8.8.8.8:53 a577.dscb.akamai.net udp
US 8.8.8.8:53 ads.us.e-planning.net udp
US 8.8.8.8:53 a577.dscb.akamai.net udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 18.213.195.227:443 api-2-0.spot.im tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 visitor-fra02.omnitagjs.com udp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 34.1.230.181:443 csync.loopme.me tcp
US 3.165.232.40:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 match-eu-central-1-ecs.sharethrough.com udp
US 8.8.8.8:53 am1-direct-bgp.contextweb.com udp
US 8.8.8.8:53 visitor-fra02.omnitagjs.com udp
US 8.8.8.8:53 c1.adform.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 185.64.191.214:443 imagsync-lhrpairbc.pubmatic.com tcp
US 64.202.112.63:443 b1sync.zemanta.com tcp
US 54.157.210.214:443 sync.srv.stackadapt.com tcp
IE 52.49.168.145:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 192.132.33.69:443 bttrack.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 3.209.126.202:443 cs-server-s2s.yellowblue.io tcp
FR 178.32.197.56:443 sync.smartadserver.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 creativecdn.com udp
DK 37.157.5.133:443 c1.adform.net tcp
FR 178.32.197.56:443 sync.smartadserver.com tcp
GB 92.123.140.19:443 player.aniview.com udp
US 104.17.44.93:443 gum.aidemsrv.com udp
US 35.244.174.68:443 id.rlcdn.com udp
FR 178.32.197.56:443 sync.smartadserver.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 227.195.213.18.in-addr.arpa udp
US 8.8.8.8:53 111.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 145.168.49.52.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 214.210.157.54.in-addr.arpa udp
US 8.8.8.8:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 8.8.8.8:53 euw-ice.360yield.com udp
US 8.8.8.8:53 sync.aniview.com udp
FR 178.32.197.56:443 sync.smartadserver.com tcp
US 8.8.8.8:53 cs410.wac.edgecastcdn.net udp
US 8.8.8.8:53 envoy-hl.envoy-csync1.core-b8mf.ov1o.com udp
US 8.8.8.8:53 track-eu.adformnet.akadns.net udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 cs410.wac.edgecastcdn.net udp
US 8.8.8.8:53 jadserve.postrelease.com.akadns.net udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 jadserve.postrelease.com.akadns.net udp
US 8.8.8.8:53 widget.nl3.vip.prod.criteo.com udp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 k8s-kongow-generalp-4b9a3bfec6-974801183.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 widget.nl3.vip.prod.criteo.com udp
FR 51.178.195.216:443 sync.smartadserver.com tcp
US 8.8.8.8:53 k8s-kongow-generalp-4b9a3bfec6-974801183.us-east-1.elb.amazonaws.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 34.196.131.151:443 qvdt3feo.com tcp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 tracker-use.ortb.net udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 dckrl2e5yf7xg.cloudfront.net udp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 tracker-use.ortb.net udp
US 172.240.45.78:443 sync.aniview.com udp
US 8.8.8.8:53 dckrl2e5yf7xg.cloudfront.net udp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 x.bidswitch.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 pixel.33across.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 a1970.dscd.akamai.net udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 track.adformnet.akadns.net udp
US 8.8.8.8:53 sync-sc-main-was.aniview.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 track.adformnet.akadns.net udp
US 8.8.8.8:53 202.126.209.3.in-addr.arpa udp
US 8.8.8.8:53 133.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 216.195.178.51.in-addr.arpa udp
US 8.8.8.8:53 151.131.196.34.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 sync-sc-main-was.aniview.com udp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 user-data-eu.bidswitch.net udp
US 8.8.8.8:53 qvdt3feo.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 visitor-ow.omnitagjs.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
US 8.8.8.8:53 visitor-us-west-2.omnitagjs.com udp
US 8.8.8.8:53 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com udp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 69.166.1.35:443 iad-2-sync.go.sonobi.com tcp
US 35.166.205.24:443 visitor-ow.omnitagjs.com tcp
IE 52.18.177.155:443 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com tcp
US 8.8.8.8:53 iad-2-sync.go.sonobi.com udp
US 8.8.8.8:53 visitor-us-west-2.omnitagjs.com udp
US 8.8.8.8:53 cs.openwebmp.com udp
US 8.8.8.8:53 rw-yieldmo-com-tf-362867385.eu-west-1.elb.amazonaws.com udp
US 34.98.64.218:443 u.openx.net tcp
NL 147.75.80.51:443 prebid.a-mo.net tcp
US 34.98.64.218:443 u.openx.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 am6-tmp.a-mx.net udp
GB 108.138.233.96:443 cs.openwebmp.com tcp
GB 108.138.233.96:443 cs.openwebmp.com tcp
US 8.8.8.8:53 d1mee2k02h94hw.cloudfront.net udp
GB 108.138.233.96:443 cs.openwebmp.com tcp
GB 108.138.233.96:443 cs.openwebmp.com tcp
GB 108.138.233.96:443 cs.openwebmp.com tcp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 am6-tmp.a-mx.net udp
US 8.8.8.8:53 d1mee2k02h94hw.cloudfront.net udp
US 8.8.8.8:53 e8960.b.akamaiedge.net udp
US 8.8.8.8:53 support.mozilla.org udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 us-west1.prod.sumo.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 155.177.18.52.in-addr.arpa udp
US 8.8.8.8:53 72.119.184.18.in-addr.arpa udp
US 8.8.8.8:53 35.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 51.80.75.147.in-addr.arpa udp
US 8.8.8.8:53 96.233.138.108.in-addr.arpa udp
US 34.1.230.181:443 envoy-hl.envoy-csync1.core-b8mf.ov1o.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
IE 54.154.213.207:443 cs.yellowblue.io tcp
US 8.8.8.8:53 cs.yellowblue.io udp
IE 54.154.213.207:443 cs.yellowblue.io tcp
US 8.8.8.8:53 cs.yellowblue.io udp
US 8.8.8.8:53 207.213.154.54.in-addr.arpa udp
FR 51.178.195.216:443 sync.smartadserver.com tcp
FR 51.178.195.216:443 sync.smartadserver.com tcp
US 8.8.8.8:53 assets.a-mo.net udp
US 104.19.159.19:443 assets.a-mo.net tcp
US 8.8.8.8:53 assets.a-mo.net.cdn.cloudflare.net udp
US 8.8.8.8:53 assets.a-mo.net.cdn.cloudflare.net udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ssum.casalemedia.com udp
DE 79.127.216.47:443 id.a-mx.com tcp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 19.159.19.104.in-addr.arpa udp
US 35.186.253.211:443 rtb.openx.net tcp
US 172.64.151.101:443 ssum.casalemedia.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 172.64.151.101:443 ssum.casalemedia.com udp
US 8.8.8.8:53 sync.a-mo.net udp
US 35.186.253.211:443 rtb.openx.net udp
NL 147.75.34.177:443 sync.a-mo.net tcp
NL 147.75.34.47:443 sync.a-mo.net tcp
NL 147.75.34.47:443 sync.a-mo.net tcp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 ow.pubmatic.com udp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 xandr-prebid.trafficmanager.net udp
GB 185.64.190.84:443 ow.pubmatic.com tcp
US 8.8.8.8:53 ow-lhrc.pubmnet.com udp
US 8.8.8.8:53 ow-lhrc.pubmnet.com udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 177.34.75.147.in-addr.arpa udp
US 8.8.8.8:53 47.34.75.147.in-addr.arpa udp
US 8.8.8.8:53 84.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 csm.nl3.vip.prod.criteo.net udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 24.73.42.20.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:51054 tcp
N/A 127.0.0.1:51067 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 201.181.244.35.in-addr.arpa udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 a19.dscg10.akamai.net udp
US 8.8.8.8:53 redirector.gvt1.com udp
FR 216.58.214.174:443 redirector.gvt1.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 redirector.gvt1.com udp
US 8.8.8.8:53 155.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
FR 216.58.214.174:443 redirector.gvt1.com udp
US 8.8.8.8:53 r2---sn-aigzrnse.gvt1.com udp
GB 74.125.168.199:443 r2---sn-aigzrnse.gvt1.com tcp
US 8.8.8.8:53 r2.sn-aigzrnse.gvt1.com udp
US 8.8.8.8:53 r2.sn-aigzrnse.gvt1.com udp
GB 74.125.168.199:443 r2.sn-aigzrnse.gvt1.com udp
US 8.8.8.8:53 199.168.125.74.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 172.67.69.88:80 www.shorturl.at tcp
US 172.67.69.88:80 www.shorturl.at tcp
US 172.67.69.88:80 www.shorturl.at tcp
US 172.67.69.88:443 www.shorturl.at tcp
US 104.26.9.129:443 www.shorturl.at tcp
US 8.8.8.8:53 download1509.mediafire.com udp
US 205.196.123.197:443 download1509.mediafire.com tcp
US 8.8.8.8:53 download1509.mediafire.com udp
US 8.8.8.8:53 download1509.mediafire.com udp
US 8.8.8.8:53 197.123.196.205.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 216.72.190.35.in-addr.arpa udp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp
N/A 127.0.0.1:7000 tcp

Files

memory/816-0-0x00007FFC73053000-0x00007FFC73054000-memory.dmp

memory/816-1-0x0000000000820000-0x000000000082E000-memory.dmp

memory/816-2-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp

memory/816-3-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\cff7424e-d37d-42d9-9cf2-d015359ff44c

MD5 ff9aad5b02b4c0212650436df9ebc0e9
SHA1 bc7b053efc9eb7f6490cd5c01ae9a8185df8ebc6
SHA256 fa0117ab014203946d4aca7845db48772991e68ef51317b6482df62b57351620
SHA512 1ce083afa588fe224e8867c7ee0a561a773f8f883b094d110355adf58aa94a9485bb66eb163f8cd690c3e54743379e6a464bbbcf52019e23e341f99aefa04ca4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\7fa699e8-cdbb-46a2-b6e8-1de1f834674d

MD5 8ba728303f7185deac00570ba01bfa5f
SHA1 94f8ae2df042028dd06eb563f5d7a11654be1e7a
SHA256 1edefb59934a37b2ed43e47d98ed5052c680dd188811fa77aac2a3245304e6c8
SHA512 578f6a409fb67135a8b92bcabaeabea4b812a8ae5e95fe1591decdb53c9f77e16245024cdd88499f4804d53758df96b1806fc245bcc05015877c6e87bbecca08

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin

MD5 a0147d2f5271b33951a82bb1c88898cb
SHA1 938f1e18a405e7735710e1f29613f4dba2e969f5
SHA256 32e7386f659e5aad3cea71a44b510a6b03851ef402419f47627298b74fc7c553
SHA512 65865cf2ad5c596feb89aa9002e92dc2548b76430af3b6a67ce6c8dc087a5e095114870e87f665ec5ae90bf9ca0bcfa2c7a9743eb3c9ff62f143abd4c7b9bf7e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9816109cbf9597b5ca27ad702b5fc35c
SHA1 750ad76a18478bc1126f8e69677b4f752f69225e
SHA256 b7e924dc5f973b8119b944e3af4d9b3f36d05e4e3eb660529f9446f07c6c14b9
SHA512 8aa66eddab354eeec81f157d49689e8f97ad54f227cb00da9262da4857d6602f8f653493f13108e2a74fd7dad215d7a5f17fdd8c463b7a0b8f0f25d3aa8527fd

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 0ed2663971e8051b2bcb574926400fa8
SHA1 467756bf41c377bdb07c8be10d5391f1df1d80a7
SHA256 0c44c9887ebd30506041e4f483422673660df0b74c7468b0cab2c69bee1f4e8c
SHA512 e521f02d0a4dc70e3bb33747c5113c76f18f15b4370826ef13700c4f559c8b158ed1d8ef79d7d88794bfea61496a75d653237391f2f8b5e53d8574a21f113898

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js

MD5 f07653eb91cfd4bd374bb7e2689a8448
SHA1 91c0303cd51877b5bb9c32dd028dccded2eb0db6
SHA256 e9ed6c4f5d1ab66393c8bf80aa27bb5f2cdd10da706341910738327a7807fb56
SHA512 ae18a97e67b823be9e4163065f0617cbbbea51c940b64a75296920deb234f20221c08130912feb6d8db44905b7304f1700d8cebbabad4a8762d66ec73ff96833

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 cfbaaba58a13caa4a2cd15e51d3d10d0
SHA1 a4fce31b47ab9511fc91e759c0bef1dc9334b17f
SHA256 d038d214fc25cf594e3e0e5dd764758405bfd5950b9f51c25a4e6d8d2e9a6888
SHA512 72af9daf4a27e76289b3e44e38fc0fc5814305c2cb5fc87695f3bf7c0111ff7f5e82b5aeb8baf1941076e972e94fb6d1a8ea199f69b8457ce49081b21b3a0df1

C:\Users\Admin\Downloads\Robax.exe

MD5 f2a0b732e9b58a2882c0a2652c68da89
SHA1 8c27ccd93f67395acaa71da72f0b7988d575aa86
SHA256 88d09d628527a8f6e0f2ddd4b463eda15b8caeafc6f750ac14f4f9b6ea80aea6
SHA512 92ddc326a34434fe84a9c771e3f9c40ab2a0ef6d241cf65c23a2c3b7dec9a428dafab614e6dc1a8dcdb29e55bb62f425d5d885f573c34cbd065485d8abf7bef1

memory/756-221-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp

memory/756-225-0x00007FFC73050000-0x00007FFC73A3C000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 8c9a956da83fe54781e9c6902930aa6a
SHA1 9331bd7cb7381210a8242e22e1bcc3ba5d5cd159
SHA256 659caef8d785d10b6d1cc68b58e4ec28a14df0e92cae57fd8ece5f5ce6247406
SHA512 76f2813b7694e181cfb989fb2bc4f60e05f0dd1c5695a24320c53b7ec37af65e86d548f9cafc9a7ef0f6ee467809c29b12b970f9fe43b8080a1b59a75fbbfd92

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0D0BB73C78ADDE449FA633D84DF95E410284A76D

MD5 266a71de51408d1a8268eb21c7540966
SHA1 ac9ffb7aba47ee72c06fc8b0ec3800c070b1d51a
SHA256 c153f1c4fd39b7b675e702e96570c5022b541505a757cf085bcd9ff23b8667cc
SHA512 7904d1a1623b77b4b0ceeabd86aaef49bd4639927f7db0bffdf55c9504470055cc75da5aad18edfe17d3b88bba9bca5d02b43c7c932dfcfdb91ca87e19de829a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\433C76AC9AB32960C4FB97F78B6A7687B4E33F26

MD5 21496f1b5539e00ff17a550022ea00a6
SHA1 359e4d9c18248e48810165a8c04121b1b7cb3ab3
SHA256 325dbef1331251158605d49180306ea11c559d83e3498e369c6a7c004b3a2f11
SHA512 ea00c8b89e2b4fea57dacb4909929fe7eb229e649c3c27ae9cfe9c296c7680a23a36a2ea5f6b8f49aa2ef6e8481cda23af432798c3a96b871949f2fa50bf3ec1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\14602

MD5 93f81bbc275c5640b4ab3dc6a4f93da6
SHA1 b4767e04ff8bb52309966a5b9258a985eebf67ec
SHA256 801fc559aabbe6460e1ddcba1049c8ac5f7edd27521325835a8894ef7cd4e00f
SHA512 140d5e338cf648984c66535adfa24d90c8d28cbd80cb0051869968011fed5d8ffef4ec67bbb0942a530dfec4d1cd47bd4d7f5a93d6a25ec34232898b29cd47fa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\3122

MD5 85aad11daba87442e2ec576682f57152
SHA1 832dba74dfbc49e27cb313e2977d32600bef8c99
SHA256 b537c1fd1187846825fa6e3c667f163bd0799d6871dd7e68dd11841a2284b41c
SHA512 681f395aecff59208f42c25bd77e04db6b58993bd86b7c6c14af113218ce6c3decda2f79c9d275b43e6e1b9738d2b90d37214ccebdfd599a65b2b3eeed3f7a2b

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js

MD5 bbaab47ea46eab9e3f9be0b2b25c139a
SHA1 2ac0ebc8e3c5bcaa1b9e682985989ab23ea7bde1
SHA256 bf1226944bdd90c1a575ee251852c5a717d4640157e1965ceec752985518e6b8
SHA512 6dd070ea5355bf2b6faebf01c29563df352d0a973cb14087e91c1d6a48b46b6e72d42e2064e929e2664beba752a093c67c311705fa590db2a002a041e9dd67fb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js

MD5 b70325e6eefcb7f53e5030278323436e
SHA1 67615876af7587e449faa0db93077aff468954af
SHA256 f320dbe234320165d7e1212431cc52c71293cb8a3d05b791965b6b1231def7e0
SHA512 a4fde179f72907ab79ce42cf14121010445b5d03f312e5489b8a21ad459a0df5f505b7273c2b79f36ac1b6f15ea892ca0650fb98e05de3ccb67d7faef24c99c6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\69C85B5310A2628963FF16C33CDDE1E8257D6A99

MD5 39ab8dced670172b49fe6d15c5ed8838
SHA1 b73fed91bfc5360213287b9f36654791204b5018
SHA256 eedd145a8137ce8960dc0d36c436cdeda698e473e52b59d47193b57d5aef4b65
SHA512 59f66a8a0952d3f26b78027e306ecc88ad805e323dfa3f81fe448c880e7ecbc48af65b5211f8f4db109dac18dc4e57b06a9a550432cd7561ebc555c552a0f65a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\doomed\22943

MD5 e3d1dbc52d3cba7f897918938eb6d17b
SHA1 f06cffa8fa92a7cc73a8644eda876e592e997b63
SHA256 af931868b2cb456c5827d273b85ac4901206e25c27415aaadb58365359731fd0
SHA512 273b50509e8590de55ad0be6a6eb75fff5fb34aab47860be6c3ae5c8ca815b45edd4445175e7dc65b7a6996d3b5ee6df7602f24eafb05e979df0451e868ecda1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json

MD5 a0821bc1a142e3b5bca852e1090c9f2c
SHA1 e51beb8731e990129d965ddb60530d198c73825f
SHA256 db037b650f36ff45da5df59bc07b0c5948f9e9b7b148ead4454ab84cb04fd0e2
SHA512 997528e2ecd24a7e697d95cd1a2a7de46a3d80b37fd67fac4fb0da0db756b60a24648b7074255dc38f7651302f70894a53c3d789f3d7cd9f80fb91bd0cade4be

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore.jsonlz4

MD5 bbfd28dc41ad7ddfe325994b6af9f92e
SHA1 9a6255246db6baa8eea22e65544bbd7cf40180c4
SHA256 484ef2377e59118c4bc001caf97767323e6000c2ec5c01cba7c1cf88b33d12e8
SHA512 add2dbe50b52bc22085c0d0facdcd5a96d118acec8756cb513cbb8bb920280311a05bee7877bec859b2eba38090adee80ad422c2f955f5347393fa8f1b45f855

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Robax.exe.log

MD5 16c5fce5f7230eea11598ec11ed42862
SHA1 75392d4824706090f5e8907eee1059349c927600
SHA256 87ba77c13905298acbac72be90949c4fe0755b6eff9777615aa37f252515f151
SHA512 153edd6da59beea6cc411ed7383c32916425d6ebb65f04c65aab7c1d6b25443d143aa8449aa92149de0ad8a975f6ecaa60f9f7574536eec6b38fe5fd3a6c6adc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs.js

MD5 112f510bb468f9c4b106afd3b95b84ca
SHA1 6ea218591ea89462818ecd8206d32f11b1eb0b83
SHA256 1e9c2b314a173acaf4f04a5c1b34059ce15b77f66dffd3b73192510502c526d9
SHA512 8a389bd872fa8e51645d6243a3825cfdbf1a9b687e0cd2a66bd37180fafb2a6c16d4e97135a00f591caf3d1741e6f2a6e378e40b49960e8747e2987ee3e4a973

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\scriptCache.bin

MD5 dfb48432fd1dab350519a364a8edda64
SHA1 8f7f6114f3821e2e63ec6ed78cad41208b0d88d8
SHA256 b2ada89a76e88ffa4e353e8fc5450f137b08f692fe71f681aac9e2e9cc287051
SHA512 3fd937f8f03d2a2e02412f835e8427d2a3f4769f9fec88bf19b0aaa895740bf900676b2de115866adf3e530884399accb521fc908eeedbf42a6d5dd66c5790b5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\xulstore.json

MD5 58e240288763218d12bf235d34e5aee2
SHA1 89135494b57f590011c09668dec3b90d2c5ee9ae
SHA256 615f80e71dfde24711e7fefc1b7959f7592c5e5cf9ad0f3aecb4235b93187176
SHA512 caed2638902987aead199e73cffb90881bf245bbb616cb38c46b281d4aaaa54dc20a54e9bfe17a8d6e68847394c113fb7606e94b64f44ab0b52bf7846f26e936

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\startupCache\urlCache.bin

MD5 5a3e1cca06569a3abad215db82b0b76c
SHA1 18ecdf820ea13771e7b56bdb6ef306f0c0c13334
SHA256 503d2ae1b9e57f6b33593b6013152cc3a6b60b7697366416192d205673bf481f
SHA512 fd2b7fc449db397f5a8c23484a369a5ab7ebded5f2e21a594fe7a5faa314f185453c31650fd6bba83a66c4405a50f49748c1e79bde3a0bc69bceb6d069d2a8e7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\permissions.sqlite

MD5 1221f0680adaafaa4394e186d08677b7
SHA1 ef1389874b1a5aa8f72f62273a4f242f62d4ec59
SHA256 889d0cdc818465e7cf0d761b8894a0fc992a764723d75c8e12fa1d9e25202aa3
SHA512 0366b48f90f32de45a00e60ac4a47b6d9332293f1faffaf7e754a2c154d63c5c969f39a2ebd088c3606cb52400dc182f6858893ede016ee571727b51e9f6a78e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json.tmp

MD5 ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1 b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json

MD5 948a7403e323297c6bb8a5c791b42866
SHA1 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0
SHA256 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e
SHA512 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\cookies.sqlite

MD5 8b33aee0d8c65270a05a4423aedd5dbd
SHA1 dd988c4a33081cb71d2ffe58de5d3566c3e0ba2c
SHA256 4729c3cd576d541a2d8f9953f34fe49be119d5cf7d0bc14a4ce0c3f325591e1d
SHA512 495b0304679195bd64ccb301ebcc93aad250a3351f602ef82d51bf25c28cccb6d8f053235d4ae1ededacb52b4ed2f729559a9b008b277ea4978f67fdcc1c721e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage.sqlite

MD5 089b61640ebf75aa4e4b75065aeaee29
SHA1 f3ab955b092ee8866ce9644b6d5dd6e2e7ba9bca
SHA256 7177cfb0c689daefb2eb7f5f2c7148804979a99314f2740d9e5e2f39c71a552d
SHA512 55d9ac505f24650f48ac8840a1c69cb2a4d08afae2452a9996a62cc3bac43d93d6552a563e44df5d99cf828378b1faadd695523e3b83e2a1aae17ea697bfa140

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionCheckpoints.json.tmp

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\favicons.sqlite

MD5 17044f737f921dc92c4a996943f05005
SHA1 131775abbed9f7ad8e0f20e34b27e17e6dbcc195
SHA256 4ada35479a00e9f5cc849fcc8fb0005d39a04ded4fef671304ed53e221d49432
SHA512 605e75e6a8163875f7fb73cd2e2be4271137d676a476a6a8882fb0cee06ab5c4522a9157ff9c48a8fb84e6498f8b5aae2f6c60b748a57c0fcd8c5c9ca721c268

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\places.sqlite

MD5 f60673c419dfe69df769f53516712d1a
SHA1 a7558f39e11230f78f9256daf3b2e3700a20fd69
SHA256 ab412ab3be1938d46b89f0ca3701fd2ece4090fa1f6df5b6c8f1bdff32115986
SHA512 8c7c58a420790a247f58cf3294a3e186f9406deb9f94863c48848d2553f02a8c9fa36a9dc35954f79c3375fa709fc90bd387543b1cbea83d9ded14624f316b96

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

MD5 a4e6d920e1633d6e3badd02f845eebec
SHA1 3f6e95d0e0d9dd0110e1bbddf57abb2786a37ded
SHA256 e5dc9cb5bf927584a93288680849ecb08e94e6aff510c486df54d69c048fff75
SHA512 91f77c731ba99fb1aa284e341478a288445dba8e939ca75d3dfc5cd2f1cb58da3d36cd308fc14680f0f266643b4a9dcc6319d9b3effafd729c7bbd893b1867ca

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\AlternateServices.txt

MD5 d13bf6c141c5a719b0d84edf73c12632
SHA1 2f1ec2c5044cc5a914b6bf8d300280f08b392e94
SHA256 1cfc1eb9a9a429f03d43c912694bd681f9e6f3963c9b53297099093c2618e41e
SHA512 924f87015eb6d5ad4845e05473145e202cbbd65ec84233fceb8107faff0c2c95a8f5f45d11179b5541836ff942efd109aa30705d6df8bc5888873e11b0374608

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite

MD5 d82e3c809b6917cf3f53f04cd9fb8de5
SHA1 f7abf981ae1e4890af7158a8f890c30b98db6f32
SHA256 f0a443120647981d74d8a9c32acc8792f77db3f0f52f48f113d09ac05b00a0e5
SHA512 aa110fdb33d448dee8907be508d1e5ae140c5ddff40519f06eec2ef1af2ad7bc6c74a6085ad2d69f81fa08b4386452a1ea3990c6f14ab1065e08179bc5947cd5

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\SiteSecurityServiceState.txt

MD5 f61bc7c08bd4951bd8cb65ebeac696d3
SHA1 24ed4cc1b35c5f37d12c70bf917703ba508a3230
SHA256 cb8c784490e575f03c2e2b190c8cd4fd5befde04a73544ab2b70a8edfb168c06
SHA512 94622084140fa2682b7f0517c72ba643fcef0516780da58229ce8baec3789be1e06fcc0dac74f913d84f234c1c88b6b8f3c9904fc104b71b6cd54b5ad8b43ca7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\protections.sqlite

MD5 e1fa2b1ece0653b17da12b1aa5f3ce57
SHA1 e2ec5cfc0377eef775f7299efe575883f25523f4
SHA256 38729d164e37b4a4f87f00dae211d4b752b2c35d1bc2d27c2f49047996869b2d
SHA512 d8f42f92f2332f94e16f5aecf731332144eede1b45cc7053697a96ddf1974d011b0aaacbd7cda75e772f4ecca43263f3db74ebdcd835f2de62fd18755a6cfa28

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\b96686a9-5d8b-453d-bb28-5204b394ea71

MD5 23244f569a600fc298af6164e4ea2bfb
SHA1 043de10762b90b408a3fff6c081036eb6e013085
SHA256 93b0eeb0189c3ae19e0576a422525fe7515d28c298c8c9e14bad37796caaf3b3
SHA512 d96c0a46789802f091983b924ee7991ebfc5d443e83ffdf4010d87d9a0202d72e84aff446aee546ade5f0e2592a9cf1fe020a99adfeca260cb4cb7d5c4c6f129

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\pending_pings\a68baedb-2c37-48ee-a4c6-83107684154c

MD5 d12c306d41632c5c5b8534ad0c9ab570
SHA1 f6f4a712dc2b8d63bd5eccfb46cc49cd9f7baf67
SHA256 2e52d9315e2860709bfb9ea6219251f0b8cdffa12957e2f7e7cd1ab17906a78b
SHA512 5d58e037fe37b93ec440241bb1e4da4bae2dc20e5109b048c842fd88822931029243442d5186efc293b79335e1d581f4e20c8c7222e4cf8010edec5bbff837dc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\db\data.safe.bin

MD5 d1ad9c3a71924c9d0c5a153545206c82
SHA1 441cf4be26fe14abdbf3deeee931fc02a08a8d30
SHA256 b1d3466418a85380b154a36839035251a5c184b92f8cdfb24e3046720f381270
SHA512 0764517e4223aa1d9caf751fa8fbab99c56046982bd8805df4489e10d4470f906f67cbabaf34b44536857c92c21eeae9e8ca1cdce286bf8f32a3d7f0ab92fde9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\datareporting\glean\events\events

MD5 bdd25674ec60c4cf9b7ddff37b7e8ed1
SHA1 e929da2bcca6495ed96142f0bdc6fcc247b80bbf
SHA256 4c72e22c115bb5c5c413f3cd420caf80e4fd22d5a9962eeae21d5e222c725c54
SHA512 73865b9e1ad1e3c11c757300ddea702a6aca10f4554652888bfa067bb504fa02acf240a6775904bfe619682326e7582c31dca71a00bf8fbef7f200c214b4f0b3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\cert9.db

MD5 3b05a63418e175799d9f14a310a244ca
SHA1 69ba9064a077a8b60f24d6ff98d32013c7757a81
SHA256 c971bfd305c1e25b988019f0777a9bc3ccc916c7f28c6e7f0c3e57ec81d03507
SHA512 463887f985c933529859c2f190e05e258a813a6730998ce1ab8a2c09bf5c1b179bbb3543de62f9049289f64034fac125abe6ae0bef800aaa5780d9ca9d0352e4

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4eb91787ea00c5e8bcbd9c7f5e232da1
SHA1 3110f130ee25250dcae7d2005fc3b5f550b7f0ca
SHA256 b2114c0dfb17c2fe495454111b86a71da81db341bec4d45d427152f19b698c60
SHA512 5e441f803574d1e5965b139de698e6e5cb5f9fd07afc044431a04615162f32f5a3d014b56030e27426f7f3e4bce7188b7d637d598b36dbcb121166cbec36af88

C:\Users\Admin\AppData\Local\Temp\tmpaddon

MD5 85430baed3398695717b0263807cf97c
SHA1 fffbee923cea216f50fce5d54219a188a5100f41
SHA256 a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e
SHA512 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

MD5 3d33cdc0b3d281e67dd52e14435dd04f
SHA1 4db88689282fd4f9e9e6ab95fcbb23df6e6485db
SHA256 f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b
SHA512 a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

MD5 fe3355639648c417e8307c6d051e3e37
SHA1 f54602d4b4778da21bc97c7238fc66aa68c8ee34
SHA256 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e
SHA512 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js

MD5 621ad54abff2883ec164dd4943458ed1
SHA1 45dce7e91c187afd52ed56934f24bf68e448bad6
SHA256 5b7ec5d55858ab94004e48c2b88057f19f53ee5ff261a1ec5983143b3a357592
SHA512 c68d616ae5f9ceb84d8e71b437a1cbaf7c648db6ec9e04f8700116631fcb705143b91123dfd2c009d302d9b3842b732c693aba19a363b89ebcd5a1d78e215008

C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

MD5 a01c5ecd6108350ae23d2cddf0e77c17
SHA1 c6ac28a2cd979f1f9a75d56271821d5ff665e2b6
SHA256 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42
SHA512 b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

MD5 49ddb419d96dceb9069018535fb2e2fc
SHA1 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6
SHA256 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539
SHA512 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

MD5 8be33af717bb1b67fbd61c3f4b807e9e
SHA1 7cf17656d174d951957ff36810e874a134dd49e0
SHA256 e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd
SHA512 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

MD5 33bf7b0439480effb9fb212efce87b13
SHA1 cee50f2745edc6dc291887b6075ca64d716f495a
SHA256 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e
SHA512 d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

MD5 688bed3676d2104e7f17ae1cd2c59404
SHA1 952b2cdf783ac72fcb98338723e9afd38d47ad8e
SHA256 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237
SHA512 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

MD5 937326fead5fd401f6cca9118bd9ade9
SHA1 4526a57d4ae14ed29b37632c72aef3c408189d91
SHA256 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81
SHA512 b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\11D716E3A8F46E480CC79AB65A8333ED9891564A

MD5 d8bb6eb5a06405ea5ef9ed697866a6fc
SHA1 bf21b3463cd5aadd9c7be9263136b6035ab808ad
SHA256 a7cdfa79ed0c9a1ec4a9eee69268f8a8468c3d0c22602e0ed24c31a3701f4378
SHA512 eeb1751cdb3d03a0f213c0cfbd647b5b2dc55825e21463f9d8e50f2e1e7a99981d015fbdaa6e45aecacea4e6b2b1cda9990358c5c239ab883e932b8d3fbd2268

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\11BEF81FA5772E208655C9EC922DB3D96299A274

MD5 288f4560dae9a6dc08c931c1ed35893b
SHA1 d63c4c5fc6bd3969a2073776572f29255f06c5b6
SHA256 be30bd958c9c2c4f00a1db3ebe46086ad5d08a9ff00c48a5d8ad0a35b653c022
SHA512 649a8424eb13a534a2dff02ad5bdf08e71ede163980d02f293c5d9841938dcd9e835c52dd470ac8079a056b249737e59a01592a9104fae5e6ed4405a838739fc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\1170539DA57BADF52DA36F4BA44A9830258E06C7

MD5 093cc0121a6c6e1023fe376692dab25d
SHA1 7f26507d502bbf320371ca2c953d4500a7625f82
SHA256 df7b471daa57ddc24a2726a8b338bc76507919dc6d0afd6579f0a29345ddd10f
SHA512 87a8a634f0359cda618701af240cf63dfd16848ed3b9d57731a3781cbfefd3930502134c182130654ba4a9b9a349bd902eb1a0995c636cddb60f1541307c0f70

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\1120F1F4FDD35D040A3B9CA23D687F6113EA27F9

MD5 6ac88f35d3ecfd7f8d7d61e075256fd9
SHA1 5ecc955240c27c4ca33c0b919199cf0d1edcb249
SHA256 3a91d20253e375e3539c1af12cf652f29717df7c85fcdf9efa8af8e97ccaf041
SHA512 6ef6d22528709ee1de2a0828dc40337cf6e50026189d7e7bc8b2cf177b2f7c9401d82969063b3d1f8d0fc99f4512dd888e6e0b1df323bff8ce690d3c6c471a51

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10D79488E1D9FFF4E844A406A0365AF094D6DDA8

MD5 934b4e99a0189e9470815be8eadc0a8d
SHA1 affbaee28e7c97d1ff6555aa4c871af3deef2b1f
SHA256 076f9b47169821b09bfbe6a964a060e72197b35c2b09786f805d99e5516c4f47
SHA512 14d0d37a7c339fa128c4ae0af9c6c75c0b3e9539f4fdbdf80775fe3dd20abb0369b11cf923e0617fd57d2a000b76a63481f128f9dc3d4109c218b3f08084b7bd

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10BF4141788ADB37CA7CDF7278125EAA26CECB18

MD5 9013cd72d49fe26a8b0be59d838c8a07
SHA1 babcddbab948d424648cb91a6c81bbf72bc24f1b
SHA256 707a7df2f1d58c241c470213c9de1c61c3cfa680ac190feb6d35a413693d8b9b
SHA512 3ba360ecc7cdd9d9dc66b4a16fbaf22ad1d4d9cdc2d5026e5978b9444e60d1feb51b67d6b3a5db7d43884870cc9549007c7e8ddc2e3279cde5d5abd2319cabe0

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\10AB2C999DD2F707D85EBE263E92B4C6256FEEBD

MD5 d63764cd5bc7de036dccc46f4feff982
SHA1 a1695813511a557a001bafbfb4cc673ec80efe76
SHA256 e314dd13636240587bf25a78775d0c141a071babb95da1028a59975782388fee
SHA512 4426a21ed07b1b84a67cb01ca77ff23878e02d223d860daceeca0f475b1b8c139d86657a9a7261aaea6d19bfa44366ba48cc20c6833adc99563d446805497ed1

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\105DA275DFC4F14B54D34531EA68D762FDE8BC00

MD5 c7c7e2fb97740a0a8938b0aaa9fc1ed7
SHA1 2e594aa1ddd7396eecd889eefab3926cde3e9111
SHA256 517de6c35aa6ee3a24aaa73c713d8154f18555259bd54856434ae9f2a1f97441
SHA512 162a5f142e896bd8b9b3b0a506149d5869cdec0ae80cc3c0001b73c8e084d8534f20d6f90eaa7dce1b06d0dbd08a1b82a14924ef0fb6bd2a51a456bae8eb3ecf

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0F7C190AE088BE7A03F09B974E6FD6E50BDBDEF3

MD5 b056346114048c2ebd47433753ca4ba7
SHA1 ebe0741c295e9f56b0ec07dcd84b05e9dc4d8ff2
SHA256 145e5612043ff4d8ed186e054020141d3df1ef110ce52405e6126e611392d105
SHA512 d61f8a8f19342ad032b17de2e3277de21aac59825a04a94bed7866b6c94922164e4913af75095ab2b506d021c3a0c74ab61a426b636e77d513310506defb9e82

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0F54798B805AE9883DB54AF3BED72FEED995744D

MD5 74055767872071829c1cfbece3ec4834
SHA1 ad0084808dde3d83a55220a8bf1d48d0ef12ce10
SHA256 6e5c64970592fa25ced0b86f2992a7f5b764d18aca6e64ca185e096185658d7f
SHA512 93006ef0092e996d8619507a3173ed225b9d3cab9b66ca23fafcfda56a5e4e9aae5088a41c15001d18bd631428a0e22f0c25486722faaf102fb0ed5d13164270

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0DB0ABA58F84E560A957280383093CD614DB6CEE

MD5 adab066bb0928459390dafc96f58df20
SHA1 9303ecd9a701cfe976634300d66eadcb478be0b0
SHA256 428cf9903fe912f3f6a1bd17fa0546beda161ff7d6216450f721c345a346e957
SHA512 2db9b6020f234930792a31a3a22e9d4cd240cd38143dd07a50ccc3fb8666a9ef17f5c0975e0b27c1b50ad73d5be8fae642606d2537b6925facfba546533545aa

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0D6BBF3FDB173DA9A2C5C03CD12EF5AB9F297188

MD5 cc039b097dc8425587a0183037f8c59e
SHA1 c89afe6f5b7c60786a9dca4e9bc5623e0f6f9619
SHA256 e281de9e2a462a2c6e8433bb0d32a2967104f02f8ce3a2db75abdf287facbb65
SHA512 b98e532f6dee94096176122050dfb61258ab54a045a0f758e943e7616cde1674d278358337a06db1d06f876c2df50bb84c4f2f83ee054caa14c4316343cd765d

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0CD1754F06A8A14809CE08F1B3A586EBC0AAF97B

MD5 c00ea70c5fd340af90de933f98170b81
SHA1 663d0953ca584159a7b020f94ca1b52e6e99ff7f
SHA256 7e31e96bb6a4019f1bbd1df9aad37acc5d3884a4c0d4202c336bc813ca9fa8fb
SHA512 dca38e1592cd7ef0d82a734826c37a137c2a0d7ed319e2c5a7a342581b2599e6d22fa9cc88fcfefde9a76813705721b6a14f456b973bcf435cf46b9a4819f78f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0C3FDF1E2B44699F6664E34AE8E3F977E655FF91

MD5 c23261e69190ac687513e371f3c612fb
SHA1 10da0083382c6c3a0d6afb2d36a29f00ad2c7f01
SHA256 9ca25e2350eb025ca4bca785ece4fc7dd2830bd27e715c4e1dddac7e9df4f01d
SHA512 b870b4928160289fdab686eea5fb48c7916371b5637f0b8c4c76ace4afc630d035c45d6017369baee386b016657b25c516c600574e4403861cf2806780e43701

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0BF32BA706A6E0F48700E7F27522FCF2B8ED29A9

MD5 33ab22f664ff1397f78db1354e232b60
SHA1 433175f045e911dc70816281ba50f1f86ac4a7c7
SHA256 0dc503f66cb5649813ba041aaaac13a00b40e7901c821b3819bb419d43f69f39
SHA512 1a644b6186cdb22280e2ad3aa074fefa4d84a8d61403b065f2e4b63b7364faf4585bfaf08eb10f92744280dadf37ced2638e4bb3072f034a1d3015f5ec971796

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0AFE9AD0339B601EE380435CC9FEE8F11207C873

MD5 50137536a38f63857317d2043e5fd729
SHA1 e42881cc4ce845667914ddba28982c009b26a380
SHA256 3cbde164b2b3a78c321e0c044b7bdb801b22da90e9e95b92886103ea579c0168
SHA512 776010a99745dcade7fcb3eb65ea2dc5a722bcb516f50f9524ff0cc623dac1b722ac56db203c88809772a53c1cb70c312f3751f19c85a117b017d0ec6a9f475b

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0AEFCA55B69557CF95C5FC83027FDA2CBDE6A67B

MD5 db239b82bf3df0663e61793b5f9ba1f1
SHA1 3a5a4db140598fac5d6fbc9591905d62f1c3c354
SHA256 e06910581620871ee33022dc7d8c80af73cfcf9518adaf0b3e0aa8e1dafe172b
SHA512 abcebd29f4bcc04198a9e11a42973ba427645a43c51841a967eec419f3067ca163c5cbd07c18f4db0dfb88467cb24331b18f68799c9b7782247d800a2684f2fe

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0A99E768FAEA4EA7F1CE9937001AADAE6ADB6722

MD5 591ee5199946c929d800e657800dfd6e
SHA1 90a5e6836e8d40a5139920b8fbb07343477f404d
SHA256 adb4102feca07c99dcf0e6b353f7dc491b86c84d32d1b918abcf97332516a5d3
SHA512 8930258f97953a5663ad0ce718d9e80d2b9686ca2c3f59be47470ccc85cc610e96d3710c306e415244482238dcefb43a8f11da1380ddc8f1cf648f6ce4c41726

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\09B17C97CDE4D8468CE474B97A9E3926EB4D7B0C

MD5 1dd32e73587afc5d43a36d3ef41cda8c
SHA1 49bd61fcf7ce201c5c64becba435a137c3a0b539
SHA256 5cacc58433524eff8b4511d6fbb7b8a48d987338ec15ddf70ec386af84fdf9c8
SHA512 a550477499d9105040489fb230c48317fa4436b38441134380e1e30412f175e27d64290bdce7f992c24f4cc382fc3e0f3b829e0ba17067169fb4c4528156b24f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0951F4EC014B58E0DD4C1F3461CAC9C8BBE8509C

MD5 c31b0a9a164dbb4d24a983340d46e932
SHA1 13731b8374b5318d2ba62874c5d45b71598f1988
SHA256 369c872a64a2b488a1c73ad818e61c3026d690d4b14762f52e0ea88b0eb750a3
SHA512 84ee2719c91f6106d7584d17032f1623b961ee3c5f398ddc6ef8fdb5853ea0a2b96fc22804a450fbb8ae1c479f10ef87807bd8775e21726c62be982ece757a0a

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0905BB088FB5F03D2E3E61966578159625A2E71A

MD5 7fbea85a465c35a24ffec926e5838f9e
SHA1 515dd337d7db2081c8d136f7c0b137607f81d3b9
SHA256 c4f7d74851d690e61f7637d1850a1d74de5d2c45244f26d2e6965ba13d7aa6dd
SHA512 2fee9b5ec314c7998ce9bde246b6cb967896d3abd3445c8e16a556e099a8e286e017eb555e55d011f340c8a85e56743a2ecfc90d6d2c9e1f7ffe040cc13d4294

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\08093CF9507F34AFD1465FB49BC648A3FECB781C

MD5 19c0a69b8cb1fd8b5299edd576ae058c
SHA1 f71791a77d692951ae83e34fb97e817be02c59c8
SHA256 4df0835798e9daac889345601f74c93bb4a289669bbc7d9589dff40919795e75
SHA512 e5b64589bf0b39d49aa50f8dd251ccbdf60f979d52b42844efd3824c03f951a1d0e283ce6dbfdcbe7cb4aca9455fecbbb09cc7820d0f7a4b4cabfcd1514a4a93

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\07D77DE742D24AEE40B80D771E538C44DDDFDDB2

MD5 6b9e0a17e11189736c1b913c6aca4142
SHA1 c513421c9f2939dafa92690b0531fba4b9a2d313
SHA256 dc017ded8724a6e261ebaa586e93c2747b278219c70e2b3a446c08aa3a83e360
SHA512 a496d4148c09e6cbd2fe7efe381e96dfe28cdf55ebdfe8b09cb0a3dd07d61b0993ed68c8a90b7a946105a7331a2c0a3dc54e17cabc11d7aa63d01736fa91b381

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\072170237CBB54978487A47482F15C2DEE0955DA

MD5 c64251f3fe8c4c22afb6e66bdf0a6784
SHA1 bdb8e8b4daaa7475e8c4017a0cb7257430a1dc47
SHA256 55104c2a458007952558f9a9e57300153a9165a5fb249e2f06a14690dd0b6fba
SHA512 c850264fd686ddc4a85c7fc3d3f19327e0c2c6fcb9004edf400ad12deb4dec6c11633dcd7f611dd219adec9ad9c793e4bb0c42926cfcfcab72a437815c0de311

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\0635451CB258AA1873FDCC92CA10E33ADCEAE334

MD5 50c4bafc90e5940ed27c53da160d30bd
SHA1 967be452f48211d9494e113b13502cf7519b5907
SHA256 47a9ad9ae316e4d7af8b199ee2a39ac9d9c1dd12b9cbb9ae3216fab1ef6d4c89
SHA512 8b079e0fbc80636bd65d4131d8b4db9d0cdae9e8fe6cda6a7109ed25a333cd460cc5270bd4b0d5550fb4649de761681e2adf9080b6878e1bca77422d9ec7ee4f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\059E05769BCA56D70ED6010443AF90922005586B

MD5 776db608cca4eb5247747153c560cab3
SHA1 e1bd11625f8850a468699d38ccf6cc53d9804fbf
SHA256 a51d39b8914750cfa900375dd337bb63c5426f720c754e08adf864082fc8caeb
SHA512 1a2760a6e39618a84f8d4fd6f779dd2cc5b83c30e0cd70a848c4b09d4117ecd024920f3812e2d049fab7a656220a425d03ef96ff86efca2f66b6dafc6ea381ca

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\04BA94132921BFCC45D89680C88459FCC1705D30

MD5 769ea5094230ab992745c4e05f71dc4e
SHA1 c149146f4ba7ca6c45ffb5934d829e0d1b14a78d
SHA256 a2d051bcb567d29402644eb473ac9e93441da23b26e2e77a9dc4d7e8080f66ca
SHA512 fdb76f6925d09eb60df23f0f772fd9dff3b0382c7d4507d6278fb3e2f994b549b4c93aa8d828c8ad50c838f6a05d193086d77bcbcf57b4316883faf37fb3ff6c

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\04AA576D1E65CE0F117F88EEA0EBF6FCCDCA00C9

MD5 e84aeb15ee023463be86168dca648406
SHA1 f5da629dc610ba3b9cf00ea4654e7a87a4e928ae
SHA256 dd4c94c3ec586af4dcb52407cde5c2921f48572783f9279ea3870e6db7e1ba30
SHA512 a60531d365677427a8dcab7a0543ae56fa3830e3d625c14d213bae54ee95167723f551339d4b9d0e058f12f848b6ab79f426483528891378031783648a5c0051

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\042EE76429725796A43654251DA28F80D4DB89BA

MD5 9bca69e46e88178dbd3c1ed3f835d130
SHA1 2e9951fefc0adf9a3be4a0489f8987dd79f47c56
SHA256 852fb3f3932df89725597de2d19d03c13f8527c23f2995c18b07e0ff7d22f5cf
SHA512 625edd1bf3f0b6edfdc8745948646f041dd41865b33b2573918ceeb45352c4b8dfe5b13b8e7a329be33e27fa9751d73f4baecd2fd8dc28b58b24c07387e99f8f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\03B88CE02AD3680B3A87A2AD7A98F8AE4C9396D3

MD5 402197b7e26653f46f247e9d030dfe7c
SHA1 66d27f09d53914a548324dc2df21d974a1692316
SHA256 b577dd7a5c04c27254a75d46a5b3285cb3c90bd8995caf8057fc7945d0f00038
SHA512 a3ecbbd37b1af7f37d0527fbc3c4b207ed8b3ea268240643ff2d526ef0e2ccb480f0422acb4800879280efc6390437bba9e2025ac483e88dc96f58bb2c8f28f5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\037778A55E1B7E9BED3390289866D09402D6C913

MD5 e66932c77a189241a2a7ab77b3fbf5f2
SHA1 6716d163b068b1b5311890335d7269eb82450929
SHA256 ff7aa921d2ac00f6cec14f564c236eb6979c6e64b10b01ff2ba84e71e5a5db63
SHA512 e44ed62a8bb29c5ff72fb234f0810b2b380e3aa35f24ac0184ba7806274aee1577e88b136684cb11c487b69fe7ddd18b1d26203fcc80135b650f6e4fd9ff48e5

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\019ACB89F1539981771C76BE0C38878142C6AE66

MD5 0b0658a597f1778f729d37105924c1ad
SHA1 c9a0b54d6ebc3ac86a318a410930fe5053e2724c
SHA256 d46ca450a93164c653204de5954a08ee334c6085952e259b6fa06bdbb22f7c52
SHA512 2dd39f18e6dd59c244fe155d92cc23d0a63225d5b6df0741002c04c4fc5f514c115f4d33b80fe339fbe2f4097199e352ee864abc2233e955b45a1f7cf7457d46

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\01698AA4261A00617EA49F9684E324815BDA36BB

MD5 56257394808c6fb33ee51c3dc2f21f51
SHA1 bceefc481a66094c52a16274ac3af2899f4872e2
SHA256 be6ac6c47ff1ca51b9d13dcfa74f6cccedfa7d731964c3469f59ef3541aeac7c
SHA512 29bf5b467addf76e371ec7e9ddcab235d3ef2afbcf41a1bc0c31d566aad0e4073ada02bead6aa33702431a55bc29abed0685d4ab15922461c360b7c6b8519b73

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\c5nsco79.default-release\cache2\entries\00F32E750D4AF678F0F82C2E154EE710B4CB776C

MD5 fcb586602931c7f6e071623a8ba73561
SHA1 719a83c6df39644c2ecccb6da5218d523b599739
SHA256 15c4198afe15c3ff051d95721c94c75c53a624c7f614cb63cde4cbe1830fe54b
SHA512 ef2aa5beab3529c0de8212f0c32f44a6486c65904c86664039fbf7e64d54bd3ce64ae9cc9f64f4c844763952160ebe1bcfa9e320a24a9430a5ba55a1ad43b6d6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\crashes\store.json.mozlz4.tmp

MD5 a6338865eb252d0ef8fcf11fa9af3f0d
SHA1 cecdd4c4dcae10c2ffc8eb938121b6231de48cd3
SHA256 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965
SHA512 d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c

C:\Users\Admin\Downloads\XClient.exe

MD5 4f55797486399094709dbb38ca90b5b5
SHA1 b75252d2862144f1d2908ebdb69d7b54bd3f3d61
SHA256 c21b82b8b3df1d66ff1896d13e8b4b13dc19865e847cda2f2234b2fcbf2a9ce7
SHA512 77137fad87ee6b575034712d3d43abd582baf58778266a8ecacef972167007e1611281229394f44199bcf7518ac9afcbc0df95b72efc7b7cf3bfbd17092608e3

memory/7080-1293-0x0000000000750000-0x000000000075E000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\sessionstore-backups\recovery.jsonlz4

MD5 4c18e9346f879d1f34bf923432ad6de6
SHA1 b762788a09e4497aa989851f250b894802511925
SHA256 f8d2a87542edc2b6bc826842f5c738cab9776e7be848e128af891552b9ec2e6e
SHA512 f58d45a1a974f267d570a2319b6371fb0ae067eaad83b0f0be488a900d2e63ac125c82db74ec9d9f2016ab945babbe4f53c851f67ee58ead4d8bf8b1ce01acfc

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms

MD5 7955670128f7f6f25fa575a59a47fbae
SHA1 52b9638a06157449e66e9ff1dc759473cc50d0f5
SHA256 acebdfb6c5dcf279495db399a66899baaab58159861abd9e3e42d150fce15bb4
SHA512 fa2d7014187329f8bac40eab0993512a21dca475ae24a4894ecf457b2222b80d98b2abe960b3b4935e965c6b3309f48021c3fd9ced4ab208935a6497dd24d3b9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\places.sqlite

MD5 e8b15f3181f683b7ecee7f779bb5dc7e
SHA1 8d576136b193a9569d91532487645daf5c83adbc
SHA256 30eba1dc3e46c045511bfcfcbe1f02f7bf1c5eaebbd861ca37975d55d72e65d8
SHA512 c9d3596aecc7d47630e89bd45416d929e53ebfa9fd0ae09dbaaffa349b6ed15b481b88943edccf0e4b1e028e409025bc4b4ab3f04889fd3cd1bf7a658b4ceb02

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\prefs-1.js

MD5 e89c00701a34ef60f2c29bcf8cf1b2c9
SHA1 06a37a11dcbd596b963f46f064a98d66e411176d
SHA256 a7287c56e96ddcec34ddd277d225d071d1501dd0ed63dd9775c002c23eb34935
SHA512 b48b2d8c6a619b3c174feb4677527e25ea2d535e62d56e65e062b6f3f1c4080f9bdd806ba2ae81547a9d81b12d319646f7c78b2549a85bd3ca8d07f4c228c20e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\broadcast-listeners.json

MD5 72c95709e1a3b27919e13d28bbe8e8a2
SHA1 00892decbee63d627057730bfc0c6a4f13099ee4
SHA256 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa
SHA512 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\targeting.snapshot.json

MD5 7026217fddef2e955cea98021c2ae70d
SHA1 91605db9ba917a4b49a47d46980052df870cf257
SHA256 4f256190577badb4d091d473a3ba235d6592edda761a09a5162e045678662e1f
SHA512 30e48137c6e9be9b4e9bcaa2434ee0a2231342213c1d1309476a7fd002d5d3f5ce16e554db670f4a6bcec8ad194d6a42559a76b973e98168e31a39abffae2185

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\bookmarkbackups\bookmarks-2024-08-25_11_ScpUM-Ibb5LR1l4-7-Og+g==.jsonlz4

MD5 708d579bb783ed9e58c4e87173aa5028
SHA1 54dcdeb367c15a06aa620df1559de185668992a5
SHA256 3f7fa0f3a61236b17951ef95bd63347281c40abbbcce937e8fc787d31c8faa28
SHA512 1c7f8b921e5f32d67b1150e24092ab800ca4939993832cc46f43638bdcce380da1e74b44aa2f368a74e5ae29b76ca1e3a20b837517a4f0464b7af53098772e95

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\c5nsco79.default-release\SiteSecurityServiceState.txt

MD5 4392dc1a4df074dfd7641a1f5d959dde
SHA1 cf09797f5f776c16cb92613429b003a0afda8cd7
SHA256 673f5554fb175e13ebe02fce353155e45d0335799f3ea1c2e1abfd277473d276
SHA512 419a80c0822ae98a0f12c9b2eabc5867204a63473864eb73ac13cef69f0345f87c7097c7acbab68e53f600813a6c7345d310bc396e29959e76cc33eb918ce18b