Analysis Overview
SHA256
1cf20b8449ea84c684822a5e8ab3672213072db8267061537d1ce4ec2c30c42a
Threat Level: Known bad
The file luajit.exe was found to be: Known bad.
Malicious Activity Summary
Modifies visibility of file extensions in Explorer
Modifies visiblity of hidden/system files in Explorer
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Detected potential entity reuse from brand GOOGLE.
Probable phishing domain
System Location Discovery: System Language Discovery
Unsigned PE
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious use of SendNotifyMessage
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-11 01:17
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-11 01:17
Reported
2025-01-11 01:23
Platform
win10ltsc2021-20241211-en
Max time kernel
307s
Max time network
308s
Command Line
Signatures
Modifies visibility of file extensions in Explorer
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2366345620-3342093254-3461191856-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt = "0" | C:\Windows\system32\SystemPropertiesAdvanced.exe | N/A |
Modifies visiblity of hidden/system files in Explorer
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2366345620-3342093254-3461191856-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden = "0" | C:\Windows\system32\SystemPropertiesAdvanced.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-api.com | N/A | N/A |
Detected potential entity reuse from brand GOOGLE.
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://pastebin.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=9001163fde1d94a2 | N/A | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\luajit.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Nezur\luajit.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Nezur\luajit.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2366345620-3342093254-3461191856-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Nezur-Executor-2024-main.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Nezur.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\luajit.exe
"C:\Users\Admin\AppData\Local\Temp\luajit.exe"
C:\Windows\system32\SystemPropertiesAdvanced.exe
"C:\Windows\system32\SystemPropertiesAdvanced.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1980 -parentBuildID 20240401114208 -prefsHandle 1888 -prefMapHandle 1880 -prefsLen 23839 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f16fdad-be12-4985-b57e-a3b68cd2a489} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2396 -parentBuildID 20240401114208 -prefsHandle 2372 -prefMapHandle 2368 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f4d133f-317e-4ead-a038-79b81f03af5f} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3032 -childID 1 -isForBrowser -prefsHandle 2976 -prefMapHandle 3004 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbe7f7f5-8946-4f26-b601-afb6cbb8485e} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4228 -childID 2 -isForBrowser -prefsHandle 4220 -prefMapHandle 4216 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {30e3e21e-c671-4ad2-8338-11035163623c} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4848 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 2752 -prefMapHandle 4828 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad2494f4-b58c-4943-a789-03df49ca8479} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4988 -childID 3 -isForBrowser -prefsHandle 4856 -prefMapHandle 5216 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {90b5f9da-f737-4325-89d8-37aee078b780} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5148 -childID 4 -isForBrowser -prefsHandle 5224 -prefMapHandle 5220 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b25e18af-15ce-4954-84f1-48b4609cf124} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5496 -childID 5 -isForBrowser -prefsHandle 5484 -prefMapHandle 5480 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a50290b8-b3f6-4e5a-aa3d-b6ab498e84a9} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2736 -childID 6 -isForBrowser -prefsHandle 4636 -prefMapHandle 4632 -prefsLen 27318 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4058072-3693-477c-bdfa-ed5a0f4d771c} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6412 -childID 7 -isForBrowser -prefsHandle 6388 -prefMapHandle 6400 -prefsLen 28105 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4c69065f-1d98-4c15-9cd0-a1d9cbf8023a} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6932 -childID 8 -isForBrowser -prefsHandle 6140 -prefMapHandle 4784 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9302c4de-bb9a-4c69-8cc3-b18e2cf23491} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5204 -childID 9 -isForBrowser -prefsHandle 5564 -prefMapHandle 6676 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {afd16b51-fd2b-475f-bf87-7a93193acd66} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6960 -childID 10 -isForBrowser -prefsHandle 5544 -prefMapHandle 6656 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a231e85c-89fd-4629-bed8-ddac03e4f5ed} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6068 -childID 11 -isForBrowser -prefsHandle 6468 -prefMapHandle 6464 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7fc98a76-377e-4ed9-b046-546dd72300f3} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6088 -parentBuildID 20240401114208 -prefsHandle 6060 -prefMapHandle 5492 -prefsLen 33945 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb419901-72a7-40b1-a527-e46f553393e9} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8176 -childID 12 -isForBrowser -prefsHandle 8184 -prefMapHandle 8180 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9d2eede-5e9a-4402-af4d-2e8a655b39a5} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7992 -childID 13 -isForBrowser -prefsHandle 7972 -prefMapHandle 8196 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {30aeb033-d503-4cb3-8607-611c760f6749} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8384 -childID 14 -isForBrowser -prefsHandle 8392 -prefMapHandle 8396 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb1e146a-5be5-4881-8190-7cfdde04d121} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8652 -childID 15 -isForBrowser -prefsHandle 8440 -prefMapHandle 8444 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {084d78cf-4104-4fb1-8e26-36e3e43e4a20} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8852 -childID 16 -isForBrowser -prefsHandle 8440 -prefMapHandle 8468 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bca299aa-f527-4a70-8ec0-a6232636e8b0} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8780 -childID 17 -isForBrowser -prefsHandle 8792 -prefMapHandle 8788 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1a9ea707-d2cf-47a6-a6bb-5d30585465ba} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8728 -childID 18 -isForBrowser -prefsHandle 8204 -prefMapHandle 8268 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1946d71-3437-4cec-b8d2-fb5af07106ed} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6672 -childID 19 -isForBrowser -prefsHandle 8556 -prefMapHandle 6668 -prefsLen 28145 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1ab91d91-ebb7-4a4f-baa8-c48dba0fd977} 1248 "\\.\pipe\gecko-crash-server-pipe.1248" tab
C:\Users\Admin\Downloads\Nezur\luajit.exe
"C:\Users\Admin\Downloads\Nezur\luajit.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Nezur\Launcher.bat" "
C:\Windows\system32\cacls.exe
"C:\Windows\system32\cacls.exe" "C:\Windows\system32\config\system"
C:\Users\Admin\Downloads\Nezur\luajit.exe
luajit.exe conf
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:49799 | tcp | |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.242.104:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 151.101.195.19:443 | www.mozilla.org | tcp |
| US | 151.101.195.19:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 19.195.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.50.235.44.in-addr.arpa | udp |
| N/A | 127.0.0.1:49808 | tcp | |
| US | 8.8.8.8:53 | ac.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | ac.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 181.129.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.124.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | 233.54.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 222.125.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.180.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.180.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r5---sn-4g5ednkl.gvt1.com | udp |
| DE | 173.194.10.106:443 | r5---sn-4g5ednkl.gvt1.com | tcp |
| US | 8.8.8.8:53 | r5.sn-4g5ednkl.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r5.sn-4g5ednkl.gvt1.com | udp |
| DE | 173.194.10.106:443 | r5.sn-4g5ednkl.gvt1.com | udp |
| US | 8.8.8.8:53 | 106.10.194.173.in-addr.arpa | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 185.199.110.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | gist.github.com | udp |
| GB | 20.26.156.215:443 | gist.github.com | tcp |
| GB | 20.26.156.215:443 | gist.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 235.4.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.vlitag.com | udp |
| US | 104.22.58.199:443 | services.vlitag.com | tcp |
| US | 8.8.8.8:53 | services.vlitag.com | udp |
| US | 8.8.8.8:53 | services.vlitag.com | udp |
| US | 104.22.58.199:443 | services.vlitag.com | udp |
| US | 104.22.58.199:443 | services.vlitag.com | tcp |
| US | 8.8.8.8:53 | 199.58.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.22.58.199:443 | services.vlitag.com | udp |
| US | 8.8.8.8:53 | dsp.vlitag.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | s3.vlitag.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 104.22.59.199:443 | s3.vlitag.com | tcp |
| US | 8.8.8.8:53 | dsp.vlitag.com | udp |
| US | 104.22.59.199:443 | dsp.vlitag.com | tcp |
| US | 8.8.8.8:53 | s3.vlitag.com | udp |
| US | 104.22.59.199:443 | s3.vlitag.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.201.106:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | dsp.vlitag.com | udp |
| US | 8.8.8.8:53 | s3.vlitag.com | udp |
| US | 104.22.59.199:443 | s3.vlitag.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 104.22.59.199:443 | s3.vlitag.com | udp |
| GB | 216.58.201.106:443 | imasdk.googleapis.com | udp |
| NL | 18.239.36.42:443 | d23sp3kzv1t6m5.cloudfront.net | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| NL | 18.239.70.135:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| NL | 18.239.70.135:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| US | 8.8.8.8:53 | 199.59.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.70.239.18.in-addr.arpa | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 141.101.120.10:443 | px.vliplatform.com | tcp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | udp |
| US | 141.101.120.10:443 | px.vliplatform.com | udp |
| NL | 18.238.243.129:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.127.93.12:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.120.101.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.93.127.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | 75bcbfdbee9afe2d8418e528344ac942.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 172.217.169.1:443 | 75bcbfdbee9afe2d8418e528344ac942.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | pagead-googlehosted.l.google.com | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 104.22.5.69:443 | a.ad.gt.cdn.cloudflare.net | tcp |
| US | 104.18.29.101:443 | cdn-ima.33across.com.cdn.cloudflare.net | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 18.239.18.33:443 | tags.crwdcntrl.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 8.8.8.8:53 | adsystem.pocpoc.io | udp |
| IE | 34.246.77.188:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 104.26.14.167:443 | px.pocpoc.io | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 104.26.14.167:443 | px.pocpoc.io | tcp |
| US | 104.26.14.167:443 | px.pocpoc.io | tcp |
| US | 104.26.14.167:443 | px.pocpoc.io | tcp |
| US | 8.8.8.8:53 | adsystem.pocpoc.io | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | ids4.ad.gt | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 8.8.8.8:53 | ids4.ad.gt | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | adsystem.pocpoc.io | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pug-lhr-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | ids.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | ids4.ad.gt | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | ib.anycast.adnxs.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | euw-ice.360yield.com | udp |
| US | 8.8.8.8:53 | p.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | ids.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | rtb-csync-euw1.smartadserver.com | udp |
| US | 8.8.8.8:53 | pug-lhr-bc.pubmnet.com | udp |
| US | 8.8.8.8:53 | iad-2-sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | udp |
| US | 8.8.8.8:53 | static.vliplatform.com | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | udp |
| US | 141.101.120.10:443 | static.vliplatform.com | tcp |
| US | 8.8.8.8:53 | static.vliplatform.com | udp |
| US | 141.101.120.10:443 | static.vliplatform.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | odb.outbrain.com | udp |
| US | 8.8.8.8:53 | static.vliplatform.com | udp |
| NL | 18.239.70.176:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 151.101.194.132:443 | odb.outbrain.com | tcp |
| US | 8.8.8.8:53 | outbrain.map.fastly.net | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.77.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.14.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1jvc9b8z3vcjs.cloudfront.net | udp |
| US | 8.8.8.8:53 | outbrain.map.fastly.net | udp |
| US | 104.22.4.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 52.43.19.44:443 | ids4.ad.gt | tcp |
| DE | 37.252.171.52:443 | ib.anycast.adnxs.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| GB | 185.64.191.210:443 | pug-lhr-bc.pubmnet.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.net.akadns.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| GB | 216.58.213.2:443 | cm.g.doubleclick.net | tcp |
| US | 69.166.1.67:443 | iad-2-sync.go.sonobi.com | tcp |
| US | 104.22.4.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| IE | 34.248.231.166:443 | ad.360yield.com | tcp |
| NL | 81.17.55.172:443 | rtb-csync-euw1.smartadserver.com | tcp |
| US | 104.22.5.69:443 | p.ad.gt.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | udp |
| IE | 67.220.226.233:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | e15144.d.akamaiedge.net | udp |
| GB | 2.23.222.8:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | e15144.d.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e10883.g.akamaiedge.net | udp |
| US | 23.192.25.236:443 | widgets.outbrain.com | tcp |
| US | 23.192.25.236:443 | widgets.outbrain.com | tcp |
| GB | 216.58.213.2:443 | cm.g.doubleclick.net | udp |
| US | 52.43.19.44:443 | ids4.ad.gt | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | vidazoo-openrtb-prebid-saas-p-us-nyc1b-lb.vidazoo.services | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | pixels.ad.gt.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | vidazoo-openrtb-prebid-saas-p-us-nyc1b-lb.vidazoo.services | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 104.22.4.69:443 | pixels.ad.gt.cdn.cloudflare.net | tcp |
| DE | 49.12.86.152:443 | shb.richaudience.com | tcp |
| DE | 49.12.86.152:443 | shb.richaudience.com | tcp |
| US | 174.138.109.225:443 | vidazoo-openrtb-prebid-saas-p-us-nyc1b-lb.vidazoo.services | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.231.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.222.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.19.43.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.25.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.194.101.151.in-addr.arpa | udp |
| US | 104.22.5.69:443 | pixels.ad.gt.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.86.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.109.138.174.in-addr.arpa | udp |
| US | 141.101.120.10:443 | static.vliplatform.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | jsdelivr.map.fastly.net | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| BE | 64.233.184.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| BE | 64.233.184.157:443 | stats.g.doubleclick.net | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 6805db11d93e6cff287a1076353016d7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | am1-direct-bgp.contextweb.com | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | 6805db11d93e6cff287a1076353016d7.safeframe.googlesyndication.com | tcp |
| GB | 172.217.169.1:443 | 6805db11d93e6cff287a1076353016d7.safeframe.googlesyndication.com | udp |
| IE | 34.253.9.95:443 | ap.lijit.com | tcp |
| IE | 34.253.9.95:443 | ap.lijit.com | tcp |
| NL | 208.93.169.131:443 | am1-direct-bgp.contextweb.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| IE | 52.210.142.110:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | udp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | udp |
| US | 141.101.120.10:443 | static.vliplatform.com | udp |
| US | 8.8.8.8:53 | 193.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.9.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | gitlab.com | udp |
| US | 8.8.8.8:53 | gitlab.com | udp |
| US | 172.65.251.78:443 | gitlab.com | tcp |
| US | 8.8.8.8:53 | 78.251.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gitlab.com | udp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.241.137:443 | www.microsoft.com | tcp |
| DE | 193.233.164.80:80 | tcp | |
| US | 8.8.8.8:53 | 1.112.95.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.241.123.92.in-addr.arpa | udp |
| DE | 194.87.199.37:80 | tcp | |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.178.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | c3653e6c8df520b4b62969424332d8bc |
| SHA1 | 0af5baf05f5487d1c8cd8a4f7e83fc4ec5bc1f46 |
| SHA256 | de456b7b343a07b7b8feb19d4fab345d95fd86b887177346cdd30bba8876ca46 |
| SHA512 | 3f321f644c30ad6691d9801d3d0f5a2772ce709cce02a1f7786a50bdecdb6aa9f6ce34c48c01f7e60db59a90364dceb7125cb782311637a0c4a35b363a83a755 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 08386d88a410197e20cd30a6b8e8edde |
| SHA1 | 407d16798af3c08729561f5f984ee7be88243fc2 |
| SHA256 | f40dfc92663079e9797095ed9f30f5274c2ae062999de9402f57c93aa529fa62 |
| SHA512 | cb5074f3855f1e0fac28b33669827769264a029654c0247f8222d04b130f5e08a2a9287900e56e58ce9f472cc73bcae341b43851e16148b498035a2cea3d648f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\pending_pings\130ff200-bea7-4ac5-b0a5-9a028b0906dd
| MD5 | 26c7345b69383bdefc83cbb2d11191f9 |
| SHA1 | ded6a07c00408cef4db34021ff874a2b2584fc7e |
| SHA256 | 259ee63e3d58f49e5c60c5df80d882524a3f0fe56930891abf0388c0b936adb2 |
| SHA512 | 7620476a5fc31a095af9ad03d7fa4dd480c14c783ebb0128e77e31d54288f7dba9b3440a8b7fe72ad46eeff431c9958beebeacea614c3df96c82a38b182b869f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\pending_pings\b998cb8b-9cc9-4b31-9557-c4705fad0954
| MD5 | 108fd86c8701bbd0264fc04d9d711864 |
| SHA1 | 1daffba61d09c1739e04bc7afc418497c512ef14 |
| SHA256 | 3270eb0b145f90dedf648b4b333340e4fc4fc45ed7ec2eee706396383ff588c8 |
| SHA512 | c78148674c7ecaeb05afd0d545f7956679c8cb2c25a575710432e9fe15d1d32e55d38a37141b89079bd6e58a2c8de74b03eeef0d4914596f6abfd9b0dd60e9a5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 140e7d99814e7d0923e5a5545df06779 |
| SHA1 | e286a1b0a44691e283011c355e37bb9fd809b70c |
| SHA256 | 99bc0c5f32731477e4eaf0d692cecb25f9408b81459c745c4fb02541dcce6507 |
| SHA512 | d2044852cbd95ef6b8f734e370bd950de7b9b548dc11affc9e2e516529de842b37f721d0eac3d614590233992ed0b4df23ef256fca982396abe71345a9b7acb0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\9enwga8g.default-release\activity-stream.discovery_stream.json
| MD5 | 789d4b8dcf5ccd85abd5e5d0afe68e93 |
| SHA1 | cf2a5c8dac2f1fdcac953d16dcfee4c2de829def |
| SHA256 | dc0181c071147e8995efe35a11dc12251cb8539bd73e3a6b588d2c943e728d00 |
| SHA512 | 06c3469dc92600841a0c75d34a763908b2f3beb65bd5aa4fe4572f12d3335efb0fc46d568cc7783e42ee2cea1ffd7d9c1bdb84baee6005b90d96b2c4d4cc69f9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\prefs.js
| MD5 | bbcacf7f73b0a507ac3add53d54ae5cf |
| SHA1 | a20b164adae0381a1eefea8c6a541bb944946cce |
| SHA256 | 59cb63aab569b8f37d995f7c1b22d7eca60c5b4cfaea937e3636b09b443aa2ca |
| SHA512 | bd9c4cc2f97944affff9e516591352c9da7fef4b904a9992687b985eb3beafe6118d3bcc865c5ebbf56842e4a6a9275d10feca8cd23f4bc3c89957d82a64823c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\prefs.js
| MD5 | 070f9891b07d233e41f5255e20b4da14 |
| SHA1 | cd1f6b29506fdf052a385e2a44459d36b1e22f6a |
| SHA256 | 990fb1bca13a6c12946159a48c06539e8914bef813cb4e04f9b37dfe86726314 |
| SHA512 | d8ba452be765b1c742866b3bf5dfc8bc84f225df47280c43fdd85038aa35ce6c81ffa15164e58a94e97a731e3c2509f0f161f93bb65d5209455453642513ff41 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0feb3ff29c622255fea9de1ad9796d5c |
| SHA1 | adeacc1429fd9fcf73c04858e72dc9c18d9f5633 |
| SHA256 | 0a548cb00e1074d4afa244540731ebeeb6fa9cb10d3d00d92d28b8ce55294087 |
| SHA512 | 43fc4b6c0968e59f63ee4d1134ae67848c8fb2d7992670d0495b33ba9079934f4aa1df1789732a81a132ca155bf6ff310af1faad29b3cbd3a64f026b5f4e5eb0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 4f3c3424b3e604f64048cac0950edf41 |
| SHA1 | 4a500888a1dd20eb89d3f506fa14bafc18d25a0b |
| SHA256 | 9a4028162456ed746c83e920a1b7e012c324f31cd126d8fe906374263d01ece3 |
| SHA512 | bdfd50bbfafe37563c5cb7c0eb3aebcb64161f06ca011752ebe7934688453d62fe82961b38e40dea52d39fca9b13d57db4e5daf8b74197f443f0a883293daa45 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\prefs-1.js
| MD5 | 2ef9a19a0d218538ba340b6af558452d |
| SHA1 | 5195ef52b841162e493702dd0cf38e15e52b71b1 |
| SHA256 | d0eb2f4bedb453f7a58e1b3c4fae92d1cca28136749bc492d03c97e969b40957 |
| SHA512 | 152cf9da9b1c684691adc42f1e9e0c439ec9197873d2c7b166c6848b9e852f92d954976c103c70d1bc27eeb77a02e22a4065851e791880d567c75d03dc610b99 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\AlternateServices.bin
| MD5 | 64a750fc5fcac3205d8d1da15952422d |
| SHA1 | 7bcd9fe27dff222e4f8790bd17e334090b20777c |
| SHA256 | 69bbf721918cf4af9dde99ba4fc553e0eed72bd23f33c64d071a7189eb5ebd3f |
| SHA512 | 030dd7859d6d11a8c088ca79b2c4402e41e2fae37cab1ae19052f90a3d0ba3b780e0e152ee58ccb5078106848a897e6b0756e5fb4ead8649407ced0892c30886 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e7b7ef441f3782fdfe8e402451da3836 |
| SHA1 | b1bf6e445faeadbd2b226dc4d02f3fcfdcfb1234 |
| SHA256 | f4dbb55dfc6617de6206999fec7f3d3cf077bbae8fd858bc47c03956d1992b1a |
| SHA512 | eee39e24d36dc17f94c65de1b180eaaf502c5e8944425f861a80e2872c6fd0ac4740495468ae1eb6f58f6bf2f7770d216479329d4efea11c9a235ea2b949a1ea |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f9b5203d5d6e0a9d9bbef82bbd5d68cf |
| SHA1 | d0f3d7bdbe0a7bb8722245797a91e85660d034f0 |
| SHA256 | 2230990b7a83a8dac879bfa7948d788ee75c20286612c359f9faa7df86bbcbf2 |
| SHA512 | ccc6b7dbaea6cd39069885d2790404cde994924979a6b544e41cf96cf13a850260bde6448e413f73e57ef265f00b0e12664f6c02459d9bb8089f73751a0d1691 |
C:\Users\Admin\Downloads\ZRaC6I4I.zip.part
| MD5 | ec4664390448337d71769194af639955 |
| SHA1 | 4d8a4f28ec06e40cd2fd8b640e5dc0c11a49bc49 |
| SHA256 | b86ea670802afdf90e83214e6c8867d52729771cf1a71520c6470ebe2d1976ae |
| SHA512 | f883472bd94a4ebdc89d10e30ce9bc3411f5f13cb6f35dab959574342e6bdeff7de0c7bc3a7c9887310bdbbd6aab534a831f7773804a37c840b165755b4612b1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3e2ec3d79f6b54f04324cfeb23f48fc0 |
| SHA1 | ea9deefbc231355b89079520e080cd0cc107fbfe |
| SHA256 | b80d937480428a5015fb52de7aed77018466b8004d2526e897fd789baa204693 |
| SHA512 | 18d4afba93adbf78edd1d7fb59bec3b5dcd0133b54cc34cc5fad2e16990152fb3199b0baaf6f09bb07df19e3592e708949898fbf1ed02bf2e9ca2b40ff311a78 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f5fdde97dfe89fa5a246caed192af498 |
| SHA1 | 456354d2e1d1539f240404d3b69f8b7987ab99db |
| SHA256 | 4f7ed7a1d4cda718aef8c1e6f2f8839a88992a3029a80a5ec9fb6ea86912b0a0 |
| SHA512 | 90de3ff99f1abd318134ac805f89d1264031aba02e126ebfed11b0d99d3d6d0eb174b92de2de074af8092162dcb97e5952df903ce08ae4ca28551591681d0314 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | bb117f078cf6541408b5dd63cdf219fb |
| SHA1 | 49312a28b9326c74c0eced49ced7544dcfcd842d |
| SHA256 | 38c7fea40ec170898216c8fd5aae0c77bb2e12f68e539dd4e425c1ce362179dd |
| SHA512 | 7bcefddfd74347ab5de7fbbae5290a83ea19ffa5a21a815eda4931bc42694c553ec7232af687a00c955dcd02758f9dedfb80e57bd80f8073d21bbe313a2af031 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 6671fc8bde1033bbbeac07bcbad995e1 |
| SHA1 | a4f7858cbc2d104ec70bc3d78b908549581f3020 |
| SHA256 | ddcbf2fd9117afb55c8b969bdafdd875e537dd5689aea56557cc85c9d0901523 |
| SHA512 | bb386aa32368bb09845fc8a539967842ed70bd0bcd355711a08a1a6bcc506013cc193280a879c39b4b47b66458a485b7af24307528b2c8fc8863ced0fee5ff04 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e3a2435580634d20b8096c6d1098a28d |
| SHA1 | 47ef139daf55976ab87375a9e6a1a2bc294f948f |
| SHA256 | 97ee4cab30b4b457c0e156bf66a6f29a8ae4e787f06791a208cd92a0fe318a2a |
| SHA512 | 3f680c5e0d77f2846e6563aca0f4ccfba35a82b5d4786062b3aace29143c00183251c3da0fb6accd8ecf8eb83635685fb445d32bf17f5534472f100d5e60f8a2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 870a60c2b89c5c94aaeee8dc564a8d73 |
| SHA1 | 0a419d6ae9152b132bc68b71067d6dab8b6c8ade |
| SHA256 | 61ebff2740ab95c035451f151192616183f35418ea1d2e732033fd5833cd2b88 |
| SHA512 | 337460b11104248e5f51fa24c4e82b17543ccebaee50de37470a7bfe01982ab5944ff1a3b93064df6bbb33acf207a98bbccb95b04d5adad4680cf33c72d8991e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e8dbbb144bc599f185190fdc80bf2f70 |
| SHA1 | 73e504cffe11df1e660271201a6dd4a664621522 |
| SHA256 | 7c61cd0bab6715be6b27feefbef9c8029948f925f1c40a21631a74dfc6adb151 |
| SHA512 | 5b7c71c2caa552d3916a0b912c352cedc141e217395a163a3bf46ddd2a5cb862e68731d4e7abe82e19bdabe41d74a225e6f910aa46c622edebf46e81fdcd8bd1 |
C:\Users\Admin\Downloads\Nezur.VNK1QDE8.zip.part
| MD5 | 291dd685dd75efefce8e6f5acf073e02 |
| SHA1 | 7f22a5c24a99e4fa9d1e70d9dfc846ba186e8cb4 |
| SHA256 | f173df317a0168b9306f6167ac00bffafa15ee10a820b22f1ce0a2411a087cd2 |
| SHA512 | af04fcd1ef61b31f889cf970cc00f801324f8035564becb9d4bd7e5939e13ba5baba8ce8de8586e4982655fab863fddfc20f4f69b54618a338687bcd5fdd42e3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9enwga8g.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a7d94f1ccf2fe6178b81322508937eb8 |
| SHA1 | eec3f3d98c313d3c4b1b2b171f6b8683a7be5d06 |
| SHA256 | f717da3d8801728ddcf35b67d560bc4edc368e53a0c6a1d89c14c14ba3a15dbb |
| SHA512 | 5f2f6c2cced94c8a955b6b19e702b2fd4b5dc4e32276934b1f53e542497d31cd1318f395bccabc88ef6c4943d2373eea3af2f114f036aa78dc7b376b081d1259 |
memory/3172-1671-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1701-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1700-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1712-0x0000000002BE0000-0x0000000002BE1000-memory.dmp
memory/3172-1713-0x0000000002BE0000-0x0000000002BE1000-memory.dmp
memory/3172-1711-0x0000000002BE0000-0x0000000002BE1000-memory.dmp
memory/3172-1699-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1698-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1697-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1696-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1695-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1694-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1693-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1692-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1691-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1690-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1689-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1688-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1687-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1686-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1685-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1684-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1683-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1682-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1681-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1680-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1679-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1678-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1677-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1676-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1675-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1674-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1673-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1672-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1670-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1669-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1668-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1667-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1666-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1665-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1664-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1663-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1662-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1661-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1660-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1659-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1658-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1657-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1656-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1655-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1654-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1653-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1652-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1651-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1650-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1649-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1648-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1647-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1646-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1645-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1644-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1643-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1642-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1641-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1640-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1639-0x000000007F240000-0x000000007F250000-memory.dmp
memory/3172-1638-0x000000007F240000-0x000000007F250000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 17471269bc647d0fa40a4e33026d1a40 |
| SHA1 | 4553e5d5a88f7e37bfb008e823a759b3468ac5a8 |
| SHA256 | 9dfae44ae9c07085910e7460ef15ac07968273d80ba4e4ae3991172852dd09de |
| SHA512 | 5264c553b47de52a1ade772673e79c0bd512f1987f08661517f1513555701b8895025cd95e1c39220e0fbfe03ea604934374b0d75345c23e6c5202b61e53f734 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | e761c395817eae5802abad6ed3df515c |
| SHA1 | 73405f271bc6294c626f999d8eadd5a722e5c71b |
| SHA256 | 6550f3d3da574fe543fc0ff03e7dfa773d1d5f8aaa521a25f85c380190aaaab3 |
| SHA512 | 955d0bdf5ae76f2d34699a581401d138e8cd69c48d8573b34cef8a288915666903fb30d9abbdb0866c3375a3e457450e8a57ed2e3e524a30550e743d28b536de |