Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49737 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49746 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49767 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49774 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49776 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49779 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 3.164.68.56:443 -> 192.168.2.5:49777 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49782 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49781 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49783 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49955 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49959 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49958 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49960 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49961 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49962 version: TLS 1.2 |
Source: | Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 00000006.00000003.2512673438.0000020D68673000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2522370750.0000020D69200000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.6.dr |
Source: | Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 00000006.00000003.2512673438.0000020D68673000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2522370750.0000020D69200000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.6.dr |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B5DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose, | 0_2_00B5DBBE |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B2C2A2 FindFirstFileExW, | 0_2_00B2C2A2 |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B668EE FindFirstFileW,FindClose, | 0_2_00B668EE |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B6698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime, | 0_2_00B6698F |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B5D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, | 0_2_00B5D076 |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B5D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose, | 0_2_00B5D3A9 |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B69642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, | 0_2_00B69642 |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B6979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose, | 0_2_00B6979D |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B69B2B FindFirstFileW,Sleep,FindNextFileW,FindClose, | 0_2_00B69B2B |
Source: C:\Users\user\Desktop\file.exe | Code function: 0_2_00B65C97 FindFirstFileW,FindNextFileW,FindClose, | 0_2_00B65C97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.246.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.80.46 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 152.195.19.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.250.72.110 |
Source: global traffic | HTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=995099751×tamp=1725618730266 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1726223527&P2=404&P3=2&P4=Pi3s95lI%2fu3EpbG1ZNe4TvAMJSTBKzS3ImeC0FCQ%2fzy6laI1jD%2fACF67Kv3wBH3v2jTLAeraXOfxeTZ21HxHyw%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: bS7S89lTRdsEUnldXvNCAnSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ProductCategoriesSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8 |
Source: global traffic | HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kRd+8N8XNlUL4Xo&MD=U1Kl3m5H HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kRd+8N8XNlUL4Xo&MD=U1Kl3m5H HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: global traffic | HTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive |
Source: global traffic | HTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2325647251.0000020D65F35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2325647251.0000020D65F35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube) |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2518967351.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2518967351.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter) |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2518967351.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube) |
Source: d57291ff-4efc-4c0d-93f6-36689279b659.tmp.8.dr | String found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube) |
Source: 000003.log7.8.dr | String found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook) |
Source: 000003.log7.8.dr | String found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin) |
Source: 000003.log7.8.dr | String found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube) |
Source: firefox.exe, 00000006.00000002.3347250129.0000020D64E03000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000006.00000002.3347250129.0000020D64E03000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: *://www.google-analytics.com/analytics.js**://ssl.google-analytics.com/ga.js*://auth.9c9media.ca/auth/main.js*://s0.2mdn.net/instream/html5/ima3.js@mozilla.org/addons/addon-manager-startup;1pictureinpicture%40mozilla.org:1.0.0*://track.adform.net/serving/scripts/trackpoint/*://static.chartbeat.com/js/chartbeat.js*://static.chartbeat.com/js/chartbeat_video.js*://connect.facebook.net/*/all.js**://www.google-analytics.com/gtm/js**://pub.doubleverify.com/signals/pub.js*webcompat-reporter%40mozilla.org:1.5.1https://smartblock.firefox.etp/facebook.svg*://*.imgur.com/js/vendor.*.bundle.jshttps://smartblock.firefox.etp/play.svg*://static.criteo.net/js/ld/publishertag.js*://*.imgur.io/js/vendor.*.bundle.js*://web-assets.toggl.com/app/assets/scripts/*.jsFileUtils_closeAtomicFileOutputStreamFileUtils_closeSafeFileOutputStreamresource://gre/modules/FileUtils.sys.mjsresource://gre/modules/addons/XPIProvider.jsm*://www.everestjs.net/static/st.v3.js**://cdn.branch.io/branch-latest.min.js**://libs.coremetrics.com/eluminate.jswebcompat-reporter@mozilla.org.xpi*://connect.facebook.net/*/sdk.js**://c.amazon-adsystem.com/aax2/apstag.js*://www.googletagmanager.com/gtm.js**://www.google-analytics.com/plugins/ua/ec.js*://www.rva311.com/static/js/main.*.chunk.jsbrowser-shutdown-tabstate-updated equals www.facebook.com (Facebook) |
Source: firefox.exe, 00000006.00000003.2281138918.0000020D65F3A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2482850332.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000006.00000003.2518967351.0000020D65F31000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Wikipedia"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Reddit"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{"title":"Twitter"}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></sectio |