URL:

http://friendtrips.com/__media__/js/netsoltrademark.php?d=https://klen-house.ru

Full analysis: https://app.any.run/tasks/cc279ed9-c0c6-4fbf-9f3b-5c19e188aa51
Verdict: Malicious activity
Analysis date: January 23, 2024, 15:35:09
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

F090A978AADB0FFA3C12201CDAD9BB1C

SHA1:

778414805E2E691E9D9E253ADDFF5EC8A9959247

SHA256:

01EE39D6CC07C2791816330E75884A7AF04D1DD2C3233DD9E8FBC645F286DF11

SSDEEP:

3:N1KYc+hh9vZKLvSC2ebwCMfUAUrA:CYdLXfUS

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    • Application launched itself

      • chrome.exe (PID: 3780)
      • firefox.exe (PID: 2640)
      • firefox.exe (PID: 3264)
      • firefox.exe (PID: 1036)
      • firefox.exe (PID: 2788)

    • Manual execution by a user

      • firefox.exe (PID: 3264)
      • chrome.exe (PID: 3780)
      • wmpnscfg.exe (PID: 2768)

    • Checks supported languages

      • wmpnscfg.exe (PID: 2768)

    • Reads the computer name

      • wmpnscfg.exe (PID: 2768)

    • Executable content was dropped or overwritten

      • firefox.exe (PID: 2788)

    • Drops the executable file immediately after the start

      • firefox.exe (PID: 2788)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
88
Monitored processes
52
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs wmpnscfg.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
296"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.15.1706878365\353097776" -childID 12 -isForBrowser -prefsHandle 4512 -prefMapHandle 3252 -prefsLen 32540 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97bc52c4-7d66-4f2c-8d50-126ed65d93a1} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 4532 12243b20 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
392"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.26.759459661\1472958313" -childID 22 -isForBrowser -prefsHandle 8216 -prefMapHandle 4240 -prefsLen 32540 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3235445d-f563-4cfa-b694-b4198fa85271} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 7560 20f6d6d0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
568"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1036.1.693756049\225345816" -parentBuildID 20230710165010 -prefsHandle 1412 -prefMapHandle 1408 -prefsLen 28600 -prefMapSize 244195 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4979acaf-9908-4de1-82d7-3d5233c6d05b} 1036 "\\.\pipe\gecko-crash-server-pipe.1036" 1424 d31c3f0 socketC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
572"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.10.1025967326\1952334876" -parentBuildID 20230710165010 -prefsHandle 8468 -prefMapHandle 8516 -prefsLen 36254 -prefMapSize 244415 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cfb55778-bdc9-4cde-932d-7fbfdf668119} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 8436 16f482e0 rddC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
876"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.5.192300849\1423829317" -childID 4 -isForBrowser -prefsHandle 3796 -prefMapHandle 3800 -prefsLen 30767 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d32ad4e-d277-45de-a7e3-a98ed7c72988} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 3764 1990cc90 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
900"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.7.459298025\2128926637" -childID 6 -isForBrowser -prefsHandle 4248 -prefMapHandle 4244 -prefsLen 30767 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a4a62e49-7be4-4423-a218-55a548bc9516} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 4260 1b1c2280 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1028"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.24.416483853\1802472711" -childID 20 -isForBrowser -prefsHandle 4364 -prefMapHandle 212 -prefsLen 32540 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {881a3976-ddf4-482f-9cf1-bdbf777f7b8a} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 7780 1e8a19b0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1036"C:\Program Files\Mozilla Firefox\firefox.exe" http://friendtrips.com/__media__/js/netsoltrademark.php?d=https://klen-house.ruC:\Program Files\Mozilla Firefox\firefox.exe
firefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1268"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1036.0.1821589554\1709301319" -parentBuildID 20230710165010 -prefsHandle 1116 -prefMapHandle 1108 -prefsLen 28523 -prefMapSize 244195 -appDir "C:\Program Files\Mozilla Firefox\browser" - {06fb766c-0561-4091-8790-8b8088638b27} 1036 "\\.\pipe\gecko-crash-server-pipe.1036" 1204 d3a9d80 gpuC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
1
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1408"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2788.21.120187856\668576873" -childID 17 -isForBrowser -prefsHandle 7728 -prefMapHandle 7724 -prefsLen 32540 -prefMapSize 244415 -jsInitHandle 884 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8a35dce0-079d-49e7-89e0-1134e4c6a592} 2788 "\\.\pipe\gecko-crash-server-pipe.2788" 7740 1c8449b0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
Total events
42 947
Read events
42 840
Write events
107
Delete events
0

Modification events

(PID) Process:(2640) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
Value:
2166C0A101000000
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Browser
Value:
044CC1A101000000
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
Value:
0
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\DllPrefetchExperiment
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe
Value:
0
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\PreXULSkeletonUISettings
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Theme
Value:
1
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\PreXULSkeletonUISettings
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Enabled
Value:
1
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|DisableTelemetry
Value:
1
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|DisableDefaultBrowserAgent
Value:
0
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|SetDefaultBrowserUserChoice
Value:
1
(PID) Process:(1036) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|AppLastRunTime
Value:
D14E5F3C23B0D901
Executable files
4
Suspicious files
335
Text files
97
Unknown types
6

Dropped files

PID
Process
Filename
Type
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.jstext
MD5:60E0DE9E05EC76C749D80F0D15A81B21
SHA256:08252FA62CCCCD316474E20CC7317A6B5C932B2C972234318E8CCDA39EC2EF48
1036firefox.exeC:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.binbinary
MD5:B7A3C61D0C144CC5E166B1E769CA8F8C
SHA256:7FADCB77FFACA6B9E9F15C6F1CD3AAD4C20DCD90FA92429A627A3A7110CA2644
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.jstext
MD5:60E0DE9E05EC76C749D80F0D15A81B21
SHA256:08252FA62CCCCD316474E20CC7317A6B5C932B2C972234318E8CCDA39EC2EF48
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.jsonbinary
MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
SHA256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\glean\db\data.safe.binbinary
MD5:7FBA44CB533472C1E260D1F28892D86B
SHA256:14FB5CDA1708000576F35C39C15F80A0C653AFAF42ED137A3D31678F94B6E8BF
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage.sqlite-journalbinary
MD5:173226055C3EE01BBA69F6035A6F5126
SHA256:8048E13F73633C662138616882240B6EED37757A956DCCDDC9D7E0BB394935AD
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\datareporting\glean\db\data.safe.tmpbinary
MD5:7FBA44CB533472C1E260D1F28892D86B
SHA256:14FB5CDA1708000576F35C39C15F80A0C653AFAF42ED137A3D31678F94B6E8BF
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cert9.db-journalbinary
MD5:B9BFF3AC57AB4234E1FF298C9D744E0F
SHA256:94BE542F6D0DCDDC15FD7248B17F0DD23706D2E62DFFFD1BC81ECB8B9A5EC40B
1036firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
MD5:
SHA256:
1036firefox.exeC:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\activity-stream.discovery_stream.jsonbinary
MD5:F1FDC0E8D5C4F50CC338293289FD8ABC
SHA256:20A6DB033B2C1B25028A2AF3F2A84AB956335D79ED18ACA4650B53D22F3BE226
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
73
TCP/UDP connections
209
DNS requests
370
Threats
1

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1036
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
US
text
8 b
unknown
1036
firefox.exe
POST
200
184.24.77.61:80
http://r3.o.lencr.org/
DE
binary
503 b
unknown
1036
firefox.exe
POST
200
184.24.77.61:80
http://r3.o.lencr.org/
DE
binary
503 b
unknown
1036
firefox.exe
POST
200
142.250.186.163:80
http://ocsp.pki.goog/gts1c3
US
binary
472 b
unknown
1036
firefox.exe
GET
200
208.91.197.23:80
http://friendtrips.com/__media__/js/netsoltrademark.php?d=https://klen-house.ru
VG
html
3.92 Kb
unknown
1036
firefox.exe
POST
200
142.250.186.163:80
http://ocsp.pki.goog/gts1c3
US
binary
472 b
unknown
1036
firefox.exe
POST
18.245.65.219:80
http://ocsp.r2m02.amazontrust.com/
US
unknown
1036
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/canonical.html
US
text
90 b
unknown
1036
firefox.exe
POST
200
184.24.77.61:80
http://r3.o.lencr.org/
DE
binary
503 b
unknown
1036
firefox.exe
GET
404
208.91.197.23:80
http://friendtrips.com/favicon.ico
VG
text
10 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
1036
firefox.exe
34.107.221.82:80
detectportal.firefox.com
GOOGLE
US
whitelisted
1036
firefox.exe
34.117.237.239:443
contile.services.mozilla.com
GOOGLE-CLOUD-PLATFORM
US
unknown
1036
firefox.exe
172.217.16.202:443
safebrowsing.googleapis.com
whitelisted
1036
firefox.exe
34.107.243.93:443
push.services.mozilla.com
GOOGLE
US
unknown
1036
firefox.exe
44.217.199.112:443
spocs.getpocket.com
AMAZON-AES
US
unknown
1036
firefox.exe
208.91.197.23:80
friendtrips.com
CONFLUENCE-NETWORK-INC
VG
unknown
1036
firefox.exe
34.149.100.209:443
firefox.settings.services.mozilla.com
GOOGLE
US
unknown

DNS requests

Domain
IP
Reputation
detectportal.firefox.com
  • 34.107.221.82
whitelisted
friendtrips.com
  • 208.91.197.23
unknown
prod.detectportal.prod.cloudops.mozgcp.net
  • 34.107.221.82
  • 2600:1901:0:38d7::
whitelisted
example.org
  • 93.184.216.34
whitelisted
ipv4only.arpa
  • 192.0.0.170
  • 192.0.0.171
whitelisted
contile.services.mozilla.com
  • 34.117.237.239
whitelisted
spocs.getpocket.com
  • 44.217.199.112
  • 3.212.217.125
  • 54.84.160.220
  • 52.72.126.31
  • 44.213.46.170
  • 3.215.146.197
  • 44.219.163.204
  • 3.216.15.175
shared
proxyserverecs-1736642167.us-east-1.elb.amazonaws.com
  • 44.217.199.112
  • 3.212.217.125
  • 54.84.160.220
  • 52.72.126.31
  • 44.213.46.170
  • 3.215.146.197
  • 44.219.163.204
  • 3.216.15.175
shared
firefox.settings.services.mozilla.com
  • 34.149.100.209
whitelisted
prod.remote-settings.prod.webservices.mozgcp.net
  • 34.149.100.209
whitelisted

Threats

PID
Process
Class
Message
2788
firefox.exe
Not Suspicious Traffic
INFO [ANY.RUN] Cloudflare turnstile CAPTCHA challenge
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
http://friendtrips.com/__media__/js/netsoltrademark.php?d=https://klen-house.ru