Add-ons malware ping

This ping is generated by an add-on created by Mozilla and shipped to users on older versions of Firefox (44-46). The ping contains information about the profile that might have been altered by a third party malicious add-on.


  type: "malware-addon-states",
  clientId: <UUID>,
  environment: { ... },
  // Common ping data.
  payload: {
    // True if the blocklist was disabled at startup time.
    blocklistDisabled: <bool>,
    // True if the malicious add-on exists and is enabled. False if it
    // exists and is disabled or null if the add-on was not found.
    mainAddonActive: <bool | null>,
    // A value of the malicious add-on block list state, or null if the
    // add-on was not found.
    mainAddonBlocked: <int | null>,
    // True if a malicious user.js file was found in the profile.
    foundUserJS: <bool>,
    // If a malicious secmodd.db file was found the extension ID that the // file contained..
    secmoddAddon: <string | null>, .
    // A list of IDs for extensions which were hidden by malicious CSS.
    hiddenAddons: [
    // A mapping of installed add-on IDs with known malicious
    // update URL patterns to their exact update URLs.
    updateURLs: {
      <extensionID>: <updateURL>,