# Solution
after unziping the `firefox.zip` file I got a firefox profiles data
so i started viewing the `sqlite` dbs u can read more about it here [firefox Forensics](https://resources.infosecinstitute.com/firefox-and-sqlite-forensics/)

so i started with `places.sqlite` to see the history and i noticed that there is links to [cyberchef](https://gchq.github.io/CyberChef/)
which are
```
https://gchq.github.io/CyberChef/
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,13)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,13)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,14)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,12)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,11)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,11)To_Hex('Space',0)
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,11)To_Hex('Space',0)&input=ZDc1Mzc1MzQ2NGY1MzNmNDEzNTM5NTEzZjU5NTMzZjRmNDEzMzVmNTI1NDM3NTE1Yjc5NWE1ZTQ1NDQ0MDUzNA
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,11)To_Hex('None',0)&input=ZDc1Mzc1MzQ2NGY1MzNmNDEzNTM5NTEzZjU5NTMzZjRmNDEzMzVmNTI1NDM3NTE1Yjc5NWE1ZTQ1NDQ0MDUzNA
https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,11)To_Hex('None',0)Reverse('Character')&input=ZDc1Mzc1MzQ2NGY1MzNmNDEzNTM5NTEzZjU5NTMzZjRmNDEzMzVmNTI1NDM3NTE1Yjc5NWE1ZTQ1NDQ0MDUzNA
```
so the operations were :
* reverse
* from hex
* rot 13

after viewing them i applied the operations on the hash so i got this
`https://gchq.github.io/CyberChef/#recipe=Reverse('Character')From_Hex('Auto')ROT13(true,true,15)&input=ZDc1Mzc1MzQ2NGY1MzNmNDEzNTM5NTEzZjU5NTMzZjRmNDEzMzVmNTI1NDM3NTE1Yjc5NWE1ZTQ1NDQ0MDUzNA`

# flag
`RESTCON{FL4G_H1DD3N_1N51D3_URL5}`